Report - cutt.us/gift-nitro

Report Overview

Submitted URL
cutt.us/gift-nitro
IP
69.61.26.121
ASN
#141518 Subhosting Innovations Pvt Ltd
Submitted
2022-11-20 19:14:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	44 kB	142.250.74.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	21 kB	142.250.74.174
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	779 B	142.250.74.66
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	71 kB	34.120.237.76
cutt.us	202632	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	37 kB	69.61.26.121
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.139.17
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	12 kB	216.58.207.194
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ab28c88e95b0884012c6918082b28386.safeframe.googlesyndication.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	541 B	3.5 kB	142.250.74.65
securepubads.g.doubleclick.net	190	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	134 kB	216.58.207.194
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	1.1 kB	142.250.74.98
premium-sub.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	68 kB	172.67.158.200
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.googletagservices.com	169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	28 kB	216.58.207.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (19)

	URL	Size	First Seen	Last Seen
	cutt.us/gift-nitro	1.1 kB	2023-03-11	2023-03-11
Pretty URL cutt.us/gift-nitro IP 69.61.26.121 ASN #141518 Subhosting Innovations Pvt Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:00:16 Times Seen1 Hash 39c21bffe2008edc839dd23b85a984c5 f0df7280312280057278fa2067c65a93d28108ad d70b27f516b0df62ea64140a487bfbc230cc57a4b59a073f21ee10f654d4f410 Loading...

	www.googletagservices.com/tag/js/gpt.js	80 kB	2023-03-11	2023-03-11
Pretty URL www.googletagservices.com/tag/js/gpt.js IP 216.58.207.226 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:20 Last Seen2023-03-11 15:20:30 Times Seen1 Hash 218e2deeff3b9555f86c8fb1f5799957 0cee5145d5edff73789b8d38b7ff5387b17fa7fc 650d8f56fc7861cb7d597c3ccc1b4d8b34e11332a9059b7dbc9ede45322bc883 Loading...

	adservice.google.com/adsid/integrator.js?domain=cutt.us	107 B	2023-03-07	2024-02-03
Pretty URL adservice.google.com/adsid/integrator.js?domain=cutt.us IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-02-03 18:43:04 Times Seen27539 Hash d9c47f48660b656705d0ff86fc850de8 bceb9478f69cdfc2eb87ae6b80e95dbaac8b6769 a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Loading...

	premium-sub.com/gift-nitro	2.9 kB	2023-03-11	2023-03-11
Pretty URL premium-sub.com/gift-nitro IP 172.67.158.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:00:16 Times Seen1 Hash 0da30ff0cd999e9df87de08277bd0cb7 3f05e134053d9f8b83fea783c944958a85c2160d b9a9da0744d997c920a9c497de8c18fcf0a78172e76bd43c41fcb5167f24bcec Loading...

	premium-sub.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=76d382326e53b4ed	53 kB	2023-03-11	2023-03-11
Pretty URL premium-sub.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=76d382326e53b4ed IP 172.67.158.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:00:16 Times Seen1 Hash 4881352b856d8e421037b5613d63cc7f ab95620fe13e0b142a9a122ad8733ad06d8ab8f5 bf833e000160d46427ed66b1a84abdae01b9cb990ab98d42be485afc11c70944 Loading...

	cutt.us/gift-nitro	154 B	2023-03-07	2023-04-05
Pretty URL cutt.us/gift-nitro IP 69.61.26.121 ASN #141518 Subhosting Innovations Pvt Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:42 Last Seen2023-04-05 02:10:45 Times Seen145 Hash f0dd56bfe6878edb67fbae180bd3c496 3cb4ad49e47e66685c977083fc1156b1657a1981 800832de00b5d0f2b34ebf88c3bb3a412fd9e0f332a7d3a85e40b40da7bcaaa5 Loading...

	premium-sub.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=76d382490f300b06	51 kB	2023-03-11	2023-03-11
Pretty URL premium-sub.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=76d382490f300b06 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:00:16 Times Seen1 Hash 09dfe5294dd8faadfd124426fe3c0b08 e12a20c86dc994d6e6e09b8b5c2b36fe12cecc29 dae2bbb7be882bd3838393dff91ee139f366dd4bbd6946369410a40322c33112 Loading...

