| cutpaid.com/v7MyF |  104.21.48.87 | 301 Moved Permanently | 0 B |
IP104.21.48.87:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v7MyF HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 11:11:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 12:11:13 GMT
Location: https://cutpaid.com/v7MyF
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FG74%2FkW%2F9jmTxRDMcQcOOVS1YZa78ADdAFAdLjMPlLTYEPVqAhRIcfmcY3LBXKZ%2BBQHYgnqj3cNpvTAa6eDmk4WyuEZtfdzQxUtPmLG69gIMGtXPf3zvZ92gsOLWPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751c097ecfe3b51d-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ |  143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 10:17:40 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0_0pusjQllehHYat2_vA9LUFOzAfxyEqkVdtgnLP0DyAlsHabcsSYQ==
Age: 3213
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash7fb7c70f7f4e2cee27eb0e7d875931f7 98fca3817a551b1daecebae103a48e718b8b5a53 2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4625
Expires: Wed, 28 Sep 2022 12:28:18 GMT
Date: Wed, 28 Sep 2022 11:11:13 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash8afc4649e99d0e42b9bf5b133eebed5c e3e7e0e614af3262b74bd4b6267ef23293bdb5f0 e16e8b782b441ecb9a57c3fc3db9884b5a3034967b846cca67b2f53644fcabdf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E16E8B782B441ECB9A57C3FC3DB9884B5A3034967B846CCA67B2F53644FCABDF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17735
Expires: Wed, 28 Sep 2022 16:06:48 GMT
Date: Wed, 28 Sep 2022 11:11:13 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bfZNslscAhdkcxFoGw6RQJo/ihrmsu2719GIwcMkF6XFMdC9g3NUJ3U6rKlyibJE/WImaXWZcfA=
x-amz-request-id: VA127FW9S55N1JJN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Sep 2022 10:50:00 GMT
age: 1273
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 11:11:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| i.imgur.com/4nDF4PP.png |  151.101.84.193 | 200 OK | 7.0 kB |
IP151.101.84.193:0
File typePNG image data, 250 x 72, 8-bit/color RGB, non-interlaced\012- data Hashcb7480a0a433fd916168ba91ae24e8e8 f49c10d3ac373780ba6ede61e67909cb45c2403d d3fbcdbb65aec7adf8d368f0540eb7abf08e83cf8d42742003df35abba13c75e
GET /4nDF4PP.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Oct 2018 03:18:48 GMT
etag: "cb7480a0a433fd916168ba91ae24e8e8"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 28 Sep 2022 11:11:14 GMT
age: 2573099
x-served-by: cache-iad-kjyo7100044-IAD, cache-bma1621-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664363474.339904,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6966
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash5e01e4cfb215a3f052b4c716bc77c1a6 6e63b3e883051319571310c44b87591f0312d83f aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 11:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashe2875a9e06f892f0d4fa46c0f98a1c49 9c0e332f55a592367b602494642ee2127699b543 74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 11:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 10:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 11:23:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 496RPzPr_OimWDHE1feiVo14mVCZ9u6SllalFicZ8tX4hQag03CDIQ==
Age: 2501
|
|
| www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit | 142.250.74.164 | 200 OK | 582 B |
URL HTTP/2www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP142.250.74.164:0
File typeASCII text, with very long lines (918), with no line terminators Hasha95f9ce15802d35208e90ea5ec44bc6b ead07a1c08854e335dfbaa79880a5f595aa7fab0 58caaaa776a7d2503f90633534bb737e575fc015255898823aec137cbe74c65f
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 11:11:14 GMT
date: Wed, 28 Sep 2022 11:11:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 36 kB |
IP142.250.74.3:0
Hashbdba05f2fa1abe46eadb7db9978053e6 b5d5ad2d9651db13e84f8aaca6cdde39bf27e9ae 4563ac2f2171ec6ccd5b35a682420597d2de0db58a5928fa19d056e0acb0af4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 11:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 61 kB |
IP142.250.74.3:0
Hash83dd3ecf91bc951acf8568cbd4ee1d65 4c2e734af33cbd2416c93b51c294d11d8c515d9e 8587abdea6e4565cee7c53177c2b5efebe4251daa5f51fb75390b50fc074ebc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 11:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3526d5ce1381ba26cbc553db057e1915 fe01c920696448e8bf12e6fff877bce8281d34a2 09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6555
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 11:11:14 GMT
Last-Modified: Wed, 28 Sep 2022 09:21:59 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfc82211401f793132f7d43c2fd253af5 605d8371709b5d2a41967fd390c34fa649f89ea3 b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 11:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 | 142.250.74.10 | 200 OK | 1.1 kB |
URL HTTP/2fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 IP142.250.74.10:0
Hash14d5dd88cfcac09097b7ecb4406f332f 81f8decea00bc1716d7c4a85214dd01f9a446288 ae349acd304d9d087edd0b290fa310802605c34f6a5b9ea78861e8d6ddac6043
GET /css?family=Montserrat:400,700%7CMuli:300,300i,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 11:11:14 GMT
