Report - cutwin.org/809vdER

Report Overview

Submitted URL
cutwin.org/809vdER
IP
172.67.157.32
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 02:41:19
Access
public
Website Title
CutWin | Custom URL Shortener, Link Management & Branded Links
Final URL
cutwin.org/809vdER
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sarcasticnotarycontrived.com	unknown	2022-08-11	2022-08-11	2024-03-23	1.8 kB	50 kB	172.240.108.68
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-04-25	412 B	7.0 kB	104.16.80.73
supervisebradleyrapidly.com	unknown	unknown	No data	No data	2.5 kB	5.8 kB	172.240.253.132
belongedenemy.com	unknown	unknown	No data	No data	2.5 kB	5.7 kB	192.243.59.13
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	2.1 kB	88 kB	216.58.207.227
d1tt3ye7u0e0ql.cloudfront.net	unknown	2008-04-25	2023-08-13	2024-02-27	1.1 kB	56 kB	54.230.241.227
onservantasr.info	unknown	unknown	No data	No data	962 B	1.8 kB	54.230.111.88
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-25	493 B	293 B	35.158.46.84
pogothere.xyz	unknown	2022-08-22	2022-09-04	2024-04-24	826 B	310 kB	104.21.24.208
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-25	1.9 kB	324 kB	142.250.74.35
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	443 B	8.3 kB	142.250.74.164
cloudflareinsights.com	84344	2019-08-30	2020-10-23	2024-04-25	1.0 kB	231 kB	104.16.79.73
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	435 B	1.5 kB	142.250.74.106
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-24	1.8 kB	380 kB	45.133.44.9
navigateconfuseanonymous.com	unknown	2024-04-24	2024-04-25	2024-04-25	2.5 kB	5.8 kB	172.240.253.132
accounts.google.com	81	1997-09-15	2016-03-20	2024-04-25	3.7 kB	64 kB	108.177.14.84
www.recaptcha.net	2060	2007-01-06	2012-07-11	2024-04-25	2.4 kB	263 kB	142.250.74.131
quitesousefulhe.info	unknown	2024-03-31	2024-03-31	2024-04-01	986 B	1.3 kB	104.21.13.159
cutwin.org	unknown	unknown	No data	No data	7.0 kB	710 kB	104.21.42.54
jumpedanxious.com	unknown	unknown	No data	No data	2.5 kB	5.7 kB	172.240.108.68

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	navigateconfuseanonymous.com	Sinkholed
2024-04-26	medium	navigateconfuseanonymous.com	Sinkholed
2024-04-25	medium	belongedenemy.com	Sinkholed
2024-04-25	medium	belongedenemy.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (44)

	URL	Size	First Seen	Last Seen
	static.cloudflareinsights.com/beacon.min.js	19 kB	2024-04-24	2024-05-05
Pretty URL static.cloudflareinsights.com/beacon.min.js IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:56:41 Last Seen2024-05-05 12:26:18 Times Seen384 Hash 4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192 Loading...

	unknown	145 B	2023-03-08	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:00:30 Last Seen2024-04-26 04:41:26 Times Seen20 Hash 092fe5982de6c737f495e858b4e98ef6 b93809e389ccb5b331b29ece50b1107b357fbf85 011ca7c4b671568a18161b001619763e5f4ae20db3656cf4d55d15794494b035 Loading...

	unknown	145 B	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash 34c8de6c3e4827faa6cfdfd873a47a4a c521bcf11daf884944a36816c859aa1bab524f23 bea98ee3b4f58b5c406b4194e272c850133ef0572be9a8346be40b58517caa13 Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	921 B	2024-04-24	2024-05-04
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 19:48:15 Last Seen2024-05-04 19:30:08 Times Seen99 Hash b832740e618479615e7f4ec2d6d18e95 39e2c70fbc1164d6748e0314c36691c42245c53a 66b51ffa06c4662b57b6b492d53318ac5e672cd53f52ce08e2699325eb796414 Loading...

	www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js	518 kB	2024-04-24	2024-05-05
Pretty URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:18:30 Last Seen2024-05-05 12:24:04 Times Seen7111 Hash e2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b Loading...

	www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f	72 B	2023-03-07	2024-05-05
Pretty URL www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:36 Last Seen2024-05-05 03:41:41 Times Seen3308 Hash 497770a2ab62f2aa5e9a92139301634d 49c10647ffe35e24f84f743006f162ff0fe16399 0663d282ac18b3e9d3e81725926a5310e5cae5e6954873f09b7ee193136fb5e4 Loading...

	cutwin.org/809vdER	524 B	2024-04-26	2024-04-26
Pretty URL cutwin.org/809vdER IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash 2ff6167d2ff90df7fe9831db2d7e70bf c23a8fd6794b2cd730be0723bc50c57f8fa5e999 29f26740ced672b85c3410634b0f508aa8c81e6ecad8d1834ffd511a6429967f Loading...

	cutwin.org/809vdER	32 B	2023-03-07	2024-04-26
Pretty URL cutwin.org/809vdER IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:10:16 Last Seen2024-04-26 04:41:27 Times Seen54 Hash 890d7d74804574939c399e3d9a78d055 9c47661f523c9b79f01a52bac630a4c289ddb622 bad4aa4dc28208079534e82f5bc70188afc5c48c87fecd68a16605a8b9112653 Loading...

	cutwin.org/809vdER	102 B	2023-03-07	2024-05-04
Pretty URL cutwin.org/809vdER IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:01:22 Last Seen2024-05-04 22:42:13 Times Seen67 Hash ea63ff4f4742b4aa558f8960f24321fc 11326481f53e4c7c546ea8a3b6c8c6c9d5f3173f 7fc5a11cbe7f9e9815748889cea6101fb2a2184232db2e6843d57bb0d6bf4bae Loading...

	cutwin.org/809vdER	318 B	2024-04-26	2024-04-26
Pretty URL cutwin.org/809vdER IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash 34d05fd3c5470b6292a96af748ef013b ad2278f48b610420571be38cc2b6b858558a2d3a aa326fa575b9fcb02c87319da528158eb88ab264005bcd69bc8b5f5830c5cbb8 Loading...

	www.google.com/js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js	18 kB	2024-04-18	2024-04-27
Pretty URL www.google.com/js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 11:26:44 Last Seen2024-04-27 08:11:03 Times Seen846 Hash a881e4c268e13ad20405ae80fca4c36b dee477906e2c92b4c7747029a2409069b9b676ad 63d2e26aa68933bac804050c4e0f0293f1f97e927ad4a79ac9e6a0e8b310fb77 Loading...

	cutwin.org/809vdER	318 B	2024-04-26	2024-04-26
Pretty URL cutwin.org/809vdER IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash cdc1118a91af57573bef99cc1a66a51d f7f1209af9ed177dd8313cbcb5068a22a41db162 2d682b33452f5b1dd28bfdb5c73dc40dd9560ae7a442106a005a6e9eb960317c Loading...

	unknown	196 B	2024-01-02	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-02 02:18:23 Last Seen2024-04-26 04:41:27 Times Seen5 Hash 6e463094db9e626abe79fcf8e2af371a 0af2d6282c1182244817efd115cb3851ad261a8b 1e754917c31cd1d9e6c3f242dfcd1ef470d834d556bd61721cf03ba571d38ea1 Loading...

	unknown	3.3 kB	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash 0bc7b05894e069cb8841cadbc1f76d91 3b79b5fa7c20a030e7cf362c22817d5fd122691a f95feb55af613f421bb95a326127dc743d7579c414575366245ac2e810730a26 Loading...

	www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f	37 kB	2024-04-26	2024-04-26
Pretty URL www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash 945abae81fb4cb94aab2e7e4ce7b3cdc f1bbbfebd9ab79c00e5c594d0d7eec69164a636a 9958a796aff5cef21ee68df1207fea128a6edf352302f386f3a18a9a06a1a2fd Loading...

	sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js	31 kB	2024-04-26	2024-04-26
Pretty URL sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:28 Times Seen2 Hash b66e03f21f0fcd47cfd268509b23f5d5 bc4e06a165d5dba6d013d02c07f64b534b4cd8df b80ba2107a22f74a404d11ee69175cee036e89ddc230ed78de057a2f6ab3f232 Loading...

	cutwin.org/809vdER	1.1 kB	2024-04-26	2024-04-26
Pretty URL cutwin.org/809vdER IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash a94b7435cf670f422caa92e53b0711c9 945f61ae66bdf10a17a95c5564d31b16b51eb555 811415498c93583df2da77a574049a080a53d8f587de54118df6c01bbca539e0 Loading...

	sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js	31 kB	2024-04-26	2024-04-26
Pretty URL sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:28 Times Seen2 Hash 589f00b44314b0385fb58bc0de960738 4f03695cd3e8b4e5a029015723ea4a8d46743eb0 0813f5d6f7078005ea9a90d99b9f9292aeaf020b136f25806ab4bb0f6c03723f Loading...

	sarcasticnotarycontrived.com/06749197bd890c2748ee08022147a644/invoke.js	31 kB	2024-04-26	2024-04-26
Pretty URL sarcasticnotarycontrived.com/06749197bd890c2748ee08022147a644/invoke.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:28 Times Seen2 Hash 0696f9c0a7566f24d8e4595c50268427 197acefb62f78497624ba32f3b98611555f19ceb dbe4ccdc4a3724e77a87af040f83b90e5d32293c289959eb01aabb95a137d6c5 Loading...

	cutwin.org/js/ads.js?ver=6.6.2	218 B	2023-09-09	2024-04-28
Pretty URL cutwin.org/js/ads.js?ver=6.6.2 IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-09 21:18:47 Last Seen2024-04-28 02:13:27 Times Seen24 Hash 9e7e54b2d6fc22c0022b88b7125cbe03 236c6e87760ac733a938cb1897d3a7cb6fc5c86c 519204a7ecc3dc77ded647aa00567d6bf8c587049f389b1936914f7fab44c6fa Loading...

	cutwin.org/cloud_theme/build/js/script.min.js?ver=6.6.2	226 kB	2023-08-08	2024-05-03
Pretty URL cutwin.org/cloud_theme/build/js/script.min.js?ver=6.6.2 IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 07:16:33 Last Seen2024-05-03 16:34:17 Times Seen16 Hash b5fb533a099b996d8c42cea166b70759 d56e5e199429ffe824dfd4ba3bf995116e4fa12b 5680a168e2ed7fed4a1a6426eee556785a6dee0f7243a68491b8a51bbd3b552a Loading...

	cutwin.org/809vdER	398 B	2024-04-26	2024-04-26
Pretty URL cutwin.org/809vdER IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash c4b35176107e9c40a01499768544e1d9 7ea388268cc24b49e25824928fc0f300772890ab 47ad83133914d947d7782c3a052dc325cc167d0839c27fdddbe7f51e71bb5900 Loading...

	cutwin.org/809vdER	361 B	2024-04-26	2024-04-26
Pretty URL cutwin.org/809vdER IP 104.21.42.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash 4e37ab492a729037963e1a9a51cd695c cae405d70ce06d1f4e42f9e38b19ee09e2f598b8 5885bc501663776d823622e839a4f499940a7f2f4619934f56576e26210abefe Loading...

	cutwin.org/sandbox%20eval%20code	147 B	2023-04-11	2024-05-05
Pretty URL cutwin.org/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-05 12:26:18 Times Seen344907 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-05
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-05 12:26:18 Times Seen344401 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	3.3 kB	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash 1226974660a23a4d9000cddd56f7b83c b73a0c827c191c1e4c658308156d7bec98b05019 eb3ce4ed5e4c660059b12da135fccb971ff555b1d888582da65e9775a174fffb Loading...

	unknown	3.4 kB	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:27 Times Seen1 Hash dcedb5f2f4a22683a1cfee934bce3c34 477c01e62e75cd4122f56eaab70f64924821c83a ea9d58ba1c48c3739cda1af56041aef3320112a5b892b94727ebb77bfe81b400 Loading...

	www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9	0 B	2023-03-07	2024-05-05
Pretty URL www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9 IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 12:26:40 Times Seen37358626 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	d1tt3ye7u0e0ql.cloudfront.net/?eyttd=996536	168 kB	2024-04-26	2024-04-26
Pretty URL d1tt3ye7u0e0ql.cloudfront.net/?eyttd=996536 IP 54.230.241.227 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:28 Times Seen2 Hash 517016036a66262b88ac9e425af5cfb3 a226c9f8014dab08453dd7e63f80e7cfb3859262 b8e4f7b0b635e727ad7bcc3b9f722fbe5d4c58041326895d49f09a08030abacf Loading...

	sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js	31 kB	2024-04-26	2024-04-26
Pretty URL sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js IP 172.240.108.68 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:27 Last Seen2024-04-26 04:41:28 Times Seen2 Hash 76a5b7bc3eec6c901fb8e1dd6e00b149 8f71b872cf7d0ed07a3a47fc6aa82d4cedba866b 43600fb88565ed6405af5b841cd16d0aa066bbcb7dc5a22e121b584e1ff3739c Loading...

	unknown	3.3 kB	2024-04-26	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:41:28 Last Seen2024-04-26 04:41:28 Times Seen1 Hash ee30361c0e270c59f47370a3dc3ba445 d072fe837161eb8113bbf9485235c302e543e59e 6e8d93e28a46fee0cf250effe060415913566361dc73aee5e56dbf365c0fa3f1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - dd95094459ff8bdae8e11f444811dcf7	22 B	2024-04-18	2024-04-27
Pretty Observations First Seen2024-04-18 11:26:46 Last Seen2024-04-27 08:11:02 Times Seen406 Hash dd95094459ff8bdae8e11f444811dcf7 a49187eb695d35e32a5833e3b59e83037340c33d a22b47367f53b722417f75024b83a0555347d438ae490a9ed572ed9e9594d706 Loading...

	#2 Eval - 1e8b52837b9925bcc7799159336f10c0	2.1 kB	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 04:41:28 Last Seen2024-04-26 04:41:28 Times Seen1 Hash 1e8b52837b9925bcc7799159336f10c0 0dd1f3e7efb60d344f86fd57c3beb3c4e8090431 242a17039b06c61d52d590990ddbe7d79a5a263e723bdf00be5c9dd10608853f Loading...

	#3 Eval - af54053ba8c5572ff2a352e94952b443	24 kB	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 04:41:28 Last Seen2024-04-26 04:41:28 Times Seen1 Hash af54053ba8c5572ff2a352e94952b443 08f8f9ad9c27a2c060f3c92b1f65bc29c0b3a57e 7baadf29e7caf42d1e5b0ff2c54a5212923a0a3382dd5bc747d1e47cd07de6be Loading...

	#4 Eval - fcae2b100a894e34e1da8ed810cf9e18	2.1 kB	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 04:41:28 Last Seen2024-04-26 04:41:28 Times Seen1 Hash fcae2b100a894e34e1da8ed810cf9e18 880a9c76ee717c508e9558a8807fc536c4ea84f3 f5072528b25e64f5e75aa0ac6afdfc65d84ef5ecde1f62f3956b29886e0a5976 Loading...

	#5 Eval - 7926536d9122728498ec26292be3e229	2.1 kB	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 04:41:28 Last Seen2024-04-26 04:41:28 Times Seen1 Hash 7926536d9122728498ec26292be3e229 eb9d5cf2d739dff72703d2bb46d014674c9f97db ec2d634edacc491d07fec1ba9da5183dcb590c2d61a63c3ce986675ca22c44f8 Loading...

	#6 Eval - 87ff6ea6ded216e0db7b5b2787a01101	22 B	2024-04-18	2024-04-27
Pretty Observations First Seen2024-04-18 11:26:46 Last Seen2024-04-27 08:11:02 Times Seen409 Hash 87ff6ea6ded216e0db7b5b2787a01101 b70a80d04d55507e62966a4db28171961d1e3fbd 27158427ea97ea33dddc4d03c32ba70abe0434692bbf7e8b8061c47dc519977c Loading...

	#7 Eval - a45ee29c3f74e172a230aaa6cb6a84c8	2.1 kB	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 04:41:28 Last Seen2024-04-26 04:41:28 Times Seen1 Hash a45ee29c3f74e172a230aaa6cb6a84c8 7851aff161f74d089c0b59c7982d37470645384d 9fe95c0bd6423f324084da076e6e8d1c0f0e592cb9a8e29ac34965d03a633086 Loading...

	#8 Eval - 690d5fccc0df707e9592226c90cd2e43	64 B	2024-04-18	2024-04-27
Pretty Observations First Seen2024-04-18 11:26:46 Last Seen2024-04-27 08:11:02 Times Seen408 Hash 690d5fccc0df707e9592226c90cd2e43 28cf77438278df313abfdead9e96fedb717326b2 e8a296e051765b406dda56024ee0ea00de306f3a5a41d372214ae18eedff2dce Loading...

		Size	First Seen	Last Seen
	#1 Write - 837d91daa1d6dfab3f689851cf27acad	120 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 04:41:28 Last Seen2024-04-26 04:41:28 Times Seen1 Hash 837d91daa1d6dfab3f689851cf27acad f0491017d3d07900f689bc97f8e750347e1aba15 efeae087e70166a5a80c2a56ebb7aa5b9b0069e3e466c96652dac5c5f1968de0 Loading...