	premium-sub.com/gift-nitro	17 B	2023-03-07	2023-04-05
Pretty URL premium-sub.com/gift-nitro IP 172.67.158.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2023-04-05 02:12:11 Times Seen1946 Hash 8ff8851cc2351b1ece0667fc38808aca 1948720040e391039821b5f1e0ffb994f42af529 39dc54b6b6d6d57f0d76b09b6e775fa9bf57418049cbb68c31fa4176a8b81175 Loading...

	cutt.us/gift-nitro	81 B	2023-03-07	2023-11-18
Pretty URL cutt.us/gift-nitro IP 69.61.26.121 ASN #141518 Subhosting Innovations Pvt Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:42 Last Seen2023-11-18 14:45:55 Times Seen158 Hash 643f5e23a88ef60a202cd292ea400cc7 153ff41f7844abf5c3c482fd75d472c1871ed0fa d454c03397e8eea8461b90321397a7ac96ae534cfbc485e719ded5eae80ccdbc Loading...

	www.googletagmanager.com/gtag/js?id=UA-31510493-1	112 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-31510493-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:00:16 Times Seen1 Hash 8c5cf7473a5b77ac29c46d551dd9fec2 3330b4bf1a8407ec8990760759da6be127c99cff b57375756d3ebea4387b776409d711eae47888b5b373d7d0080d2b6bb4a8048c Loading...

	securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js	390 kB	2023-03-08	2023-03-11
Pretty URL securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js IP 216.58.207.194 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:38 Last Seen2023-03-11 23:53:02 Times Seen1 Hash 64fc849a9428412b7896345cfeb4acb4 81878c0ee1dc3cee6e61267efef87247c5240adf a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f Loading...

	ab28c88e95b0884012c6918082b28386.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	6.0 kB	2023-03-08	2023-04-05
Pretty URL ab28c88e95b0884012c6918082b28386.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html IP 142.250.74.65 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:46 Last Seen2023-04-05 02:11:40 Times Seen1002 Hash abe633e4330f24c35da7386440581948 fdf06e722fbabf2984cabbdfee1df36db4af58ae a684604f2e103614c222633bcd32ccd99c3ed5064340ebcc1c3413a28962a526 Loading...

	premium-sub.com/gift-nitro	2.9 kB	2023-03-11	2023-03-11
Pretty URL premium-sub.com/gift-nitro IP 172.67.158.200 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:00:16 Times Seen1 Hash 46e4015a69b6806a83e05a8d9437653e 794e3fa7fa5ea41ae9cc67c7ae12b00af07437e5 1d8f6c367e9c3816e6d449b5d866326e45f8a742bdd2ccc5f13177254e2f7a2c Loading...

	cutt.us/gift-nitro	425 B	2023-03-07	2023-04-05
Pretty URL cutt.us/gift-nitro IP 69.61.26.121 ASN #141518 Subhosting Innovations Pvt Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:42 Last Seen2023-04-05 02:10:45 Times Seen146 Hash 3b62d17c6e82f4dd020ada757de9de1d e64c2594a115f768ec70b4d0d457ff1cdd6b0b27 5de95c8dfa0b749a0b163cb68d1549547c0ba7341ca27557ff4980c09a9a7576 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 42c35559d6dba79c8339bf334ff29e87	704 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:00:16 Times Seen1 Hash 42c35559d6dba79c8339bf334ff29e87 2dc75430509567c9c4fc09ba8f03d3b2f3264601 b20dae64e251010a075602ab17606f601d01a9528ce797d3f2603fc27f5f4da0 Loading...

	#2 Eval - 70efa725f660990cc6701727e98c360b	769 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:07:04 Last Seen2023-07-11 03:19:46 Times Seen6035 Hash 70efa725f660990cc6701727e98c360b 04f4df4180629c6a1a8648630310794bfdb39eb8 cb2789441eb37a5d5520d68b778e5e1a0743c6d105076aa2e3be07147e0dc752 Loading...

	#3 Eval - 2980a13c6fbb4bad3d818b7b1ac54ccf	553 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:00:16 Times Seen1 Hash 2980a13c6fbb4bad3d818b7b1ac54ccf 59928cb8ddc3522e1f239e10eb89642ab5d3e7ae d0f99714db1db4b178459b0c88237ae081d19e73a9bb4830f07a20aba97fe0d1 Loading...