date: Wed, 28 Sep 2022 11:11:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 142.250.74.163 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Hashac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:40:18 GMT
expires: Fri, 22 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 498656
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 | 142.250.74.163 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data Hashea2343c7dccad57360fb611d67204445 b603d9e68bb1ed5e4b33d5e31121160cb4d23452 2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 06:19:56 GMT
expires: Fri, 22 Sep 2023 06:19:56 GMT
cache-control: public, max-age=31536000
age: 535878
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashfc82211401f793132f7d43c2fd253af5 605d8371709b5d2a41967fd390c34fa649f89ea3 b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 11:11:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 54.149.101.24 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.101.24:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3qep8Xgj0ft1Bjt0L1k0sQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UJl28quIOsKX11SCvCeV0T+zAKc=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash072de2300e830c020d018abfdb66ffd4 0e03054c4fe1c87ca979ca057879350e2139f8a9 12f85beb657417033d09c25848bb494cdd7600e75f8a81eb90eb964fd415d173
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12F85BEB657417033D09C25848BB494CDD7600E75F8A81EB90EB964FD415D173"
Last-Modified: Tue, 27 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 28 Sep 2022 17:11:14 GMT
Date: Wed, 28 Sep 2022 11:11:14 GMT
Connection: keep-alive
|
|
| plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js | 192.243.59.20 | 200 OK | 20 kB |
URL HTTP/1.1plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (59410), with no line terminators Hash2207841b91bdfbf6a3c024b9b623e055 753115c0692cfa68e8bc7d2a321fab506c72612c 137187037c681ee4fc62de0c08f18cdbcfa5ff7d040443c8fb04f6611bdef95b
GET /7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js HTTP/1.1
Host: plungebriefinggladly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 11:11:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fcbf131b69b33fd75dd4f7d715fbdba0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2917b8abe74403bc4f20b2eed1ac39a2 8421735ad0b1729a0f3467a5fb0fe06db7a6a5fc 6389a79fa621d32138dab9c0fab190c515288ef534b023cc909a156979fcef39
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14314
Expires: Wed, 28 Sep 2022 15:09:49 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.88 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.88:0
Hashb3d6b07e3998c6d4341acb2b263e609e 12e3561297d635de3fbd5212e2ae66a6e91ac673 534a36edebee87dbf492d6b5895e47385e65849b261348ab3623a8e17dc323cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 11:11:15 GMT
Last-Modified: Wed, 28 Sep 2022 09:36:24 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: A-Y7BSmYkBbLat9CnALZb49tHhIx8uBAuCgBhKqBzbiqWCHqbJjIBg==
Age: 5691
|
|
| simplewebanalysis.com/stats |  3.66.118.16 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP3.66.118.16:0
File typeASCII text, with no line terminators Hashe55214e28c3c11be3138a974f3537e88 46fc2a61962d583fc937acde8ae685bd9d8a45b6 c8ec07750bd2dad7f1c3425e3f6dbda8cd96ff405c74c1f53f10872daebb7b0e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cutpaid.com
access-control-allow-credentials: true
set-cookie: uid_id2=b58f4d46-1832-4957-8f09-492605da690a:2:1; expires=Sat, 25 Sep 2032 11:11:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2917b8abe74403bc4f20b2eed1ac39a2 8421735ad0b1729a0f3467a5fb0fe06db7a6a5fc 6389a79fa621d32138dab9c0fab190c515288ef534b023cc909a156979fcef39
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "6389A79FA621D32138DAB9C0FAB190C515288EF534B023CC909A156979FCEF39"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14314
Expires: Wed, 28 Sep 2022 15:09:49 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0fc75051e565c146221c672a81acaf9b 495ab7020de0f4d36fedbe299b55e59208873585 c32bb7797983bc31f79381513a9127523ecb1e37db6f7a7ba9bdf26b3204a68a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C32BB7797983BC31F79381513A9127523ECB1E37DB6F7A7BA9BDF26B3204A68A"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9082
Expires: Wed, 28 Sep 2022 13:42:37 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash0fc75051e565c146221c672a81acaf9b 495ab7020de0f4d36fedbe299b55e59208873585 c32bb7797983bc31f79381513a9127523ecb1e37db6f7a7ba9bdf26b3204a68a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C32BB7797983BC31F79381513A9127523ECB1E37DB6F7A7BA9BDF26B3204A68A"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9082
Expires: Wed, 28 Sep 2022 13:42:37 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash139d64e28724086d1d5ab6d2f534ff25 2c717905e83564a17bd8ca61dd934133416f629b a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15026
Expires: Wed, 28 Sep 2022 15:21:41 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash139d64e28724086d1d5ab6d2f534ff25 2c717905e83564a17bd8ca61dd934133416f629b a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15026
Expires: Wed, 28 Sep 2022 15:21:41 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash139d64e28724086d1d5ab6d2f534ff25 2c717905e83564a17bd8ca61dd934133416f629b a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15026