	#2 Write - 6fcde136994cfb8c959ac00f761cf03b	120 B	2024-04-26	2024-04-26
Pretty Observations First Seen2024-04-26 04:41:28 Last Seen2024-04-26 04:41:28 Times Seen1 Hash 6fcde136994cfb8c959ac00f761cf03b 6bad0fb21963f98069600d86613ff7e5973a9a13 69cd04173d26454b0325dbdcda853e80e4a9a2f637c9559268bc413c5d6ce675 Loading...

	#3 Write - f328ea08ebe65680d4263e882bf3b703	20 B	2023-03-07	2024-04-26
Pretty Observations First Seen2023-03-07 12:02:01 Last Seen2024-04-26 04:41:28 Times Seen52 Hash f328ea08ebe65680d4263e882bf3b703 0070c10f8f3a3885319ce413d997888ef62d1b4a f783038c7258d592f01cd4cb2045087e4ed331cf5cab52ffd459b086a0537bf9 Loading...

	#4 Write - 23a9a19532d4d11d0162f8ff47f66385	96 B	2023-03-07	2024-05-02
Pretty Observations First Seen2023-03-07 01:06:56 Last Seen2024-05-02 23:13:21 Times Seen17175 Hash 23a9a19532d4d11d0162f8ff47f66385 39255a9f75cf85a5ce76383bab628291a9626f00 63fbe184fbb505dfd393d0292e5d1ee5f55922728fe59eef5b3d73818d6a9384 Loading...

	#5 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07	2024-05-05
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-05 05:00:30 Times Seen11676 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

HTTP Transactions (56)

URL IP Response Size

cutwin.org/img/logo1.png

104.21.42.54

200 OK

34 kB

URL GET HTTP/3
cutwin.org/img/logo1.png
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type
PNG image data, 277 x 130, 8-bit/color RGBA, non-interlaced
Size
34 kB (34282 bytes)
Hash
94baea0d26ee500d54ef4aec7ad9576f
c72ac5094921424da23052f8e16f1fe125bc1de7
768dd8e84dda93d321223ccad24d5bf2898bed4209625947124837d1fc3a887a

HTTP Headers

GET /img/logo1.png HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: image/png
content-length: 34282
x-frame-options: SAMEORIGIN
last-modified: Fri, 08 Nov 2019 23:36:42 GMT
cache-control: max-age=31536000
expires: Mon, 14 Apr 2025 21:34:13 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 968798
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T46NvX2QpEwYTRR%2FlqgtOfGfSnODNKrX%2BONLXgAQUdPpF7F6PLanv%2BJk8I9Om0JD6x091GTEEduwPIJ2zO9vd50uAStICLTer%2BPZD1LIFQs7xYn19YI%2BWZE7ikFM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e9886556c6-OSL
alt-svc: h3=":443"; ma=86400

cutwin.org/809vdER

104.21.42.54

200 OK

4.9 kB

URL User Request GET HTTP/2
cutwin.org/809vdER
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1037), with CRLF, LF line terminators
Size
4.9 kB (4884 bytes)
Hash
7f26400f42112d1aafb21ce3837d5808
6d3248239e3dd9adfe037895922fd04fd4f9cb8d
8e2e29dfa4f3cc2b17db4dd9ce5e22e3c0831bcea7479a83495746655d570a21

HTTP Headers

GET /809vdER HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; path=/; HttpOnly
ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; expires=Fri, 26 Apr 2024 02:45:52 GMT; Max-Age=300; path=/; HttpOnly
csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIE6tSfhyfZR9eNW%2BXXh7EdIqoyFtdT7ifvkEY36E6KHK8e%2FqwDQSZ95SjlRDSfSTajJkggFUTVeU9hlXwZn3vOst6%2FPpwWDinP3JPVB6u%2B4zw27%2FBkO5OUNe8iU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e408255685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 02:02:48 GMT
expires: Wed, 23 Apr 2025 02:02:48 GMT
cache-control: public, max-age=31536000
age: 261485
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 15:44:03 GMT
expires: Fri, 25 Apr 2025 15:44:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 39410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:300,400,700,900

142.250.74.106

200 OK

887 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:300,400,700,900
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
gzip compressed data, max compression
Size
887 B (887 bytes)
Hash
11ff40a492d45e7f0adbb2c02e06fb73
a564014c6ee957b06df67e91beea4c7a205a22ba
1eab2c9109773555f8a451da4590931a3972d4b47407420eac3cb738becdfb1b

HTTP Headers

GET /css?family=Lato:300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:40:52 GMT
date: Fri, 26 Apr 2024 02:40:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d1tt3ye7u0e0ql.cloudfront.net/?eyttd=996536

54.230.241.227

200 OK

54 kB

URL GET HTTP/2
d1tt3ye7u0e0ql.cloudfront.net/?eyttd=996536
IP
54.230.241.227:443
ASN
#16509 AMAZON-02

Requested by
https://cutwin.org/809vdER
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (15945)
Size
54 kB (54492 bytes)
Hash
517016036a66262b88ac9e425af5cfb3
a226c9f8014dab08453dd7e63f80e7cfb3859262
b8e4f7b0b635e727ad7bcc3b9f722fbe5d4c58041326895d49f09a08030abacf

HTTP Headers

GET /?eyttd=996536 HTTP/1.1
Host: d1tt3ye7u0e0ql.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 54492
date: Fri, 26 Apr 2024 02:40:52 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vuaJPajiesKyKSR7ps0wir7QbCfjrDYOhcMuuCY2LteoZdncRt-hlA==
X-Firefox-Spdy: h2

onservantasr.info/MEFjeVBRIwAUb1F8AV8lQi1eXGJ2ZFE/NAE1F0opVXYWSTUAMA9XM1wuFh02Qi4NDX5eJBdcYnYOMEs0WAxSGj9zAFovMXR5LDsBBTQAFRZlACQ/JHY5LS4daBgmPxVTJioePGAZICwjYRAXOB9zFDshFVsGIToBXgMxICV+EzEbEVoPIT8FWzsHFTR4GRkgPHEHFC8dWRQmIRF6OSgeHXQFDjckdTklGgB4GCY9FkMrKSgjaBMwOD9hEzEqMVkYKj5hX3YpDgp1ADE/dQIDMC8VZxs7DQB3ECkUMlwQCT89ZnYgDjhUCAk3E2U2Lg8zAQRGSxJyFi0MBnNsLi4KaDI1PyhqKiAVZWgJNB05YS0uPR1zdSY6PEg4BioWZABRI2dmcCI9Cl10NSwGZWRROx9hCCshEwk0NSozexg0LwhicTkINVdnCQo/XjFeAwF/AiVPEVUTFhEFSA

54.230.111.88

200 OK

1.2 kB

URL GET HTTP/2
onservantasr.info/MEFjeVBRIwAUb1F8AV8lQi1eXGJ2ZFE/NAE1F0opVXYWSTUAMA9XM1wuFh02Qi4NDX5eJBdcYnYOMEs0WAxSGj9zAFovMXR5LDsBBTQAFRZlACQ/JHY5LS4daBgmPxVTJioePGAZICwjYRAXOB9zFDshFVsGIToBXgMxICV+EzEbEVoPIT8FWzsHFTR4GRkgPHEHFC8dWRQmIRF6OSgeHXQFDjckdTklGgB4GCY9FkMrKSgjaBMwOD9hEzEqMVkYKj5hX3YpDgp1ADE/dQIDMC8VZxs7DQB3ECkUMlwQCT89ZnYgDjhUCAk3E2U2Lg8zAQRGSxJyFi0MBnNsLi4KaDI1PyhqKiAVZWgJNB05YS0uPR1zdSY6PEg4BioWZABRI2dmcCI9Cl10NSwGZWRROx9hCCshEwk0NSozexg0LwhicTkINVdnCQo/XjFeAwF/AiVPEVUTFhEFSA
IP
54.230.111.88:443
ASN
#16509 AMAZON-02

Requested by
https://cutwin.org/809vdER
Certificate
IssuerAmazon
Subjectonservantasr.info
Fingerprint4E:0A:E9:00:74:B8:B3:C9:4F:2A:1E:4E:6D:FA:10:D6:85:BC:6F:CE
ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3042), with no line terminators
Size
1.2 kB (1195 bytes)
Hash
f9c55dcd76d1408ddf12219919598c15
7ded25cf1d038006495a4329d883dd4b4e9ef128
0bb4267dbb890fa8e92aff073dd38b257db046f8da5351db5ca4496da6233c3b