		Size	First Seen	Last Seen
	#1 Write - 467d82ac802ebf5b672ecdb8e02505e6	3.6 kB	2023-03-07	2023-07-11
Pretty Observations First Seen2023-03-07 01:02:24 Last Seen2023-07-11 15:29:01 Times Seen16478 Hash 467d82ac802ebf5b672ecdb8e02505e6 b3df725dd3285fd4618d65c08e83b8f08c8e4798 36d48aeb87174dbf8b0ea333d2042d9e198797bd33c3f849597981eacd619515 Loading...

HTTP Transactions (45)

	URL	IP	Response	Size
	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 2061bb5a62c7dbe5a39e49a98bf7d214 812ff4923fc0fa69fa7db7c362d5af728e297099 6f0c1ecd37ba47802a386c487e3c2eb1794a06e8b9f56e016326686e3d80ef92 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 1526 Cache-Control: 'max-age=158059' Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:24 GMT Last-Modified: Sun, 20 Nov 2022 18:48:58 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash eb76c0b3adf4098ad8a9d1e38250758f 99610ddb2b4ec6d04250ac244f966951695d4f00 01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB" Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5372 Expires: Sun, 20 Nov 2022 20:43:56 GMT Date: Sun, 20 Nov 2022 19:14:24 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e7724a1f27dc1b5b2fb63c7e486f74db ef0ea648ce8bc189d31382baec4b181c724af93b 2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E" Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5681 Expires: Sun, 20 Nov 2022 20:49:05 GMT Date: Sun, 20 Nov 2022 19:14:24 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	34.102.187.140	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 34.102.187.140:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 4d7e4eed097b9c4e5d509419f1cfc85a 290bb3d428a7c6330e2e3d73a952b16f820896c8 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 20 Nov 2022 18:45:01 GMT cache-control: public,max-age=3600 content-type: application/json age: 1764 alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: fucMoC+qoGMWAG/MfyOLw7iBUXSeT+P73E472uXv+1LcRCbxA4EAayI6TkBIW1h4K7LoqppSjls= x-amz-request-id: PSY3B8N90CX5AVZ3 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 20 Nov 2022 18:41:49 GMT age: 1956 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2cc5c29f006f3376137c885a8f171266 619d1366f7d0ebaa286600e57d2221bfb4b59747 8042c1a12bbc10a709581dc3ebf2a3f9e354998b98f89f0a8df5f98b82bb1574 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8042C1A12BBC10A709581DC3EBF2A3F9E354998B98F89F0A8DF5F98B82BB1574" Last-Modified: Sat, 19 Nov 2022 10:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12103 Expires: Sun, 20 Nov 2022 22:36:08 GMT Date: Sun, 20 Nov 2022 19:14:25 GMT Connection: keep-alive`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sun, 20 Nov 2022 19:14:25 GMT content-type: application/json content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	cutt.us/gift-nitro	69.61.26.121	200 OK	1.5 kB
URL HTTP/1.1 cutt.us/gift-nitro IP 69.61.26.121:0 ASN #141518 Subhosting Innovations Pvt Ltd File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2790) Size 1.5 kB (1457 bytes) Hash 665b38ebca88b486ebfd9491e519d63d bdebed2f6d9dad7883bfae974bd03f023c509c51 9d938b5398e8dc5a0634d8c7970e4fb75706b8f0751649802ed314719f72b9fd HTTP Headers GET /gift-nitro HTTP/1.1 Host: cutt.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: __utma=255283994.1205496422.1653661467.1653661467.1653661467.1; __utmz=255283994.1653661467.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none) Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/1.1 200 OK Server: Hotcores.com Date: Sun, 20 Nov 2022 19:10:44 GMT Content-Type: text/html; Charset=UTF-8;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Cache-Control: no-cache, must-revalidate, max-age=0 Pragma: no-cache X-Robots-Tag: noindex, nofollow I-AM: Alpha Strict-Transport-Security: max-age=31536000; includeSubdomains; Content-Encoding: gzip`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a16fd70048d81d63ac778964066b5fd5 8678fd9c7ef3f0b3a286e170e87bf59773f41881 fa9dd59489cb48e8509ce8297c3491823e446cdcde0f7393cd621b2abd0702dc HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=UA-31510493-1	142.250.74.168	200 OK	44 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-31510493-1 IP 142.250.74.168:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1921) Size 44 kB (43723 bytes) Hash dd74973b56cc82141c5e560ec60079bd ae472090df04111812ff8fa415e479e4bd097245 55a87aa02cbb29b8aa444051f4398edfaf9c1c8184c75d0db8946c67fb74579b HTTP Headers `GET /gtag/js?id=UA-31510493-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 20 Nov 2022 19:14:25 GMT expires: Sun, 20 Nov 2022 19:14:25 GMT cache-control: private, max-age=900 last-modified: Sun, 20 Nov 2022 18:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 43723 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash a16fd70048d81d63ac778964066b5fd5 8678fd9c7ef3f0b3a286e170e87bf59773f41881 fa9dd59489cb48e8509ce8297c3491823e446cdcde0f7393cd621b2abd0702dc HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash d5ccc6ed714b650846fefb0a8e24ca22 30521fa613dcb97b95ad3baab58c4446482d5061 ef46e9367b670662ae596685c5f27da1bf065e714ef2e86c65d5267a188d08d3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	34.102.187.140	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 34.102.187.140:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 20 Nov 2022 18:25:04 GMT cache-control: public,max-age=3600 age: 2961 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json alt-svc: clear X-Firefox-Spdy: h2