Expires: Wed, 28 Sep 2022 15:21:41 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg | 34.120.237.76 | 200 OK | 13 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashad84ed0c5b2090df7996007514cf1984 651600f2ef18cecc2e38370069bbb5e1d86f68e0 a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 48071
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg | 34.120.237.76 | 200 OK | 9.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashf3e1fd3401c5e635a8dbeec5f78b721d 2142075b27d0d355c51231ab06fea46e25eb9c59 2e17a43985b624e6b6592d402c36dd45b915cd6e1ac84e187c18c46420eb9a1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02722822-e024-44b9-8ec1-48ec9500ca58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9733
x-amzn-requestid: fff8214b-48f7-4b45-bd91-69ea4db871d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCAWhG9HIAMFloQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330adc3-1cffa63711378c525e49e11d;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 19:36:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: L2Of12XTKmTF2EPL4MHpJvBW7GNS8gSRs3FuUMB-RUpTZaY8ew_o_w==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 05:26:00 GMT
age: 20715
etag: "2142075b27d0d355c51231ab06fea46e25eb9c59"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4b794c6812cb546de0295e087ebe66a7 a54803cca7d3c509c195f65961e1110c8ec56f55 6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 48157
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6139c878a7d2bd32c61fc8287996eb5b 9c4692ea64832895fbd107d91f879728b6a440c7 3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 48137
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg | 34.120.237.76 | 200 OK | 5.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash46e31aa06b8e86a9a5f9ba1cc3feca08 75df3341e30281fcbf78c7074980356fdf0be8e2 d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:32:06 GMT
age: 49149
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashaa5cad224dbddd71881bd07255beb4da bc214d60be395d4cf753216ff8f9691c33d25e75 82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 48312
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash904a8d4d380c2afb0f06401ce4c8491e 6c09e83415a209d302caba25187cae51fb998e9e 10724ff231265f6c0da44eb9ade0a936362252cad64cbcebb1d4414f4985730a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10724FF231265F6C0DA44EB9ADE0A936362252CAD64CBCEBB1D4414F4985730A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8110
Expires: Wed, 28 Sep 2022 13:26:25 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| s10.histats.com/js15_as.js |  46.105.201.240 | 200 OK | 4.4 kB |
URL HTTP/2s10.histats.com/js15_as.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (11440), with no line terminators Hashed192092c129db6123a3397855f42619 067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e 998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:07:01 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 551223502
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
|
|
| dictatepantry.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js | 192.243.59.20 | 200 OK | 13 kB |
URL HTTP/1.1dictatepantry.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37116), with no line terminators Hash86640e6758baf1ae3a998e85f853f046 8ec868aeec488abcf4c7e605836dc1347f57b150 15604237ff02d27815631ac53d93b781ae700dc4338836649dfb71f1fbb3bbba
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 11:11:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: acaf4c910b868aa9e3c7a4d1b833923b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| dictatepantry.com/pixel/purst?dl=0&th=0&sc=0&rs=1515&rd=1515&fd=967&bv=22.8.v.1&tmpl=70 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1dictatepantry.com/pixel/purst?dl=0&th=0&sc=0&rs=1515&rd=1515&fd=967&bv=22.8.v.1&tmpl=70 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1515&rd=1515&fd=967&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 28 Sep 2022 11:11:15 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashbf270d8d16a1ec6ea1d489320f6f04c9 eb510c01136cdb1f79aae200730a6d2b798489df 4bdbb015229744095c9f75a84aefb115f57e0d363e8d9af43268e66592971cb4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDBB015229744095C9F75A84AEFB115F57E0D363E8D9AF43268E66592971CB4"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4379
Expires: Wed, 28 Sep 2022 12:24:14 GMT
Date: Wed, 28 Sep 2022 11:11:15 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash3abd787e77629e21daa6606aeae67118 18be3a2080869ae7cde7053504d2ed5188406fda bb630a804424bd198b8b534ab48c40a42c7b9e3996676523aaab0d8e0e3b1233
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6558
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 11:11:16 GMT
Last-Modified: Wed, 28 Sep 2022 09:21:58 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
|
|
| banquetunarmedgrater.com/advertisers.js | 192.243.59.13 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 11:11:16 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd11581f53b129299138e538cea95403
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| creepingbrings.com/sfp.js | 172.64.199.30 | 200 OK | 27 kB |
URL HTTP/2creepingbrings.com/sfp.js IP172.64.199.30:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash17d0f819a59b93bb6c4c3e7ada28654e e2931d455e92133f5a006780d0838cff0ed795ca d760e821472c34def9492414b67bd134740dd05db7077560c90fbf42a87e6e11