HTTP Headers

GET /MEFjeVBRIwAUb1F8AV8lQi1eXGJ2ZFE/NAE1F0opVXYWSTUAMA9XM1wuFh02Qi4NDX5eJBdcYnYOMEs0WAxSGj9zAFovMXR5LDsBBTQAFRZlACQ/JHY5LS4daBgmPxVTJioePGAZICwjYRAXOB9zFDshFVsGIToBXgMxICV+EzEbEVoPIT8FWzsHFTR4GRkgPHEHFC8dWRQmIRF6OSgeHXQFDjckdTklGgB4GCY9FkMrKSgjaBMwOD9hEzEqMVkYKj5hX3YpDgp1ADE/dQIDMC8VZxs7DQB3ECkUMlwQCT89ZnYgDjhUCAk3E2U2Lg8zAQRGSxJyFi0MBnNsLi4KaDI1PyhqKiAVZWgJNB05YS0uPR1zdSY6PEg4BioWZABRI2dmcCI9Cl10NSwGZWRROx9hCCshEwk0NSozexg0LwhicTkINVdnCQo/XjFeAwF/AiVPEVUTFhEFSA HTTP/1.1
Host: onservantasr.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Fri, 26 Apr 2024 02:40:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tPQxxnNZ9QLdubQamS2NGY4YSQmi8kYBuBylgNZErtVYL7zrom864g==
X-Firefox-Spdy: h2

cutwin.org/js/ads.js?ver=6.6.2

104.21.42.54

200 OK

126 B

URL GET HTTP/3
cutwin.org/js/ads.js?ver=6.6.2
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type
ASCII text
Size
126 B (126 bytes)
Hash
9e7e54b2d6fc22c0022b88b7125cbe03
236c6e87760ac733a938cb1897d3a7cb6fc5c86c
519204a7ecc3dc77ded647aa00567d6bf8c587049f389b1936914f7fab44c6fa

HTTP Headers

GET /js/ads.js?ver=6.6.2 HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:53 GMT
content-type: text/javascript
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=2592000
expires: Sun, 26 May 2024 02:40:53 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJGIEyRSGSO4jNzO6sZOW%2BtxIRO26wWUySyFERUl%2FR4SPVDisKNGsELRHdRcT65r%2B6urWEg8fczcUYCdjNoIIoMIBgUYimu0tnEsuB4DDZQNIktOGA1Cd5d4yPr%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e9886656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cutwin.org/cloud_theme/build/fonts/fontawesome-webfont.woff2

104.21.42.54

200 OK

77 kB

URL GET HTTP/3
cutwin.org/cloud_theme/build/fonts/fontawesome-webfont.woff2
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /cloud_theme/build/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:53 GMT
content-type: font/woff2
content-length: 77160
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3c%2Bqh7%2FkShGWPL9SNnMY2CsQSctB1%2BGDeDdDEw9RR1skZvMZLYY5%2FlxQP3u%2B5QGNzzjmXokFAvhos6wJOEO6%2FndOmK%2BgyPmbX0Lp2qHL3HaxEead0fQ%2B146PIC8e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335ea889756c6-OSL
alt-svc: h3=":443"; ma=86400

d1tt3ye7u0e0ql.cloudfront.net/OS2dhM1coCA9VaD8OBQ5uclFUAGFtFxNWMXYEFEcgIglPXCUsQQtAOCUXXEkGBCQnBRYuNRRbAjNBFUkzdldHXzYlAFwVMiUEXAJxKgMDDmNtExFcPHYEDFsjJQsXRSAoQRRSaiYIG1o7JwZEARF+SVEWZXtPGQJmblQjFmV7CwhdIjNCUwMvc1E+BWNuVC-MWZXsVFxZkCl5XHWdiQlMDMC4EClxyeSFTA2Z7V1ADZm5VUVU+OQIHXC9uVScKYWVXR0Zqeg

54.230.241.227

511 B

URL
d1tt3ye7u0e0ql.cloudfront.net/OS2dhM1coCA9VaD8OBQ5uclFUAGFtFxNWMXYEFEcgIglPXCUsQQtAOCUXXEkGBCQnBRYuNRRbAjNBFUkzdldHXzYlAFwVMiUEXAJxKgMDDmNtExFcPHYEDFsjJQsXRSAoQRRSaiYIG1o7JwZEARF+SVEWZXtPGQJmblQjFmV7CwhdIjNCUwMvc1E+BWNuVC-MWZXsVFxZkCl5XHWdiQlMDMC4EClxyeSFTA2Z7V1ADZm5VUVU+OQIHXC9uVScKYWVXR0Zqeg
IP
54.230.241.227:0
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (741), with no line terminators
Size
511 B (511 bytes)
Hash
ed2815f4b7ca9f1e05163b26cb08b6de
43f3f5d46a57aa4ff677d19863f5a83301a9ee9c
dcbe6ee45f72ac6583702c3e86944f59b89c982f6281f1093809c79082172f3d

HTTP Headers

GET /OS2dhM1coCA9VaD8OBQ5uclFUAGFtFxNWMXYEFEcgIglPXCUsQQtAOCUXXEkGBCQnBRYuNRRbAjNBFUkzdldHXzYlAFwVMiUEXAJxKgMDDmNtExFcPHYEDFsjJQsXRSAoQRRSaiYIG1o7JwZEARF+SVEWZXtPGQJmblQjFmV7CwhdIjNCUwMvc1E+BWNuVC-MWZXsVFxZkCl5XHWdiQlMDMC4EClxyeSFTA2Z7V1ADZm5VUVU+OQIHXC9uVScKYWVXR0Zqeg HTTP/1.1
Host: d1tt3ye7u0e0ql.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onservantasr.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 511
date: Fri, 26 Apr 2024 02:40:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7wCP8lZWangdslJ-Lzwylx8QeTJ7hDJVyFK7Z3YYRaBFPzehrlWIpA==
X-Firefox-Spdy: h2

cutwin.org/cloud_theme/build/img/header.jpg

104.21.42.54

200 OK

148 kB

URL GET HTTP/3
cutwin.org/cloud_theme/build/img/header.jpg
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1921x900, components 3
Size
148 kB (147797 bytes)
Hash
6b2a1485a7fecf2952de8d1a509c9222
f2a1c65418f749944a823efc6d5881a7c81fdf23
574ed0467392f0d91d140cdbb5c7e38c8b2aa22731de61c50b9b5bfe01e13daf

HTTP Headers

GET /cloud_theme/build/img/header.jpg HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:53 GMT
content-type: image/jpeg
content-length: 147797
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=31536000
expires: Sat, 26 Apr 2025 02:40:53 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IA008tu3fCYFLl8oC7L53xe6ev%2FeNId024iXYajlLFceUJqoY2t4aA9co7sMjYo8Pl8yfX0bb0oEdYehnGmhTAjrqzTupgV2qzD4Bl9uL3OMiKgcoTb5ChY1g9tZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335ea688d56c6-OSL
alt-svc: h3=":443"; ma=86400

sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js

172.240.108.68

200 OK

12 kB

URL GET HTTP/1.1
sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subject*.sarcasticnotarycontrived.com
Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40
ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT

File type
JavaScript source, ASCII text, with very long lines (31253), with no line terminators
Size
12 kB (11808 bytes)
Hash
b66e03f21f0fcd47cfd268509b23f5d5
bc4e06a165d5dba6d013d02c07f64b534b4cd8df
b80ba2107a22f74a404d11ee69175cee036e89ddc230ed78de057a2f6ab3f232

HTTP Headers

GET /b00fd22bf5adda5ce1b6b4739264d77a/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2bc7e76f1153b88f66b489041fbf4ca4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js

172.240.108.68

200 OK

12 kB

URL GET HTTP/1.1
sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subject*.sarcasticnotarycontrived.com
Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40
ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT

File type
JavaScript source, ASCII text, with very long lines (31286), with no line terminators
Size
12 kB (11817 bytes)
Hash
589f00b44314b0385fb58bc0de960738
4f03695cd3e8b4e5a029015723ea4a8d46743eb0
0813f5d6f7078005ea9a90d99b9f9292aeaf020b136f25806ab4bb0f6c03723f

HTTP Headers

GET /b00fd22bf5adda5ce1b6b4739264d77a/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90c920e77a11c03516d1b39806e2b1c0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static.cloudflareinsights.com/beacon.min.js

104.16.80.73

200 OK

6.7 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
gzip compressed data, from Unix
Size
6.7 kB (6650 bytes)
Hash
4e6f710188df25bb459d5d73cf726231
8914d9049c9afcc3ba9b5d0c4ffbb7138167be2b
05193fe146ad1b442ee037caf0efe83763b8627127be0eb7a03760079b16c55e

HTTP Headers

GET /beacon.min.js HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a335e9acca56c5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

35.158.46.84

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.158.46.84:443
ASN
#16509 AMAZON-02

Requested by
https://cutwin.org/809vdER
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b10e4451e29c351958ddc769490f5c10
c4a24ba35412ad2f0fa61749fc62088615658601
44f8b1dee920e2c41df6ae2eb0803decfe6d060c7f318a26ef327c94e18dd363