	www.googletagservices.com/tag/js/gpt.js	216.58.207.226	200 OK	27 kB
URL HTTP/2 www.googletagservices.com/tag/js/gpt.js IP 216.58.207.226:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (40310) Size 27 kB (27247 bytes) Hash c33528918caf443c4e63cdd06a65a919 b43feffb0e131fed2f9203277dbcb25ac0402c81 ed9b82268014ffe2c0b2ce882b1aa261afebc6c312876327d0e0a802b61bbfd8 HTTP Headers `GET /tag/js/gpt.js HTTP/1.1 Host: www.googletagservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK vary: Accept-Encoding content-encoding: gzip content-type: text/javascript cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs" report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin: * content-length: 27247 date: Sun, 20 Nov 2022 19:14:25 GMT expires: Sun, 20 Nov 2022 19:14:25 GMT cache-control: private, max-age=900, stale-while-revalidate=3600 etag: "1398 / 401 of 1000 / last-modified: 1668812924" x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	www.google-analytics.com/analytics.js	142.250.74.174	200 OK	20 kB
URL HTTP/2 www.google-analytics.com/analytics.js IP 142.250.74.174:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (1325) Size 20 kB (20039 bytes) Hash 47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e HTTP Headers `GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Sun, 20 Nov 2022 18:41:09 GMT expires: Sun, 20 Nov 2022 20:41:09 GMT cache-control: public, max-age=7200 age: 1996 last-modified: Tue, 27 Sep 2022 22:01:05 GMT content-type: text/javascript alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash d5ccc6ed714b650846fefb0a8e24ca22 30521fa613dcb97b95ad3baab58c4446482d5061 ef46e9367b670662ae596685c5f27da1bf065e714ef2e86c65d5267a188d08d3 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us	216.58.207.194	200 OK	32 B
URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us IP 216.58.207.194:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 32 B (32 bytes) Hash 6a25915591f4dc7ff02016d9d0a7f591 ef6f0d1fdb5696e75e85ec057dc212a8e21d5c18 6e50ade02efd3f6a6fc8f6caf3b66aab87ce816ef0fad48bf388b1fa680fec88 HTTP Headers `GET /pagead/ppub_config?ippd=cutt.us HTTP/1.1 Host: securepubads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://cutt.us Connection: keep-alive Referer: https://cutt.us/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * date: Sun, 20 Nov 2022 19:14:25 GMT expires: Sun, 20 Nov 2022 19:14:25 GMT cache-control: private, max-age=3600, stale-while-revalidate=3600 content-type: application/json; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 32 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Sun, 20-Nov-2022 19:29:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js	216.58.207.194	200 OK	132 kB
URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js IP 216.58.207.194:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (65395) Size 132 kB (132177 bytes) Hash 3308ca8addf332f89a8f9ae5fada3b60 69a0af021add1aa44292528532ef632aff2ab1d0 7c1c9e093bf8e56cf2ba9af1d8cfc092f7a98c4b9472abc3257147aa97ec0ee3 HTTP Headers `GET /gpt/pubads_impl_2022111501.js HTTP/1.1 Host: securepubads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs" report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin: * content-length: 132177 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Sun, 20 Nov 2022 17:15:00 GMT expires: Mon, 20 Nov 2023 17:15:00 GMT cache-control: public, immutable, max-age=31536000 last-modified: Tue, 15 Nov 2022 09:35:23 GMT content-type: text/javascript age: 7165 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	cutt.us/favicon.ico	69.61.26.121	200 OK	34 kB
URL HTTP/1.1 cutt.us/favicon.ico IP 69.61.26.121:0 ASN #141518 Subhosting Innovations Pvt Ltd File type MS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size 34 kB (34298 bytes) Hash ce5b2cfb326ff4b2579b79ce601a4877 afeb1aa32be59849ad83e9cb4a8e02a6fb3c0c5a 8f047469a1cb0c72bb0d65f14d8b633eeb071d419cc80a38663a2e5ba867e8f9 HTTP Headers GET /favicon.ico HTTP/1.1 Host: cutt.us User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/gift-nitro Cookie: __utma=255283994.1205496422.1653661467.1653661467.1653661467.1; __utmz=255283994.1653661467.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none) Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin `HTTP/1.1 200 OK Server: Hotcores.com Date: Sun, 20 Nov 2022 19:10:44 GMT Content-Type: image/x-icon Last-Modified: Tue, 07 May 2013 07:26:19 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"5188ac9b-1855e" Expires: Sun, 27 Nov 2022 19:10:44 GMT Cache-Control: max-age=604800 Strict-Transport-Security: max-age=31536000; includeSubdomains; Content-Encoding: gzip`