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 727f6a50159c82869062b9c147bc70f7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 11:11:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NP10LVtOrOLQ4IxIbRlP1CQqWbz51vkRPh9gv4RmPmUXSdrSZf6WNfB5NYr8JGKJbi1SafHAaUyiN2APBpoMxvlZtgYMLlpKlLkpLrmgEDaTOnTDdGtTl0N%2B%2F5Z%2Fh5eorcPcGLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751c098d2bfb7725-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664363473416&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:-66695426&@b3:1664363473&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2Fv7MyF&@w |  192.99.13.63 | 200 OK | 51 B |
URL HTTP/1.1s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664363473416&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:-66695426&@b3:1664363473&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2Fv7MyF&@w IP192.99.13.63:0
File typeASCII text, with no line terminators Hash8fbdb08427136a85e4e68137ec42e457 65a7132f47648f0a0805cf4d02a37a2724a18297 e655088a1f2bb1be0b4721fa23c113d9bcabfe1e1469c868e4ceed96e171dee7
GET /stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664363473416&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:-66695426&@b3:1664363473&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2Fv7MyF&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 11:11:16 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
|
|
| s10.histats.com/counters/cc_1034.js | 46.105.201.240 | 200 OK | 5.5 kB |
URL HTTP/2s10.histats.com/counters/cc_1034.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (15333), with no line terminators Hashce205bf9427d1fc8a6d26329c3811f67 807840d7c9174fcab11a9d4520538a19d8effadc b167e0e8b5c1c0d7d4ef6b1050cba84e150e0aa62f9bdc128fc5c68fca8473ed
GET /counters/cc_1034.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:02:38 GMT
etag: "-241208617"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 558465197
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5479
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash53782208b7ce3b6005a6f7145c73e056 d884a119eed52dfbc17f09c2a9050b4a240396fa 7b4877c2b9abd4c331fecf3e19f94e3c772334592902aff8a57aa8e22eb34058
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B4877C2B9ABD4C331FECF3E19F94E3C772334592902AFF8A57AA8E22EB34058"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3147
Expires: Wed, 28 Sep 2022 12:03:43 GMT
Date: Wed, 28 Sep 2022 11:11:16 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd82b25fc59d5b0f593e785bc6feafd7d 08b7e76feb669822d6f7e602a70f8b6f723062d0 182334d41b2e7516c55ddc2b220cff094121c12a120613b99642989c9627a2e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "182334D41B2E7516C55DDC2B220CFF094121C12A120613B99642989C9627A2E7"
Last-Modified: Wed, 28 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10986
Expires: Wed, 28 Sep 2022 14:14:23 GMT
Date: Wed, 28 Sep 2022 11:11:17 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd82b25fc59d5b0f593e785bc6feafd7d 08b7e76feb669822d6f7e602a70f8b6f723062d0 182334d41b2e7516c55ddc2b220cff094121c12a120613b99642989c9627a2e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "182334D41B2E7516C55DDC2B220CFF094121C12A120613B99642989C9627A2E7"
Last-Modified: Wed, 28 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10986
Expires: Wed, 28 Sep 2022 14:14:23 GMT
Date: Wed, 28 Sep 2022 11:11:17 GMT
Connection: keep-alive
|
|
| quarrelaimless.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=b58f4d46-1832-4957-8f09-492605da690a%3A2%3A1 | 192.243.61.225 | 200 OK | 3.3 kB |
URL HTTP/1.1quarrelaimless.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=b58f4d46-1832-4957-8f09-492605da690a%3A2%3A1 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- , ASCII text, with very long lines (5734), with no line terminators Hash78e65402b5f7d37699f97463dfb7a80a 868027cc26e060b2fe00a71f7ca1f65b291e1398 7f67ef060a492035b27950f9dfdecc1c108be6597c59c1746954492de03dc630
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=b58f4d46-1832-4957-8f09-492605da690a%3A2%3A1 HTTP/1.1
Host: quarrelaimless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 11:11:17 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutpaid.com
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16650200; expires=Thu, 29 Sep 2022 11:11:17 GMT; secure; SameSite=None
uid_id2=b58f4d46-1832-4957-8f09-492605da690a:2:1; expires=Wed, 05 Oct 2022 11:11:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 29 Sep 2022 11:11:17 GMT; secure; SameSite=None
uncs=1; expires=Thu, 29 Sep 2022 11:11:17 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 29 Sep 2022 11:11:17 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 29 Sep 2022 11:11:17 GMT; secure; SameSite=None
slec01ffd36dfbce3d569baf8d846cd7bc65=[3692933]; expires=Wed, 28 Sep 2022 11:11:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 354f30b5748b8ea76422bbd7fd4bec88