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cutwin.org
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

sarcasticnotarycontrived.com/06749197bd890c2748ee08022147a644/invoke.js

172.240.108.68

200 OK

12 kB

URL GET HTTP/1.1
sarcasticnotarycontrived.com/06749197bd890c2748ee08022147a644/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subject*.sarcasticnotarycontrived.com
Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40
ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT

File type
JavaScript source, ASCII text, with very long lines (31324), with no line terminators
Size
12 kB (11854 bytes)
Hash
0696f9c0a7566f24d8e4595c50268427
197acefb62f78497624ba32f3b98611555f19ceb
dbe4ccdc4a3724e77a87af040f83b90e5d32293c289959eb01aabb95a137d6c5

HTTP Headers

GET /06749197bd890c2748ee08022147a644/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 280f3f82043ad7d185617093d1789fbc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js

172.240.108.68

200 OK

12 kB

URL GET HTTP/1.1
sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subject*.sarcasticnotarycontrived.com
Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40
ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT

File type
JavaScript source, ASCII text, with very long lines (31253), with no line terminators
Size
12 kB (11808 bytes)
Hash
76a5b7bc3eec6c901fb8e1dd6e00b149
8f71b872cf7d0ed07a3a47fc6aa82d4cedba866b
43600fb88565ed6405af5b841cd16d0aa066bbcb7dc5a22e121b584e1ff3739c

HTTP Headers

GET /b00fd22bf5adda5ce1b6b4739264d77a/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f6fdce28cc370d3292ac8b02ed300df
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cutwin.org/cloud_theme/build/img/footer.jpg

104.21.42.54

200 OK

11 kB

URL GET HTTP/3
cutwin.org/cloud_theme/build/img/footer.jpg
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x231, components 3
Size
11 kB (10593 bytes)
Hash
8dc8323360a9ca5837521e0e70000799
e9f90a106ca330f77c87e80ee6e819294f5061fe
3ef0ac3809f5aacada358d6070cab7f6e7c0d21afcb59400331d6a52f4db8686

HTTP Headers

GET /cloud_theme/build/img/footer.jpg HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: image/jpeg
content-length: 10593
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=31536000
expires: Mon, 14 Apr 2025 21:34:22 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 968792
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rYoPLIY5%2F1OEh%2BBQFSHIn8LKLT25BIHATYBO%2Fl1vvKkYppFxvRv0W2eukvVh4x8egOhtW0MPhT1ygw119e32gRVdft%2FUASZwcCxkvUDv5sWOlpb7qGV%2FgZP1fdF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335f3eae956c6-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22504, version 1.0
Size
22 kB (22504 bytes)
Hash
1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:32:58 GMT
expires: Fri, 25 Apr 2025 02:32:58 GMT
cache-control: public, max-age=31536000
age: 86876
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jumpedanxious.com/watch.963316278810.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1

172.240.108.68

307 Temporary Redirect

0 B

URL GET HTTP/1.1
jumpedanxious.com/watch.963316278810.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectjumpedanxious.com
Fingerprint11:0C:D6:84:95:BB:1E:9C:2D:47:45:E1:9F:5B:7B:AB:FA:F9:21:00
ValidityWed, 24 Apr 2024 15:00:10 GMT - Tue, 23 Jul 2024 15:00:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.963316278810.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: jumpedanxious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Location: https://jumpedanxious.com/watch.963316278810.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=c3a9a1024d45a00b4cde10aecc3f865978846e24e8baed803a4fa304f154a9edfb52a53afcf58a510afffacf5ee4a3e64f3255997f3206117727b77ce2e2415b6a6df02e59efe6a152921d5381e2071c70e3e1cb6e8fdaaacdafc3658df0356e5f&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Set-Cookie: u_pl=15222909; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk; expires=Fri, 26 Apr 2024 02:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 486dd6260dea7c23e0118c637e6f472f
Strict-Transport-Security: max-age=0; includeSubdomains

navigateconfuseanonymous.com/watch.1070159500711.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1

172.240.253.132

307 Temporary Redirect

0 B

URL GET HTTP/1.1
navigateconfuseanonymous.com/watch.1070159500711.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectnavigateconfuseanonymous.com
Fingerprint80:FE:57:06:46:46:51:C4:1F:17:DB:EA:13:34:13:84:F9:F8:34:C8
ValidityWed, 24 Apr 2024 15:00:54 GMT - Tue, 23 Jul 2024 15:00:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1070159500711.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: navigateconfuseanonymous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Location: https://navigateconfuseanonymous.com/watch.1070159500711.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=b6a72453388d0a455a7ae6a7ee1e0f8254a985a07d231f4bcf66115869814f1f5cdf81a67fd60502b8e530fa6f43e067825d9fcaa1ce718ba4e2d459bf0e6c3e49e630a9a38b2450e34aec6cfa8a62854c232e53e1880824d1b1cd9fceef8ef691f056&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Set-Cookie: u_pl=15222909; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk; expires=Fri, 26 Apr 2024 02:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8f055d1111b8f225466da3bc5556713
Strict-Transport-Security: max-age=0; includeSubdomains

supervisebradleyrapidly.com/watch.133388985824.js?key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1

172.240.253.132

307 Temporary Redirect

0 B

URL GET HTTP/1.1
supervisebradleyrapidly.com/watch.133388985824.js?key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectsupervisebradleyrapidly.com
FingerprintB9:18:E3:8A:C9:DC:5E:0A:A3:8F:1C:44:1F:63:28:86:43:4F:A2:E2
ValidityWed, 24 Apr 2024 15:15:52 GMT - Tue, 23 Jul 2024 15:15:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.133388985824.js?key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: supervisebradleyrapidly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Location: https://supervisebradleyrapidly.com/watch.133388985824.js?dev=e&key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=31fe783d34958727af2ebca620e097be2425014ea12fca5ba2ba5a454336771138f317c31817e0aec04ed76b91d90e7292ec08c60d8fd6b6a05037e00f54f851b8896b9bcca7d650e171c7a6db13ec3146f681c36c48de65af8da608b82514&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Set-Cookie: u_pl=17565006; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NTAwNiwiayI6IjA2NzQ5MTk3YmQ4OTBjMjc0OGVlMDgwMjIxNDdhNjQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTYzMTAzLCJwaWQiOjExMTE2MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1cTEyazlpbjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jdXR3aW4ub3JnLzgwOXZkRVIiLCJhciI6W119fQ.GixN140N1JUSEgYhuLY8mrGCMjWim9Bz7cKyA8sBFec; expires=Fri, 26 Apr 2024 02:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 895c5d28aff6faefb96c15f443ee65da
Strict-Transport-Security: max-age=0; includeSubdomains

jumpedanxious.com/watch.963316278810.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=c3a9a1024d45a00b4cde10aecc3f865978846e24e8baed803a4fa304f154a9edfb52a53afcf58a510afffacf5ee4a3e64f3255997f3206117727b77ce2e2415b6a6df02e59efe6a152921d5381e2071c70e3e1cb6e8fdaaacdafc3658df0356e5f&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1

172.240.108.68

200 OK

2.0 kB

URL GET HTTP/1.1
jumpedanxious.com/watch.963316278810.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=c3a9a1024d45a00b4cde10aecc3f865978846e24e8baed803a4fa304f154a9edfb52a53afcf58a510afffacf5ee4a3e64f3255997f3206117727b77ce2e2415b6a6df02e59efe6a152921d5381e2071c70e3e1cb6e8fdaaacdafc3658df0356e5f&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectjumpedanxious.com
Fingerprint11:0C:D6:84:95:BB:1E:9C:2D:47:45:E1:9F:5B:7B:AB:FA:F9:21:00
ValidityWed, 24 Apr 2024 15:00:10 GMT - Tue, 23 Jul 2024 15:00:09 GMT

File type
JavaScript source, ASCII text, with very long lines (2504)
Size
2.0 kB (2020 bytes)
Hash
82d0543771f05ee6e3d80c0f5df52bf3
b37c9820bcd9d0a183bb339cb6cfbe8c8becf7f4
2bb35df3ed5813534ceba3a65d6356865060fdf72a332deb7ae2b31f064b91f3