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 27138f8625c320bd1434ccd92263b641 6a8f18728c9f324c1c631ffc85901d84ec4d0e0c 02338368cfa2325e8463bd169cb0ad4df2967ca4260b75bc665cd0836e90e9f4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3560 Cache-Control: max-age=139908 Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Etag: "6379ee2d-1d7" Expires: Tue, 22 Nov 2022 10:06:13 GMT Last-Modified: Sun, 20 Nov 2022 09:06:53 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 801bfa5219b8edbae22ab4be73ea5f1b 6795d174c6af1841ff34a78c0723c8fd9a69bdce 5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0221df1d0f7ec47514a03758ce83f18f 59aaf8e97c727c44933ad992e2d7202f9aee236e 3497027e232c118c1a2484226c8f0eda34db55fa03728990c43bdf7f418acae4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	adservice.google.com/adsid/integrator.js?domain=cutt.us	142.250.74.66	200 OK	100 B
URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=cutt.us IP 142.250.74.66:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 100 B (100 bytes) Hash 917951a58be8c6c6f3680159550ba3c2 21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4 cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac HTTP Headers `GET /adsid/integrator.js?domain=cutt.us HTTP/1.1 Host: adservice.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." timing-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: private, no-cache, no-store content-type: application/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Sun, 20 Nov 2022 19:14:25 GMT server: cafe content-length: 100 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	adservice.google.no/adsid/integrator.js?domain=cutt.us	142.250.74.98	200 OK	100 B
URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=cutt.us IP 142.250.74.98:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 100 B (100 bytes) Hash 917951a58be8c6c6f3680159550ba3c2 21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4 cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac HTTP Headers `GET /adsid/integrator.js?domain=cutt.us HTTP/1.1 Host: adservice.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." timing-allow-origin: * cross-origin-resource-policy: cross-origin cache-control: private, no-cache, no-store content-type: application/javascript; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: gzip date: Sun, 20 Nov 2022 19:14:25 GMT server: cafe content-length: 100 x-xss-protection: 0 alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0221df1d0f7ec47514a03758ce83f18f 59aaf8e97c727c44933ad992e2d7202f9aee236e 3497027e232c118c1a2484226c8f0eda34db55fa03728990c43bdf7f418acae4 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 801bfa5219b8edbae22ab4be73ea5f1b 6795d174c6af1841ff34a78c0723c8fd9a69bdce 5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:25 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ab28c88e95b0884012c6918082b28386.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html	142.250.74.65	200 OK	2.7 kB
URL HTTP/2 ab28c88e95b0884012c6918082b28386.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html IP 142.250.74.65:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657) Size 2.7 kB (2653 bytes) Hash e8ee9c011ff8e1f464e74c37113119ee 64ad72134ea05877de0f2b6503f5c0d8c3f78197 09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303 HTTP Headers GET /safeframe/1-0-40/html/container.html HTTP/1.1 Host: ab28c88e95b0884012c6918082b28386.safeframe.googlesyndication.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/html cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs" report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin: * content-length: 2653 date: Sun, 20 Nov 2022 19:14:26 GMT expires: Mon, 20 Nov 2023 19:14:26 GMT cache-control: public, immutable, max-age=31536000 last-modified: Thu, 03 Nov 2022 19:10:08 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	push.services.mozilla.com/	52.38.139.17	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.38.139.17:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: UYljqKjv9E0ybGOLUdGiUw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: KN23MzsKojiqr+CgZwramgGOj6M=`

	pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env	216.58.207.194	200 OK	11 kB
URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env IP 216.58.207.194:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (14849), with no line terminators Size 11 kB (11205 bytes) Hash 68419d5a6a9e3f64ae4336056be38f2d df6aa4f04a1598f6c3dcf831c909cfcb72e97bf8 3d57818bd192ce3c644d47577076ca05f3b243540c06f66f18e2bc89734314a9 HTTP Headers `GET /getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://cutt.us Connection: keep-alive Referer: https://cutt.us/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * content-type: application/json; charset=UTF-8 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br date: Sun, 20 Nov 2022 19:14:26 GMT server: cafe content-length: 11205 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2

	ocsp.pki.goog/s/gts1p5/Tzp5rd7FfQ0	142.250.74.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Tzp5rd7FfQ0 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 4dbea271557d7e098cf70b45afd54d4f 335a3b5a4d57a44e460e09088f0414a9a1502cb6 742796505f25abd7d373bff284a32ecbdf0eecc76ba379fbd2d28b7060da4e98 HTTP Headers `POST /s/gts1p5/Tzp5rd7FfQ0 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 20 Nov 2022 19:14:26 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	premium-sub.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=76d382326e53b4ed	172.67.158.200	200 OK	42 B
URL HTTP/2 premium-sub.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=76d382326e53b4ed IP 172.67.158.200:0 ASN #13335 CLOUDFLARENET File type GIF image data, version 89a, 1 x 1\012- data Size 42 B (42 bytes) Hash d89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 HTTP Headers `GET /cdn-cgi/images/trace/jsch/js/transparent.gif?ray=76d382326e53b4ed HTTP/1.1 Host: premium-sub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://premium-sub.com/gift-nitro Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK date: Sun, 20 Nov 2022 19:14:26 GMT content-type: image/gif content-length: 42 last-modified: Tue, 15 Nov 2022 18:09:42 GMT etag: "6373d5e6-2a" server: cloudflare cf-ray: 76d382331fa2b4ed-OSL x-frame-options: DENY x-content-type-options: nosniff vary: Accept-Encoding expires: Sun, 20 Nov 2022 21:14:26 GMT cache-control: max-age=7200, public accept-ranges: bytes X-Firefox-Spdy: h2`