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| quarrelaimless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRidTXICJFSUC4ciH0AC0Ti79npt00NFCKkiQlO1IOCEZmd2nSGzO6uZHa9jLhEF1KP5B5vnpBGlVHBGRMipxCESUo2QCBKR%2BA2gHjggZDfC9Lt835v3Du9733y%2BZ8%2BIC0tPV99WfSElXW5U3crL73ve5cqGSG2v0msFHwb%2B5YruvtYOqu4rlasR21bLNddzXc%2F1KmtCR7HqLU9IiOxe26u23apfq3oNHz39JDbWgaEOePeMPAfBxwsPnEUINkKafLMame1cZZfeTKykudLo8sN30%2B1UFSmS2RhrB3F6eK6GMg%2FXjqDSg6ldqO5%2FwlCMifPjEcL08Nwkwu7%2B1GcoEaUI%2BdMouiNEcgRBR2DqFgR%2FSADGcW0TaXLnmtIF3XnM0gk7JguP%2FoQoxmTh90Wkyf0VKXqVm0raXKjUoBeXEL0RRGeEzB4j789BFMdg%2BScQ%2FCey%2FGgDabK%2FaaSC4Kcvho1W7HM%2FWPJa9dqS3240l1qx217y27XAbXAatF06DUiIEUQ8gowGoGYO1jiwwoGNHdjMQcJPK8zzvKbLGXVbbcbqvBmFAXc92ow96rlBC5ZNdhggzwZgcgCmd5HpXWyLAbT9AWarhOEOTE7Q5SWKiKAwBAUlKARBkRMU3fKAS1Mz5R0ujQ2981477%2FVyqPLOHj1QeSdKyV52Ri5Mg%2Fvn2V%2BxHZ1WXC%2BOeT3gcciiOm8E7ZDGLd7yA8abIQsaMKKEMHOgxkF%2FcsSvLyETY0K%2B%2BwshPYaRx2DiAqi9CFoMmzUXdGvot1z007t5ElGdVplKwFWJLF9AvuPsyTPy%2FNRF64PPELGTK5%2F2%2F7h6f%2FFjMF0i0yU%2BEg8IOvL28IYqyP4NVRjy7WaWi0T06eS0N3OaR%2FN334p2CqX5%2BqoZfPk6mxCT8d47kck3aMpF2jHkqxXBeaTXlGYR%2BX7dvBeF163ZWrE6tdnG9TfW1pNMR8YIlY5AJws%2B8xKYGJOnFv6e%2FtqLvx1B6BG0LZHYE3JeEOoYLNuFyWb%2BjZqHljNNmDkobDnUtXD2KAWBjGaYhiXM%2F3A4m%2FfMbXT0C6D5LaRJia4u0ZUlqBzA2PlhnumTKz%2FXp4VQOsNQamc%2FlFp%2B8ThcI04rzXrdpUG74TWbNGqGfq0VBx6ntOYHtSCgdeRmzPxXf%2FkXAAD%2F%2FwEAAP%2F%2FiuVmIYAEAAA%3D | 192.243.61.225 | 200 OK | 7 B |
URL HTTP/1.1quarrelaimless.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRidTXICJFSUC4ciH0AC0Ti79npt00NFCKkiQlO1IOCEZmd2nSGzO6uZHa9jLhEF1KP5B5vnpBGlVHBGRMipxCESUo2QCBKR%2BA2gHjggZDfC9Lt835v3Du9733y%2BZ8%2BIC0tPV99WfSElXW5U3crL73ve5cqGSG2v0msFHwb%2B5YruvtYOqu4rlasR21bLNddzXc%2F1KmtCR7HqLU9IiOxe26u23apfq3oNHz39JDbWgaEOePeMPAfBxwsPnEUINkKafLMame1cZZfeTKykudLo8sN30%2B1UFSmS2RhrB3F6eK6GMg%2FXjqDSg6ldqO5%2FwlCMifPjEcL08Nwkwu7%2B1GcoEaUI%2BdMouiNEcgRBR2DqFgR%2FSADGcW0TaXLnmtIF3XnM0gk7JguP%2FoQoxmTh90Wkyf0VKXqVm0raXKjUoBeXEL0RRGeEzB4j789BFMdg%2BScQ%2FCey%2FGgDabK%2FaaSC4Kcvho1W7HM%2FWPJa9dqS3240l1qx217y27XAbXAatF06DUiIEUQ8gowGoGYO1jiwwoGNHdjMQcJPK8zzvKbLGXVbbcbqvBmFAXc92ow96rlBC5ZNdhggzwZgcgCmd5HpXWyLAbT9AWarhOEOTE7Q5SWKiKAwBAUlKARBkRMU3fKAS1Mz5R0ujQ2981477%2FVyqPLOHj1QeSdKyV52Ri5Mg%2Fvn2V%2BxHZ1WXC%2BOeT3gcciiOm8E7ZDGLd7yA8abIQsaMKKEMHOgxkF%2FcsSvLyETY0K%2B%2BwshPYaRx2DiAqi9CFoMmzUXdGvot1z007t5ElGdVplKwFWJLF9AvuPsyTPy%2FNRF64PPELGTK5%2F2%2F7h6f%2FFjMF0i0yU%2BEg8IOvL28IYqyP4NVRjy7WaWi0T06eS0N3OaR%2FN334p2CqX5%2BqoZfPk6mxCT8d47kck3aMpF2jHkqxXBeaTXlGYR%2BX7dvBeF163ZWrE6tdnG9TfW1pNMR8YIlY5AJws%2B8xKYGJOnFv6e%2FtqLvx1B6BG0LZHYE3JeEOoYLNuFyWb%2BjZqHljNNmDkobDnUtXD2KAWBjGaYhiXM%2F3A4m%2FfMbXT0C6D5LaRJia4u0ZUlqBzA2PlhnumTKz%2FXp4VQOsNQamc%2FlFp%2B8ThcI04rzXrdpUG74TWbNGqGfq0VBx6ntOYHtSCgdeRmzPxXf%2FkXAAD%2F%2FwEAAP%2F%2FiuVmIYAEAAA%3D IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQW8bRRidTXICJFSUC4ciH0AC0Ti79npt00NFCKkiQlO1IOCEZmd2nSGzO6uZHa9jLhEF1KP5B5vnpBGlVHBGRMipxCESUo2QCBKR%2BA2gHjggZDfC9Lt835v3Du9733y%2BZ8%2BIC0tPV99WfSElXW5U3crL73ve5cqGSG2v0msFHwb%2B5YruvtYOqu4rlasR21bLNddzXc%2F1KmtCR7HqLU9IiOxe26u23apfq3oNHz39JDbWgaEOePeMPAfBxwsPnEUINkKafLMame1cZZfeTKykudLo8sN30%2B1UFSmS2RhrB3F6eK6GMg%2FXjqDSg6ldqO5%2FwlCMifPjEcL08Nwkwu7%2B1GcoEaUI%2BdMouiNEcgRBR2DqFgR%2FSADGcW0TaXLnmtIF3XnM0gk7JguP%2FoQoxmTh90Wkyf0VKXqVm0raXKjUoBeXEL0RRGeEzB4j789BFMdg%2BScQ%2FCey%2FGgDabK%2FaaSC4Kcvho1W7HM%2FWPJa9dqS3240l1qx217y27XAbXAatF06DUiIEUQ8gowGoGYO1jiwwoGNHdjMQcJPK8zzvKbLGXVbbcbqvBmFAXc92ow96rlBC5ZNdhggzwZgcgCmd5HpXWyLAbT9AWarhOEOTE7Q5SWKiKAwBAUlKARBkRMU3fKAS1Mz5R0ujQ2981477%2FVyqPLOHj1QeSdKyV52Ri5Mg%2Fvn2V%2BxHZ1WXC%2BOeT3gcciiOm8E7ZDGLd7yA8abIQsaMKKEMHOgxkF%2FcsSvLyETY0K%2B%2BwshPYaRx2DiAqi9CFoMmzUXdGvot1z007t5ElGdVplKwFWJLF9AvuPsyTPy%2FNRF64PPELGTK5%2F2%2F7h6f%2FFjMF0i0yU%2BEg8IOvL28IYqyP4NVRjy7WaWi0T06eS0N3OaR%2FN334p2CqX5%2BqoZfPk6mxCT8d47kck3aMpF2jHkqxXBeaTXlGYR%2BX7dvBeF163ZWrE6tdnG9TfW1pNMR8YIlY5AJws%2B8xKYGJOnFv6e%2FtqLvx1B6BG0LZHYE3JeEOoYLNuFyWb%2BjZqHljNNmDkobDnUtXD2KAWBjGaYhiXM%2F3A4m%2FfMbXT0C6D5LaRJia4u0ZUlqBzA2PlhnumTKz%2FXp4VQOsNQamc%2FlFp%2B8ThcI04rzXrdpUG74TWbNGqGfq0VBx6ntOYHtSCgdeRmzPxXf%2FkXAAD%2F%2FwEAAP%2F%2FiuVmIYAEAAA%3D HTTP/1.1
Host: quarrelaimless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=b58f4d46-1832-4957-8f09-492605da690a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3692933]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 11:11:17 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c9537ce07c956f0770e00296f3392c2a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=b58f4d46-1832-4957-8f09-492605da690a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=b58f4d46-1832-4957-8f09-492605da690a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=b58f4d46-1832-4957-8f09-492605da690a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 11:11:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e4b3bc9e11e50b96b56dc4f50b0d2cd
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=b58f4d46-1832-4957-8f09-492605da690a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 | 192.243.61.227 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=b58f4d46-1832-4957-8f09-492605da690a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pxf.gif?uuid=b58f4d46-1832-4957-8f09-492605da690a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 11:11:17 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38fb249dacaa82a3f451b50ab543067f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash60eb1758175320a24926288a2b33cd16 014fffa4ecc7c98c2753e9667bc972527a6c5c17 d744b389b51cbfd427e404f20921da0863330fa9d9c176c7c7d4b6df6e48eb52