HTTP Headers

GET /watch.963316278810.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=c3a9a1024d45a00b4cde10aecc3f865978846e24e8baed803a4fa304f154a9edfb52a53afcf58a510afffacf5ee4a3e64f3255997f3206117727b77ce2e2415b6a6df02e59efe6a152921d5381e2071c70e3e1cb6e8fdaaacdafc3658df0356e5f&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: jumpedanxious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15222909; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1; expires=Fri, 03 May 2024 02:40:54 GMT; secure; SameSite=None
iprc1da453f1d40c0aa2a05889ec423cca13=5191359; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a64100abf56d60206659fac82c05a9d7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

navigateconfuseanonymous.com/watch.1070159500711.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=b6a72453388d0a455a7ae6a7ee1e0f8254a985a07d231f4bcf66115869814f1f5cdf81a67fd60502b8e530fa6f43e067825d9fcaa1ce718ba4e2d459bf0e6c3e49e630a9a38b2450e34aec6cfa8a62854c232e53e1880824d1b1cd9fceef8ef691f056&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1

172.240.253.132

200 OK

2.0 kB

URL GET HTTP/1.1
navigateconfuseanonymous.com/watch.1070159500711.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=b6a72453388d0a455a7ae6a7ee1e0f8254a985a07d231f4bcf66115869814f1f5cdf81a67fd60502b8e530fa6f43e067825d9fcaa1ce718ba4e2d459bf0e6c3e49e630a9a38b2450e34aec6cfa8a62854c232e53e1880824d1b1cd9fceef8ef691f056&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectnavigateconfuseanonymous.com
Fingerprint80:FE:57:06:46:46:51:C4:1F:17:DB:EA:13:34:13:84:F9:F8:34:C8
ValidityWed, 24 Apr 2024 15:00:54 GMT - Tue, 23 Jul 2024 15:00:53 GMT

File type
JavaScript source, ASCII text, with very long lines (2517)
Size
2.0 kB (2044 bytes)
Hash
e265b7b4015ac36cc44bc27c17de51e8
b9a4026e90fd7a1d8ecc4afb3c8b67c6f42e9b9b
668cd541e82251d261aebeae3f3cdfddee3c78a54b8ace5f010a5aa22b56cc0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1070159500711.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=b6a72453388d0a455a7ae6a7ee1e0f8254a985a07d231f4bcf66115869814f1f5cdf81a67fd60502b8e530fa6f43e067825d9fcaa1ce718ba4e2d459bf0e6c3e49e630a9a38b2450e34aec6cfa8a62854c232e53e1880824d1b1cd9fceef8ef691f056&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: navigateconfuseanonymous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15222909; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1; expires=Fri, 03 May 2024 02:40:54 GMT; secure; SameSite=None
iprcf7f3409cb24fbcff9dcfdd1a73073ab3=5191357; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3f38bf5e4410b13dd23465e4577b8a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

belongedenemy.com/watch.1119244623998.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1

192.243.59.13

307 Temporary Redirect

0 B

URL GET HTTP/1.1
belongedenemy.com/watch.1119244623998.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectbelongedenemy.com
Fingerprint1D:22:55:32:18:99:69:96:5D:C0:1E:E6:F7:3E:F2:EA:2F:06:72:AA
ValidityTue, 23 Apr 2024 10:53:14 GMT - Mon, 22 Jul 2024 10:53:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1119244623998.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: belongedenemy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Location: https://belongedenemy.com/watch.1119244623998.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=98dbb259fdea918eb4af05eea757d7b0920363c0a3de83aafda9396fc0f48d11df395ce568c00a8b4a9a4fe80012e685cfaa2b84b85cd30ab87fe999083c5502353a934291ded6d624f41c11a127b2da3f794549dfe89474cd77a87299f9&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Set-Cookie: u_pl=15222909; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk; expires=Fri, 26 Apr 2024 02:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ccc1e47c05d11fca1080a1a8a3c43952
Strict-Transport-Security: max-age=0; includeSubdomains

supervisebradleyrapidly.com/watch.133388985824.js?dev=e&key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=31fe783d34958727af2ebca620e097be2425014ea12fca5ba2ba5a454336771138f317c31817e0aec04ed76b91d90e7292ec08c60d8fd6b6a05037e00f54f851b8896b9bcca7d650e171c7a6db13ec3146f681c36c48de65af8da608b82514&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1

172.240.253.132

200 OK

2.1 kB

URL GET HTTP/1.1
supervisebradleyrapidly.com/watch.133388985824.js?dev=e&key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=31fe783d34958727af2ebca620e097be2425014ea12fca5ba2ba5a454336771138f317c31817e0aec04ed76b91d90e7292ec08c60d8fd6b6a05037e00f54f851b8896b9bcca7d650e171c7a6db13ec3146f681c36c48de65af8da608b82514&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectsupervisebradleyrapidly.com
FingerprintB9:18:E3:8A:C9:DC:5E:0A:A3:8F:1C:44:1F:63:28:86:43:4F:A2:E2
ValidityWed, 24 Apr 2024 15:15:52 GMT - Tue, 23 Jul 2024 15:15:51 GMT

File type
JavaScript source, ASCII text, with very long lines (2651)
Size
2.1 kB (2111 bytes)
Hash
6bd638bfd77c51d5f02f9eb0ac2929b3
5c71877486f0c1a8f32b3bbbca5381ac1ec3325c
38f04d91f07611d39b0be74618c395edd43986f65e9d9992a5895e529812d998

HTTP Headers

GET /watch.133388985824.js?dev=e&key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=31fe783d34958727af2ebca620e097be2425014ea12fca5ba2ba5a454336771138f317c31817e0aec04ed76b91d90e7292ec08c60d8fd6b6a05037e00f54f851b8896b9bcca7d650e171c7a6db13ec3146f681c36c48de65af8da608b82514&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: supervisebradleyrapidly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17565006; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NTAwNiwiayI6IjA2NzQ5MTk3YmQ4OTBjMjc0OGVlMDgwMjIxNDdhNjQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTYzMTAzLCJwaWQiOjExMTE2MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1cTEyazlpbjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jdXR3aW4ub3JnLzgwOXZkRVIiLCJhciI6W119fQ.GixN140N1JUSEgYhuLY8mrGCMjWim9Bz7cKyA8sBFec
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1; expires=Fri, 03 May 2024 02:40:54 GMT; secure; SameSite=None
iprc40c1f325b7d208ef8d6a4433fae7d48b=3569806; expires=Fri, 26 Apr 2024 06:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1eee47be697f8d77b6e5823ee3b14b92
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/59/e2/73/59e273b873f0f7092b74f2766d60aebd/1711620525.jpg

45.133.44.9

200 OK

72 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/59/e2/73/59e273b873f0f7092b74f2766d60aebd/1711620525.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 300x250, components 3
Size
72 kB (71789 bytes)
Hash
2d281de4129fb09c0e095c5b9beeb115
bf238757cb5055f99aeb9911d422850a56fe2c39
c8d22cd8ebf01584785595b2ef4f82c1b677742241f562a0aca5c775a4229980

HTTP Headers

GET /cti/59/e2/73/59e273b873f0f7092b74f2766d60aebd/1711620525.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: image/jpeg
content-length: 71789
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:08:53 GMT
etag: "660541b5-1186d"
expires: Sun, 28 Apr 2024 02:40:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg

45.133.44.9

200 OK

75 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 300x250, components 3
Size
75 kB (75237 bytes)
Hash
156f3383d85fab2d082c4d0e64549de1
0b475fdfafa1cfae8ddd899beb3d2e7120f99d06
ae5f621f49ad4c3cd9b5c19f1e244097c627a02349dc9c50da49455f4c44a107

HTTP Headers

GET /cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: image/jpeg
content-length: 75237
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:08:08 GMT
etag: "66054188-125e5"
expires: Sun, 28 Apr 2024 02:40:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

belongedenemy.com/watch.1119244623998.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=98dbb259fdea918eb4af05eea757d7b0920363c0a3de83aafda9396fc0f48d11df395ce568c00a8b4a9a4fe80012e685cfaa2b84b85cd30ab87fe999083c5502353a934291ded6d624f41c11a127b2da3f794549dfe89474cd77a87299f9&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1

192.243.59.13

200 OK

2.0 kB

URL GET HTTP/1.1
belongedenemy.com/watch.1119244623998.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=98dbb259fdea918eb4af05eea757d7b0920363c0a3de83aafda9396fc0f48d11df395ce568c00a8b4a9a4fe80012e685cfaa2b84b85cd30ab87fe999083c5502353a934291ded6d624f41c11a127b2da3f794549dfe89474cd77a87299f9&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectbelongedenemy.com
Fingerprint1D:22:55:32:18:99:69:96:5D:C0:1E:E6:F7:3E:F2:EA:2F:06:72:AA
ValidityTue, 23 Apr 2024 10:53:14 GMT - Mon, 22 Jul 2024 10:53:13 GMT

File type
JavaScript source, ASCII text, with very long lines (2504)
Size
2.0 kB (2028 bytes)
Hash
0a9135d56002215a4dc08d608ea58095
0a91d559874352ce250cfa9457634b30f3d4f6d5
0b6be34881de3fc080e9d8649c3741f6a51d601c1b7446db226e43d1f63e3785