	premium-sub.com/cdn-cgi/styles/challenges.css	172.67.158.200	200 OK	3.1 kB
URL HTTP/2 premium-sub.com/cdn-cgi/styles/challenges.css IP 172.67.158.200:0 ASN #13335 CLOUDFLARENET File type data Size 3.1 kB (3075 bytes) Hash 0cd2faaa98428a7a01c94b18aaef2dd5 b6b541e408ad51ce2cb2b70b85c98cd4922bff9e d95767470957571139d9d039fce9955aa3ce2b7e5ed3b11b0c70746e49f8a1fc HTTP Headers `GET /cdn-cgi/styles/challenges.css HTTP/1.1 Host: premium-sub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://premium-sub.com/gift-nitro Connection: keep-alive Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` `HTTP/2 200 OK date: Sun, 20 Nov 2022 19:14:26 GMT content-type: text/css last-modified: Tue, 15 Nov 2022 18:09:42 GMT etag: W/"6373d5e6-1896" server: cloudflare cf-ray: 76d38232ff70b4ed-OSL x-frame-options: DENY x-content-type-options: nosniff vary: Accept-Encoding expires: Sun, 20 Nov 2022 21:14:26 GMT cache-control: max-age=7200, public content-encoding: gzip X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95" Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7746 Expires: Sun, 20 Nov 2022 21:23:33 GMT Date: Sun, 20 Nov 2022 19:14:27 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95" Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7746 Expires: Sun, 20 Nov 2022 21:23:33 GMT Date: Sun, 20 Nov 2022 19:14:27 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95" Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7746 Expires: Sun, 20 Nov 2022 21:23:33 GMT Date: Sun, 20 Nov 2022 19:14:27 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11562 bytes) Hash 907cdf495815b066cbeaccd9c862c544 6082de99b599bc3c9ce14e2641a2bf60f9f187d8 fbccb495391bba54b463e8c4eaf3207af00b098c4b5f816011d240257aa56f6c HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19c1a99-6290-4f30-afcf-c426abf8c229.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11562 x-amzn-requestid: f01b0409-b43d-4d9c-92c0-0023c5e49d58 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b3jV_GDmIAMFvqA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63794c26-69366c73760dcd5b72634f73;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:34 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: pvgyUJPVgG_PrCetQXIXLgxyEBar2nMFywc6HracpnEsn2tiCw_Pfg== via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google date: Sat, 19 Nov 2022 21:42:03 GMT age: 77544 etag: "6082de99b599bc3c9ce14e2641a2bf60f9f187d8" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 798ef0955be535268547903e74dacfcd 782823486f9ded693609cade264d1950e816f7d0 75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95" Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7746 Expires: Sun, 20 Nov 2022 21:23:33 GMT Date: Sun, 20 Nov 2022 19:14:27 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11915 bytes) Hash 2dcdeb5df10dd86dbc155dbefc4fd72b b0a20213cdedc7fa472dbdad4e1152152009433e ba98ae058e591f010056de61cdc58e09b5a2742be08421e0ba57ac2a0de36422 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2640ea-cb67-4da2-9989-09bf608bd138.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11915 x-amzn-requestid: 93e2bad9-148f-4b10-9c07-8ab77bcaafcf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b3jW6F0BoAMFU3Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63794c2c-19e415980648396973718d73;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 21:35:40 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: 3vxezxpU1re737vRthcDcV3hDb1NAhhZrslBYjIHE7hdtD40FslmzA== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google date: Sat, 19 Nov 2022 22:35:16 GMT age: 74351 etag: "b0a20213cdedc7fa472dbdad4e1152152009433e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg	34.120.237.76	200 OK	9.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.8 kB (9798 bytes) Hash a41f9693b9247dcce6c2340bb5c02828 e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e aa23cead1d44bf9db22654eb14113ef356d4ac972d301969c02803964418d556 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F175348d8-bd72-46a1-a737-9e442ab4231c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9798 x-amzn-requestid: abab4eb2-0a35-4113-8a52-e07c08f069cd x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bkiY2HXCoAMFVrQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6371b105-1cb176423ca3231a093cc4c7;Sampled=0 x-amzn-remapped-date: Mon, 14 Nov 2022 03:07:49 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: AteeNwLYPSC1iY1VYtQ85S3UrUXPURhvQrTCc2uCTZD7gyBPGfoghw== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google date: Sun, 20 Nov 2022 17:23:16 GMT age: 6671 etag: "e982a3a8a8c6baac9d1676ad93646d6c4cd9f58e" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11249 bytes) Hash 481c033b9ffd030ff0de6e35cf788b47 85d3baad9217af2b5d75c019d2ef95dbb919a788 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11249 x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: bubSsHbZoAMFZNg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0 x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT x-amz-cf-pop: SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: iGM_HV13dzz5eOswbOJfjj14jlFW4jy2YsW7eJumS_TM5TxxG8VMwQ== via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google date: Sun, 20 Nov 2022 03:36:47 GMT age: 56260 etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg	34.120.237.76	200 OK	9.