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D744B389B51CBFD427E404F20921DA0863330FA9D9C176C7C7D4B6DF6E48EB52"
Last-Modified: Tue, 27 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16747
Expires: Wed, 28 Sep 2022 15:50:24 GMT
Date: Wed, 28 Sep 2022 11:11:17 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha8efccf4c61af35f8011cfb61e7f66ca 90987edc2453bcd66d8c89ed47c9882a846b22d6 973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3437
Expires: Wed, 28 Sep 2022 12:08:34 GMT
Date: Wed, 28 Sep 2022 11:11:17 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha8efccf4c61af35f8011cfb61e7f66ca 90987edc2453bcd66d8c89ed47c9882a846b22d6 973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3437
Expires: Wed, 28 Sep 2022 12:08:34 GMT
Date: Wed, 28 Sep 2022 11:11:17 GMT
Connection: keep-alive
|
|
| quarrelaimless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=379 | 192.243.61.225 | 200 OK | 0 B |
URL HTTP/1.1quarrelaimless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=379 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=379 HTTP/1.1
Host: quarrelaimless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=b58f4d46-1832-4957-8f09-492605da690a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3692933]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 11:11:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.sb4you1.com/sb/chat/mob/ssp/1/img/close.png | 172.64.201.2 | 200 OK | 6.0 kB |
URL HTTP/2cdn.sb4you1.com/sb/chat/mob/ssp/1/img/close.png IP172.64.201.2:0
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:18 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4842404
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xk%2FVVGUIbU1oE5DXqMXNv111m4deuZEBVnDWRZxL7Kj77kpM73aCVM%2BsymtsdXruJf2B7eGGnTH7yN1q9of0tLllFglQZE%2FebM%2FB0TC2yuCntZHCRJ%2BIOPiqsFDbcUoqogU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751c09996b9175d7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 1.2 kB |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
File typegzip compressed data, max compression\012- data Hasha04e1e665f3c2d3105cc62236f7caf20 a54bf40f9c0d7a638ed9ccc72794bf392ed1dd28 a5fee0bc255f5367561c5933360a16b5a387436cff0aff07d5f08a1b69b50c7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC0A2CDC09CE8365B0EB9FDF07AE268D11CDCC69C92BC045764843BC6F2B05B6"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4555
Expires: Wed, 28 Sep 2022 12:27:13 GMT
Date: Wed, 28 Sep 2022 11:11:18 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha8efccf4c61af35f8011cfb61e7f66ca 90987edc2453bcd66d8c89ed47c9882a846b22d6 973f1eaa5748b6c10ab41032e3a0dfd1f370ac6c25e819e54e81b8c3c4bd78a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "973F1EAA5748B6C10AB41032E3A0DFD1F370AC6C25E819E54E81B8C3C4BD78A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3436
Expires: Wed, 28 Sep 2022 12:08:34 GMT
Date: Wed, 28 Sep 2022 11:11:18 GMT
Connection: keep-alive
|
|
| cdn.cloudimagesb.com/si/f1/77/6f/f1776f918a10fd144c6163d42af88749/1664291533.jpg | 45.133.44.9 | 200 OK | 16 kB |
URL HTTP/2cdn.cloudimagesb.com/si/f1/77/6f/f1776f918a10fd144c6163d42af88749/1664291533.jpg IP45.133.44.9:0 ASN#39572 DataWeb Global Group B.V.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data Hasha167dac7218ebd70b8552b86889e981d a4976ceede9d3c06cc513e3d485ef2f53bec8660 2024653165d482ac4b672225fda3be32266764e6bd66446221bac32bfee036dd
GET /si/f1/77/6f/f1776f918a10fd144c6163d42af88749/1664291533.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:18 GMT
content-type: image/jpeg
content-length: 15836
server: nginx/1.17.6
last-modified: Tue, 27 Sep 2022 15:12:22 GMT
etag: "633312d6-3ddc"
expires: Fri, 30 Sep 2022 11:11:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/chat/mob/ssp/1/css/style.css | 172.64.201.2 | 200 OK | 1.1 kB |
URL HTTP/2cdn.sb4you1.com/sb/chat/mob/ssp/1/css/style.css IP172.64.201.2:0
Hashe6064cfa8cc9a7d530f702215ebde2db 1960a24366506c339b831e954600f7ba271f3a9a 6e1e3a7c3b0c087ba06833b9475df2566097a1be496680fdf9c5e446d8395235
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:18 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO2QXdcvmUFFNqs92bwJ2IYPGO9WnEOTXgmIbdSRD0M1fIcqjeZl%2FlMUrB18ZE2ahmYg4Jw2WXDh1v%2B47OGFj4d313BQjZUR0qMU80z6NUXKLyCQOcfsvyL9c7maohXNYBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751c09992b2475d7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 172.64.201.2 | 200 OK | 48 kB |
URL HTTP/2cdn.sb4you1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP172.64.201.2:0
File typeASCII text, with very long lines (65451) Hash248bfac64e1461cfb271a551e52d4d50 efe24ae145fb980c9d9b6037bd13df5036618234 4eff34be4ac3b589650806e65ada1216a8dbd2091b907d9119f5d0169f8ba169
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:18 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4842404
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWD9w8%2BK3jHrZkjVVjVwxV%2FgrgwbDZ9hFt6klrDLk%2B0R7vZbPQ6txDhwAC7aghwT8mpisc0T5ckVjUcUItkKORF%2B%2F7hvz%2F6hRtgLsqtLAeRR%2F5zMiMD5IiY%2FdeFFjemkeoY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751c09996b9475d7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.3 | 200 OK | 5.5 kB |
URL HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.3:0 ASN#39572 DataWeb Global Group B.V.
Hash707207128f4f8eee965fb4033adafa72 62bb4a0f8d9a83a193113a9deeb40f2abcbf2710 5eccc7f3886095677ec7c2b1d0930616a8d5fce337bb94c83ee765b2a7653ec6
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:17 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Wed, 28 Sep 2022 12:11:17 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| quarrelaimless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=269 | 192.243.61.225 | 200 OK | 0 B |
URL HTTP/1.1quarrelaimless.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=269 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=269 HTTP/1.1
Host: quarrelaimless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=b58f4d46-1832-4957-8f09-492605da690a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3692933]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 11:11:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| quarrelaimless.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lczq9xMkko2LSC8UFDM9Vd3V1dVmEYxxQnBMQqKoK3n%2FqvOcV%2FWK96q6Ou0mGJUs229Qc3qSwRiDrsVBegIuBoS0CI7ggJ9BycKFSHcGW%2B%2Fm3vPOWZx77vt0qzwkPkp6cP5NM1Ja07VO02%2B8%2BG4QnGlsqKwcNoZx9H4UnmnYwSu9qOm%2F1Lgg%2BaZZa%2FmB7wd%2B0FhXViZmuDYnofL7vaDZ85thqxl0Qgztf7ErPTjqQQwOyTNQYrby0DsJxafI0q%2FOS7dZmPz062mpaWEsBmLn7WwzM1WGdDkm1kOS7RypYdyj9V2Y7M7CLszgHyFTM%2BJ9vwuW7RyZBBtsL3wyDZmBif%2BjGkwh9RSKTsHNLSjxiABc4NJlZOndS8ZW9MYTls7ZGVl5%2FDtUNSMrv55Elj44p9Wwcc3oslAmcxgmNdRwCtWfIi%2F3UIyOQVV74MVHUOIHsvZ4A1m6fdlpAyUOnmedOAlFGK0Gcbu1GvY63dU48XurYa8V%2BR1Bo55PFwEpNYVKptByDOqOoXQeSuWhTDyUuYdUHDR4EARdX3Dqxz3O26IrWST8gHaTgAZ%2BFKPk8x3GKPIxuB6D25vI7U1sqjFs%2BR3c9RpOeHAFwUDUqCRB5QgqSlApgqogqAb1HaFdy9V3hXYlC45666i364kp%2Blv0jin6MiNb%2BSE5sQjur6d%2FxqY8aPhBkoh2JBLGZVt0oh6jSSziMOKiy3jUgVM1lDsG6jyM5kf88jRyNSPkmz%2FA6B6c3gNXJ0DLU6DVpNvyQa9PwtjHKLtXpJLarMlNCmFq5MUKihvelj4kzy5cxO99Asn3z348%2Bu3Cg5Mfgtsaua3xgXpI0Ne3J1dNRbavmsqRry%2FnhUrViM5Pe62ghTx%2B7w15ozJWXDzvxp%2B%2FyufEfLz%2FlnTFBs2EyvqOfHFOCSHturFckm8vuncku1K66%2BdKm5X5xpXX1i%2BmuZXOKZNNQecLPvUCuJqR%2F638ufi1p37ZhbJT2LJGWu6To4Iye%2BD5Tbh86d%2BZ47B6qWG5h6qsJ7bFlo9aEWi5xJTVcP%2FCbDlvudvo2%2BdAi1vI0hoDW2Oga1A9hiuPT4rc7p%2F9sb0oMO1NmLbeNtNWf%2FYkXKcOGm1fdJlMZJfJsBMmkgvW6TCfJ5y1RRxzFG7Gw5d%2F%2BhsAAP%2F%2FAQAA%2F%2F8KMbPJgAQAAA%3D%3D | 192.243.61.225 | 200 OK | 7 B |
URL HTTP/1.1quarrelaimless.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lczq9xMkko2LSC8UFDM9Vd3V1dVmEYxxQnBMQqKoK3n%2FqvOcV%2FWK96q6Ou0mGJUs229Qc3qSwRiDrsVBegIuBoS0CI7ggJ9BycKFSHcGW%2B%2Fm3vPOWZx77vt0qzwkPkp6cP5NM1Ja07VO02%2B8%2BG4QnGlsqKwcNoZx9H4UnmnYwSu9qOm%2F1Lgg%2BaZZa%2FmB7wd%2B0FhXViZmuDYnofL7vaDZ85thqxl0Qgztf7ErPTjqQQwOyTNQYrby0DsJxafI0q%2FOS7dZmPz062mpaWEsBmLn7WwzM1WGdDkm1kOS7RypYdyj9V2Y7M7CLszgHyFTM%2BJ9vwuW7RyZBBtsL3wyDZmBif%2BjGkwh9RSKTsHNLSjxiABc4NJlZOndS8ZW9MYTls7ZGVl5%2FDtUNSMrv55Elj44p9Wwcc3oslAmcxgmNdRwCtWfIi%2F3UIyOQVV74MVHUOIHsvZ4A1m6fdlpAyUOnmedOAlFGK0Gcbu1GvY63dU48XurYa8V%2BR1Bo55PFwEpNYVKptByDOqOoXQeSuWhTDyUuYdUHDR4EARdX3Dqxz3O26IrWST8gHaTgAZ%2BFKPk8x3GKPIxuB6D25vI7U1sqjFs%2BR3c9RpOeHAFwUDUqCRB5QgqSlApgqogqAb1HaFdy9V3hXYlC45666i364kp%2Blv0jin6MiNb%2BSE5sQjur6d%2FxqY8aPhBkoh2JBLGZVt0oh6jSSziMOKiy3jUgVM1lDsG6jyM5kf88jRyNSPkmz%2FA6B6c3gNXJ0DLU6DVpNvyQa9PwtjHKLtXpJLarMlNCmFq5MUKihvelj4kzy5cxO99Asn3z348%2Bu3Cg5Mfgtsaua3xgXpI0Ne3J1dNRbavmsqRry%2FnhUrViM5Pe62ghTx%2B7w15ozJWXDzvxp%2B%2FyufEfLz%2FlnTFBs2EyvqOfHFOCSHturFckm8vuncku1K66%2BdKm5X5xpXX1i%2BmuZXOKZNNQecLPvUCuJqR%2F638ufi1p37ZhbJT2LJGWu6To4Iye%2BD5Tbh86d%2BZ47B6qWG5h6qsJ7bFlo9aEWi5xJTVcP%2FCbDlvudvo2%2BdAi1vI0hoDW2Oga1A9hiuPT4rc7p%2F9sb0oMO1NmLbeNtNWf%2FYkXKcOGm1fdJlMZJfJsBMmkgvW6TCfJ5y1RRxzFG7Gw5d%2F%2BhsAAP%2F%2FAQAA%2F%2F8KMbPJgAQAAA%3D%3D IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST4sc1Rd9lczq9xMkko2LSC8UFDM9Vd3V1dVmEYxxQnBMQqKoK3n%2FqvOcV%2FWK96q6Ou0mGJUs229Qc3qSwRiDrsVBegIuBoS0CI7ggJ9BycKFSHcGW%2B%2Fm3vPOWZx77vt0qzwkPkp6cP5NM1Ja07VO02%2B8%2BG4QnGlsqKwcNoZx9H4UnmnYwSu9qOm%2F1Lgg%2BaZZa%2FmB7wd%2B0FhXViZmuDYnofL7vaDZ85thqxl0Qgztf7ErPTjqQQwOyTNQYrby0DsJxafI0q%2FOS7dZmPz062mpaWEsBmLn7WwzM1WGdDkm1kOS7RypYdyj9V2Y7M7CLszgHyFTM%2BJ9vwuW7RyZBBtsL3wyDZmBif%2BjGkwh9RSKTsHNLSjxiABc4NJlZOndS8ZW9MYTls7ZGVl5%2FDtUNSMrv55Elj44p9Wwcc3oslAmcxgmNdRwCtWfIi%2F3UIyOQVV74MVHUOIHsvZ4A1m6fdlpAyUOnmedOAlFGK0Gcbu1GvY63dU48XurYa8V%2BR1Bo55PFwEpNYVKptByDOqOoXQeSuWhTDyUuYdUHDR4EARdX3Dqxz3O26IrWST8gHaTgAZ%2BFKPk8x3GKPIxuB6D25vI7U1sqjFs%2BR3c9RpOeHAFwUDUqCRB5QgqSlApgqogqAb1HaFdy9V3hXYlC45666i364kp%2Blv0jin6MiNb%2BSE5sQjur6d%2FxqY8aPhBkoh2JBLGZVt0oh6jSSziMOKiy3jUgVM1lDsG6jyM5kf88jRyNSPkmz%2FA6B6c3gNXJ0DLU6DVpNvyQa9PwtjHKLtXpJLarMlNCmFq5MUKihvelj4kzy5cxO99Asn3z348%2Bu3Cg5Mfgtsaua3xgXpI0Ne3J1dNRbavmsqRry%2FnhUrViM5Pe62ghTx%2B7w15ozJWXDzvxp%2B%2FyufEfLz%2FlnTFBs2EyvqOfHFOCSHturFckm8vuncku1K66%2BdKm5X5xpXX1i%2BmuZXOKZNNQecLPvUCuJqR%2F638ufi1p37ZhbJT2LJGWu6To4Iye%2BD5Tbh86d%2BZ47B6qWG5h6qsJ7bFlo9aEWi5xJTVcP%2FCbDlvudvo2%2BdAi1vI0hoDW2Oga1A9hiuPT4rc7p%2F9sb0oMO1NmLbeNtNWf%2FYkXKcOGm1fdJlMZJfJsBMmkgvW6TCfJ5y1RRxzFG7Gw5d%2F%2BhsAAP%2F%2FAQAA%2F%2F8KMbPJgAQAAA%3D%3D HTTP/1.1
Host: quarrelaimless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=b58f4d46-1832-4957-8f09-492605da690a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3692933]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 11:11:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8da473b95fc3af6ce216e8c8f4baa500
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| quarrelaimless.com/pixel/sbs?c=1 | 192.243.61.225 | 200 OK | 0 B |
URL HTTP/1.1quarrelaimless.com/pixel/sbs?c=1 IP192.243.61.225:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | | | quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: quarrelaimless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=b58f4d46-1832-4957-8f09-492605da690a:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3692933]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 11:11:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7445e03-094d-46db-8826-9dd6e4d86694.jpeg | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7445e03-094d-46db-8826-9dd6e4d86694.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc21ecdb581352e1d308477130b4c8504 d08e24264a8860483e76e761d8a7f4e969eda046 2cf56469cf3aaad83ddb52d270658b9fc59ef5dbe99f710bcbf58992abed1fe7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7445e03-094d-46db-8826-9dd6e4d86694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5196
x-amzn-requestid: 85a783fa-ca3b-4ff9-a5fd-82acfce1c33a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xUFenoAMFSxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd5-3a67e7e55d700dc0245bb2fc;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:21 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0rABUqFd2EJ4USfCkPlkPGvzUtqllgEXckXBCXbwmk_8aAjP3DxN6A==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:57:21 GMT
age: 47641
etag: "d08e24264a8860483e76e761d8a7f4e969eda046"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cutpaid.com/v7MyF | 104.21.48.87 | 200 OK | 0 B |
IP104.21.48.87:0
GET /v7MyF HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:14 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: AppSession=bebaaf50fce201cbd2900172eaf51a4b; path=/; HttpOnly
csrfToken=28c71be38406c25c0cacc3a0caf7c1b1ec0f738655c989cd31c55ee7bcce169655ce58d15f49bcb6a75b3ce91d9ab2b52d4666bbd1dfbbf15386966e3b221ae0; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwPHH2kPfNzVVYnuRYd2Su4asuItgdMqY5BciarxxvLAfAcrXzhTEclBwcq74QRRg2w7dfJyxabAF4Y%2BI2UMlRuS56RQG%2FkLvwztVy%2FTjcjVuAbpu9yh8C7BO2cpeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751c098069a41c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| addresseepaper.com/sfp.js | 172.64.101.4 | 200 OK | 0 B |
URL HTTP/2addresseepaper.com/sfp.js IP172.64.101.4:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 11:11:15 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f3343615fdf68c88d8f08b0cc83d1994
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 11:11:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuoPRvz0IFQhRyNaNfmWzgM2coTJsMvvpJPhUS5KFr1xQiTObhRKv5QSJJ1K8EMC0TV8zeeofn7%2F%2Bi7K3JbazPF3GvpLE5z0w6%2FnaBaFdGolGBboMzUto%2BlQrymtT9MgJnfnX8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 751c09888d817785-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|