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1119244623998.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=98dbb259fdea918eb4af05eea757d7b0920363c0a3de83aafda9396fc0f48d11df395ce568c00a8b4a9a4fe80012e685cfaa2b84b85cd30ab87fe999083c5502353a934291ded6d624f41c11a127b2da3f794549dfe89474cd77a87299f9&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: belongedenemy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15222909; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1; expires=Fri, 03 May 2024 02:40:54 GMT; secure; SameSite=None
iprcb16ef953ddc4821f293320e5ea32a630=5191360; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7c1dec7f8b8456fba82a82c71494517
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png

45.133.44.9

200 OK

144 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
144 kB (144379 bytes)
Hash
33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314

HTTP Headers

GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sun, 28 Apr 2024 02:40:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/05/0a/19/050a197ca13c4569fbeb1996bb9a28fa/1711620546.jpg

45.133.44.9

200 OK

87 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/05/0a/19/050a197ca13c4569fbeb1996bb9a28fa/1711620546.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cutwin.org/809vdER
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 300x250, components 3
Size
87 kB (86803 bytes)
Hash
34b6557a0bdc421b4ee9cdb0cc3c4bea
7400ae77f2911ebe0f3c6a9cce27e972902b0458
00cc7a09bd02fd45f1a79e05dca3486bda60dc04dff064d59d6a569836d3c474

HTTP Headers

GET /cti/05/0a/19/050a197ca13c4569fbeb1996bb9a28fa/1711620546.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:55 GMT
content-type: image/jpeg
content-length: 86803
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:09:14 GMT
etag: "660541ca-15313"
expires: Sun, 28 Apr 2024 02:40:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

108.177.14.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14
ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Um84UiIfA7_SL-elQqaImf0R5iisew:HwT005hqBvf08oHo; Expires=Sun, 26-Apr-2026 02:40:55 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxcuspqQ-zonL_hRT69ppt_xjhsnaNk98yy0o0f1tl8TxYNQsLCsb704SMPB5cCKbGXst8IHA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-D-xIosf4qSkmnL_tstMU9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

108.177.14.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14
ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:NT0i74sSKSRK4wJDp4DKWtMMsO8rbw:RZPHbkR3jQBPxnJR; Expires=Sun, 26-Apr-2026 02:40:55 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzb8IXH4VLz9MS0arV-Q-68sacjgFbj-gwt_l7GNNNj8PK8oKIn0RwtL7vpVeLTaSj5YYqXbA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-HFE8RIVW3vzi14YCfe_0ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxcuspqQ-zonL_hRT69ppt_xjhsnaNk98yy0o0f1tl8TxYNQsLCsb704SMPB5cCKbGXst8IHA

108.177.14.84

302 Found

429 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxcuspqQ-zonL_hRT69ppt_xjhsnaNk98yy0o0f1tl8TxYNQsLCsb704SMPB5cCKbGXst8IHA
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14
ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT

File type
HTML document, ASCII text, with very long lines (406)
Size
429 B (429 bytes)
Hash
d124329cf30d2bcdcc9c067aeb64cf7a
a66076eb3bab9596dd352ce94d5c4ab34289bebc
7842c0d239b548eb201776de46c32630959e9b48a1e90368790af31ae6d9bc70

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxcuspqQ-zonL_hRT69ppt_xjhsnaNk98yy0o0f1tl8TxYNQsLCsb704SMPB5cCKbGXst8IHA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:HmVhcYK_aeMKELE7F0UYbe7YBMNV5g:I5wzN_ZwzTGD6R2d;Path=/;Expires=Sun, 26-Apr-2026 02:40:55 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzQPrx4pBZCIkMZKjCyGSIIVAv334GLaZpKAEaqCeCRjaV5hnaFPgAw3ChSvL4HjdqK7NohCQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587342406%3A1714099255361550&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-qqqD-MQcfCeqYHnJwgQdmA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 429
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzb8IXH4VLz9MS0arV-Q-68sacjgFbj-gwt_l7GNNNj8PK8oKIn0RwtL7vpVeLTaSj5YYqXbA

108.177.14.84

302 Found

426 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzb8IXH4VLz9MS0arV-Q-68sacjgFbj-gwt_l7GNNNj8PK8oKIn0RwtL7vpVeLTaSj5YYqXbA
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14
ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT

File type
HTML document, ASCII text, with very long lines (404)
Size
426 B (426 bytes)
Hash
ea6e57a7d8c114a2717c40314030eace
ae7270f03ab99242540d54a19c95c8f11b059295
dbbf7ed37b856b52aa1b58715d55b38f94d7d0c29e81e4bc2ab4f78522db44e6

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzb8IXH4VLz9MS0arV-Q-68sacjgFbj-gwt_l7GNNNj8PK8oKIn0RwtL7vpVeLTaSj5YYqXbA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:RXnCl2_YY66VG4GDzgyKlaSTn5QKAQ:Lah37KSvKf3ch1ph;Path=/;Expires=Sun, 26-Apr-2026 02:40:55 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx0yIrhEf3kt3WnTg-kfXszPFqJuEnDnp9zFm6Ge3YozvzO_JStIEPio_p5nYsr76ORblfNZA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2029183562%3A1714099255374098&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-chRbccE-jbWc9skOFCqOKg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pogothere.xyz/

104.21.24.208

200 OK

206 kB

URL GET HTTP/2
pogothere.xyz/
IP
104.21.24.208:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
ASCII text, with no line terminators
Size
206 kB (205831 bytes)
Hash
0336a43024b27192d6c10b25f116518f
1a23fda69e8069e5f3bf938fc72d8a4de24c9800
cb9ca7b318aa80e1ad7a0c86999fca76d6bd061ac8cb45843da2f75d07ce3b14

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:55 GMT
content-type: text/plain
set-cookie: csu=1350162889297264@1@1714099255; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://cutwin.org
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wkm7ma%2Bz8R%2ByYfizi36LqBkwf8oShD1xh0hlS4nBN%2FV%2BnXLcwqYJ6B6PpL0lYtolQ5d8hEe3Bzj6KTOeg7lxuyzm0DiI2ugBxsCeYIqXKxydju2xpqjeOh2apASUk%2Fdf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335f7dda0b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx0yIrhEf3kt3WnTg-kfXszPFqJuEnDnp9zFm6Ge3YozvzO_JStIEPio_p5nYsr76ORblfNZA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2029183562%3A1714099255374098&theme=mn&ddm=0

108.177.14.84

403 Forbidden

54 kB

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx0yIrhEf3kt3WnTg-kfXszPFqJuEnDnp9zFm6Ge3YozvzO_JStIEPio_p5nYsr76ORblfNZA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2029183562%3A1714099255374098&theme=mn&ddm=0
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (37197)
Size
54 kB (53884 bytes)
Hash
da4a7462c188d88e7fd80d529c045d56
7ad3a61ac65aa7c46aa7d2e60c3f1501e383d043
7e5cd9f6b43624229476b0e525381af62febd3f0898313950e394bebfa0befc1

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx0yIrhEf3kt3WnTg-kfXszPFqJuEnDnp9zFm6Ge3YozvzO_JStIEPio_p5nYsr76ORblfNZA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2029183562%3A1714099255374098&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-Y9VpO2U2TgsmiUQaJ05VEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.35

200 OK

206 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 20:51:00 GMT
expires: Thu, 24 Apr 2025 20:51:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 107395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:43:03 GMT
expires: Fri, 25 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 86273
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:54:07 GMT
expires: Thu, 02 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 85609
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m

142.250.74.131

200 OK

206 kB

URL GET HTTP/3
www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6
ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205913 bytes)
Hash
e4eb924eec164dfe5fb43e5d8e6b2a2f
582bad0eac6440aa49632ca1e24d7a52a89d7d92
428ed37cf336160c986f3c470a345bd9790e95d119cfb794767637df59eb3a59

HTTP Headers

GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Apr 2024 02:40:56 GMT
date: Fri, 26 Apr 2024 02:40:56 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js

142.250.74.164

200 OK

7.4 kB

URL GET HTTP/2
www.google.com/js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73
ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT

File type
JavaScript source, ASCII text, with very long lines (17602)
Size
7.4 kB (7447 bytes)
Hash
a881e4c268e13ad20405ae80fca4c36b
dee477906e2c92b4c7747029a2409069b9b676ad
63d2e26aa68933bac804050c4e0f0293f1f97e927ad4a79ac9e6a0e8b310fb77

HTTP Headers

GET /js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 05:05:57 GMT
expires: Thu, 24 Apr 2025 05:05:57 GMT
cache-control: public, max-age=31536000
age: 164099
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.16.79.73

200 OK

25 kB

URL OPTIONS HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24637 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cutwin.org/
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:56 GMT
content-type: text/plain
access-control-allow-origin: https://cutwin.org
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a336000a1556a4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

cloudflareinsights.com/cdn-cgi/rum

104.16.79.73

200 OK

206 kB

URL OPTIONS HTTP/2
cloudflareinsights.com/cdn-cgi/rum
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
gzip compressed data, max compression
Size
206 kB (205803 bytes)
Hash
a484f2f3418f65b8214cbcd3e4a31057
5c002c51b67db40f88b6895a5d5caa67608a65ce
79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6

HTTP Headers

POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1022
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:56 GMT
server: cloudflare
cf-ray: 87a336001a2b56a4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2

cutwin.org/favicon.ico

104.21.42.54

200 OK

198 B

URL GET HTTP/3
cutwin.org/favicon.ico
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 2 colors
Size
198 B (198 bytes)
Hash
c6acedaff906029fc5455d9ec52c7f42
92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:55 GMT
content-type: image/x-icon
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=31536000
expires: Sat, 26 Apr 2025 02:40:55 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FPpQ2Yog0eJ7JI5nnLlGKWFcrL4srAFiQA%2FkGAHJwiQC5YttlPc1du6W%2BVvUGOY4li1614pkTr8J%2FFsJxsQJc3QStLlvQc2hZ%2F6oOyC7yae%2FPvbRneEARDSpnoX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335f78cb656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css

142.250.74.35

200 OK

56 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
56 kB (56412 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 15:50:55 GMT
expires: Wed, 23 Apr 2025 15:50:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 211800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pogothere.xyz/asd100.bin

104.21.24.208

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
104.21.24.208:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:55 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cutwin.org
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 02:40:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkBrETK4a693FKn%2BpaFopjoYZYRWlLtiUpLas%2B6SNBMDrceRULyUpI7PKmmjOaUKHxePMnWNCZUbxy0ClfukhKGjC7g%2BEtMK4HaS%2BkZZKqcWidqmk%2BZCaOKic2QjvXf4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a335f7dd9fb4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cutwin.org/cloud_theme/build/js/script.min.js?ver=6.6.2

104.21.42.54

200 OK

226 kB

URL GET HTTP/3
cutwin.org/cloud_theme/build/js/script.min.js?ver=6.6.2
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type

Size
226 kB (225927 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cloud_theme/build/js/script.min.js?ver=6.6.2 HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: text/javascript
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=2592000
expires: Tue, 14 May 2024 21:34:13 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 968798
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HxzwATuhBPwvr4GN3Yk5HIRQXzpeLKdyiNvFvZ1Dftz16Ls%2BvZjOlFFRi0UsbTAuyNbeWjiYtqG8kJrG%2BtlPKZttvtoGTinvTbZFRg5anowKk0goTDhfHmTOMncI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e9986756c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

quitesousefulhe.info/cnVTaXBdSjAaTSMPPzwRJ0RiLTcKFjYhOSIsFVxAFiQVAygqAnUdGRZIalBGR0ZlTwAbEW5YVgEBMh0FAUhiTxkcEzxUVgRIYkdDRltgX15GUyZUQVQBIwgXT0R1GQQGGW5YR0NBY1BJQEBgWkBC

104.21.13.159

204 No Content

0 B

URL GET HTTP/2
quitesousefulhe.info/cnVTaXBdSjAaTSMPPzwRJ0RiLTcKFjYhOSIsFVxAFiQVAygqAnUdGRZIalBGR0ZlTwAbEW5YVgEBMh0FAUhiTxkcEzxUVgRIYkdDRltgX15GUyZUQVQBIwgXT0R1GQQGGW5YR0NBY1BJQEBgWkBC
IP
104.21.13.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectquitesousefulhe.info
Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7
ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cnVTaXBdSjAaTSMPPzwRJ0RiLTcKFjYhOSIsFVxAFiQVAygqAnUdGRZIalBGR0ZlTwAbEW5YVgEBMh0FAUhiTxkcEzxUVgRIYkdDRltgX15GUyZUQVQBIwgXT0R1GQQGGW5YR0NBY1BJQEBgWkBC HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 26 Apr 2024 02:40:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vW6EKz0XBFbLaYYWDe9yLh4yCsgoH7%2F4o6GD0lkoj6ZPi29tEfXbc%2FL0Pto7vrVRG50OGXsvmvwxqFKSZ88rDb91edurKHJeUXemVyW3yblQFBhHJ9UAqHitQzOyA4mxmZETiFvS9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335ed3f0656bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.131

200 OK

921 B

URL GET HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6
ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT

File type
JavaScript source, ASCII text, with very long lines (921), with no line terminators
Size
921 B (921 bytes)
Hash
b832740e618479615e7f4ec2d6d18e95
39e2c70fbc1164d6748e0314c36691c42245c53a
66b51ffa06c4662b57b6b492d53318ac5e672cd53f52ce08e2699325eb796414

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 26 Apr 2024 02:40:55 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9

142.250.74.131

200 OK

7.4 kB

URL GET HTTP/3
www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6
ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT

File type
HTML document, ASCII text, with very long lines (7678), with no line terminators
Size
7.4 kB (7447 bytes)
Hash
ce0684c92e07ac0bec06a00ea6031675
bb0bdaa051554ebdefda9ed34d2296bd9197e102
b4ac2e89626b68f2bea95d61166b3a973fc814867f1e1ac128004452b0e0c35f

HTTP Headers

GET /recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9 HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:56 GMT
content-security-policy: script-src 'nonce-sL_QclYzl5yNOfSwQ-1U5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css

142.250.74.35

200 OK

56 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
56 kB (56412 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 15:50:55 GMT
expires: Wed, 23 Apr 2025 15:50:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 211801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzQPrx4pBZCIkMZKjCyGSIIVAv334GLaZpKAEaqCeCRjaV5hnaFPgAw3ChSvL4HjdqK7NohCQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587342406%3A1714099255361550&theme=mn&ddm=0

108.177.14.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzQPrx4pBZCIkMZKjCyGSIIVAv334GLaZpKAEaqCeCRjaV5hnaFPgAw3ChSvL4HjdqK7NohCQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587342406%3A1714099255361550&theme=mn&ddm=0
IP
108.177.14.84:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzQPrx4pBZCIkMZKjCyGSIIVAv334GLaZpKAEaqCeCRjaV5hnaFPgAw3ChSvL4HjdqK7NohCQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587342406%3A1714099255361550&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-Xw3X8hSkvzazMtAq6YzDNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f

142.250.74.131

200 OK

46 kB

URL GET HTTP/3
www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6
ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT

File type
HTML document, ASCII text, with very long lines (37197)
Size
46 kB (45905 bytes)
Hash
90e14c7435ee07dcf6573d45dbb8c8b9
c8ae4ec20cb9eca59c381adcea6036705ff89586
52ee527ceb4f1d5c2a2678cada7043dc24234f0ea3151e220fe39a945a93fa75

HTTP Headers

GET /recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
content-security-policy: script-src 'nonce-peP51tlgiy-CVK6uSNby3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

quitesousefulhe.info/popunder.gif

104.21.13.159

200 OK

35 B

URL GET HTTP/3
quitesousefulhe.info/popunder.gif
IP
104.21.13.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectquitesousefulhe.info
Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7
ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:53 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 90784
last-modified: Thu, 25 Apr 2024 01:27:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yzH7DRy0yc2L2NjJjgLhChy4ec2hjgjufmmt5ZvR4TqkO5v8j0MbBausj1Y4XTRSYCHnCqjGMmxynCVyi0EaiZP3lyXLqoxHkc%2BhOtu0lDKsXtH4vVMXJWZq8FbIPPOreRUnJOCZ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a335f05a25568d-OSL
alt-svc: h3=":443"; ma=86400

cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2

104.21.42.54

200 OK

202 kB

URL GET HTTP/3
cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2
IP
104.21.42.54:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cutwin.org/809vdER
Certificate
IssuerGoogle Trust Services LLC
Subjectcutwin.org
Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0
ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT

File type
ASCII text, with very long lines (65369)
Size
202 kB (201672 bytes)
Hash
179be71d42df03ea58d6ea2785217085
82001a88284463f8e04172b8395f5a9eced37df6
a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454

HTTP Headers

GET /cloud_theme/build/css/styles.min.css?ver=6.6.2 HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=2592000
expires: Tue, 14 May 2024 21:34:13 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 968799
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMW8gJAgZDkvCVRvR7E3iPreKKlwOb6EeREg66KMQW4qbrbCD%2F%2FK%2Be%2BLkpdHH9DyWj4WNx5Ex03%2FyZEYt6%2FJJHcHSx6%2BvJf4ewCeYFWx33jGQR9Zmy8oAK70CB0I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e9886456c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by