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 9.7 kB (9653 bytes) Hash 79ccaf63b8e37223509518f540b26f54 fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71 950ae082472515d39c9e3440cee399376e99840651ff04c4d2581951e44163de HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032a7640-4af2-49ea-b184-de5b0ed996a4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 9653 x-amzn-requestid: 06932e2b-59fa-4e05-aad3-65d7e2045e13 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b3i5fHJEoAMF8Mw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63794b6f-0062640e7868cf664bcf26d2;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 21:32:31 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: 6eFgEWflu3zqDd4J838DeZiPxNafliBVrce95D_29-oviwINWR2bkw== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google date: Sat, 19 Nov 2022 21:41:44 GMT etag: "fd48bd3737d35bc53a0ec4593c8769ea9fe1cc71" content-type: image/jpeg age: 77563 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10330 bytes) Hash a5447e0a57fbd65d5f719786842dfb40 68dbd2b4ecedb47d3f47bc3690336fe0f3fd3fe6 b6f69c679ecb9978c12f9fc5e03531250e1e13327ac0337532317b91d2ede502 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb73669f-154c-41e7-aadd-11587277938d.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10330 x-amzn-requestid: c6df2fa3-53ad-4f43-ab26-8754ce25c421 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b3jdVGY0oAMF_2w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63794c55-0dd776a50b4a8fbb5b29ccae;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 21:36:21 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: sKTa_b92EIi4H8YgHoEJCm8rVgdfCFJ91I1UNkGLzsPQVOI10I9d7w== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google date: Sat, 19 Nov 2022 22:17:10 GMT age: 75437 etag: "68dbd2b4ecedb47d3f47bc3690336fe0f3fd3fe6" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	premium-sub.com/favicon.ico	172.67.158.200	200 OK	61 kB
URL HTTP/2 premium-sub.com/favicon.ico IP 172.67.158.200:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (17346), with CRLF line terminators Size 61 kB (61246 bytes) Hash 956a64b024c597bb80fa349f1c77d827 aa2ee2929a2ba8b3517fc66209df6ce1ce0f1bfb ee9067b7a99940d3d4f43329e57f151d09bb6ed2921e443183d2cd07bc380d11 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: premium-sub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://premium-sub.com/gift-nitro Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers` HTTP/2 200 OK date: Sun, 20 Nov 2022 19:14:26 GMT content-type: text/html; charset=UTF-8 cache-control: max-age=14400 cf-cache-status: HIT age: 5677 last-modified: Sun, 20 Nov 2022 17:39:49 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuEnPY%2FAIzx7oexDPLPVzevFskgFCxo720DhhvTfKdGdmkeBom5wRVUlalp5%2FhO1PKgC5Do289%2FWAiA%2BEvMMQ4ZkZxkuT3g1Q3VrcZ1RHsZD6jD2LBtyOXaCNd2LNx3dZsA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 76d38232ff74b4ed-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	premium-sub.com/gift-nitro	172.67.158.200	503 Service Unavailable	0 B
URL HTTP/2 premium-sub.com/gift-nitro IP 172.67.158.200:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /gift-nitro HTTP/1.1 Host: premium-sub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cutt.us/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` HTTP/2 503 Service Unavailable date: Sun, 20 Nov 2022 19:14:26 GMT content-type: text/html; charset=UTF-8 x-frame-options: SAMEORIGIN cross-origin-embedder-policy: require-corp cross-origin-opener-policy: same-origin cross-origin-resource-policy: same-origin referrer-policy: same-origin permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Thu, 01 Jan 1970 00:00:01 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBLPUwbb7m6mbSixWs01s67BQbskjhPrKuVreSZdQoBu%2BlPEuBJ8o%2Ftmfiy6GIcBytV62ZKLyIQa9GJxZlOljKlmvHFEn%2FV0HYIcikQWyHFkUOiiWEbhADKCmtUWQN2Q9dw%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 76d382326e53b4ed-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	premium-sub.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=76d382326e53b4ed	172.67.158.200	200 OK	0 B
URL HTTP/2 premium-sub.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=76d382326e53b4ed IP 172.67.158.200:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=76d382326e53b4ed HTTP/1.1 Host: premium-sub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://premium-sub.com/gift-nitro?__cf_chl_rt_tk=jQJK7W7i65M7u2dqpUwOExjjYmeCO8ZMdOUm_e9mYH8-1668971666-0-gaNycGzNCD0 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Sun, 20 Nov 2022 19:14:26 GMT content-type: application/javascript; charset=UTF-8 cache-control: max-age=0, must-revalidate report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijDDUAUD4BPg26AGSo%2B2qwwhlPB8uSQ3pt146B4sMOvrWdE12krPC5E2wpozFLqDQ%2BApPHd3AgM10%2FmlSvTG22e62Ii59sEIuUTW7Bv1ttI8Gkb5ZtDwrn3czMNFQnWQ5xY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 76d382332fd1b4ed-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations