Report - cuty.io/fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA==

Report Overview

Submitted URL
cuty.io/fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA==
IP
104.26.5.236
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-21 02:02:16
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ksehinkitw.hair	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	961 B	107.22.28.167
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	39 kB	216.58.207.195
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	799 B	142.250.74.34
offfurreton.com	330545	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.7 kB	139.45.197.237
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	11 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.6 kB	23.36.76.226
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	77 kB	142.250.74.168
fleraprt.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	475 B	477 B	139.45.195.254
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	1.2 kB	142.250.74.164
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	419 B	746 B	142.250.74.10
cuty.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	4.8 kB	172.67.74.103
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	738 B	139.45.195.8
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	106 kB	34.120.237.76
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	666 B	556 B	216.239.32.36
taghaugh.com	214097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	75 kB	139.45.197.237
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.162.125.72
tzegilo.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	6.5 kB	172.67.194.45
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	164 kB	142.250.74.163
offerimage.com	304078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	97 kB	104.22.32.172
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	43 kB	142.250.74.3
saltateblit.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	1.4 kB	23.109.87.74
ablesasmetotr.monster	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	672 B	143.204.55.56

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-20	medium	fleraprt.com	Sinkholed
2022-11-20	medium	offfurreton.com	Sinkholed
2022-11-20	medium	offfurreton.com	Sinkholed

JavaScript (19)

	URL	Size	First Seen	Last Seen
	cutty.app/Y1NRZsA	206 B	2023-03-07	2024-05-01
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:11 Last Seen2024-05-01 14:28:07 Times Seen640 Hash e0fc14532e503d280903dd1ce95fd37f daf67e514c6cd78b60d05a41be8eccc1a2272917 ba9ae3d626e5f61353ad036dfdc2310f6a7cbb728d8994c421a79f8d82c336be Loading...

	cutty.app/Y1NRZsA	118 B	2023-03-07	2024-05-01
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:11 Last Seen2024-05-01 14:28:07 Times Seen647 Hash 34fdf55eb2c8dd74d766726998ac1e33 bf3d638f172ecf0bbeaba07b95906ac782df984b 825126e219ceec3705d99e914ca7f33d983db97d670a3392ea938be7c9419c94 Loading...

	cutty.app/Y1NRZsA	173 B	2023-03-11	2023-03-11
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:17 Last Seen2023-03-11 22:26:43 Times Seen1 Hash d5ce08260a32adeda8dd6398f9a7ada8 73a459d235b42455cdbe6c57c2afe02f917a4b6d cc9f419301974253b4f74ef077d2b2a34fd91f54666fae7a1c13e83cb0018ab2 Loading...

	cutty.app/Y1NRZsA	25 B	2023-03-07	2023-10-16
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:11 Last Seen2023-10-16 10:15:45 Times Seen4 Hash 2affb71abe536d71f78c1e3d31ddb164 37eae4d0f1594f61ef0a05f6bbd1163527551dd7 c39068a0c2c563da301a34c412d21aa166a8f877292e0ca1fa1b3e1ba6c389bb Loading...

	cutty.app/Y1NRZsA	55 B	2023-03-11	2023-03-11
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:05:06 Last Seen2023-03-11 15:05:06 Times Seen1 Hash 62b7c1d534efd2e0be9d9068809f98c0 c15e86a12c637985c066d35ed6add16f18bbfbbd c7e90434c3c512a4e38359b12703486c0d64d6b80019e08804aec17195a18025 Loading...

	taghaugh.com/tag.min.js	73 kB	2023-03-11	2023-03-11
Pretty URL taghaugh.com/tag.min.js IP 139.45.197.237 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:01:20 Last Seen2023-03-11 16:00:35 Times Seen1 Hash 5a6802b64fc5325ce19f7e979a83f540 f9359b418ddaee9e081f00b68f8ea29dc6afabc2 280d3111b38f3defc37b2ebbbf228c4e4b1dfd84b83855b5977d2bd3655b83b6 Loading...

	cutty.app/Y1NRZsA	59 kB	2023-03-11	2023-03-11
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:17 Last Seen2023-03-11 15:05:06 Times Seen1 Hash 0267ff92971a8c68b84bd2ac1b4b749f b84cc618a4fb3ef1a1dd148fdf57e26aebb946ca fdb3d8f3eda9017e979443f3cb54e1ad53c27e26417c2164a89e3226817a2d81 Loading...

	cutty.app/Y1NRZsA	446 B	2023-03-11	2023-03-11
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:16 Last Seen2023-03-11 15:05:06 Times Seen1 Hash 5e4352964479cc4092bfb64d8022f4a6 32a0b958aeaff4f29c43a8599dcbc53d0d339734 77ab8c0efec194e8b543b3898bc6d2240ec4abc52aa778a103ae426a5f0fbb77 Loading...

	cutty.app/Y1NRZsA	18 kB	2023-03-07	2023-03-17
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:11 Last Seen2023-03-17 10:37:30 Times Seen1 Hash fa3b5a3c40b67fefc95e6767ad99f721 67f34c4e0695de254a0b9c90615b9b3cb801d99e d9af23954e75fcab1df956dadfd095ed582bf15dbcf608b818d558bc5d7b9dda Loading...

	cutty.app/js/public/layouts/app.js?id=052d78b35e990506bcc3823cdb0fd547	137 kB	2023-03-07	2023-03-17
Pretty URL cutty.app/js/public/layouts/app.js?id=052d78b35e990506bcc3823cdb0fd547 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:11 Last Seen2023-03-17 10:37:30 Times Seen1 Hash 9c53539e2148da869bf72a605fe91703 b1f9c276da8a3507c1978f28e1560b21af11f4e4 279221127dce3cb54369962e74c1e7a44397d34b37e40f9cdea68f8c7ba10b5c Loading...

	cutty.app/Y1NRZsA	940 B	2023-03-07	2024-05-01
Pretty URL cutty.app/Y1NRZsA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:11 Last Seen2024-05-01 14:28:07 Times Seen645 Hash 42175884120f91f242aa2d5515f1de7b 3eb45b5bf15215929da2a4bcad6eb0e746e4d73b 34d16f7aa086ce0a14258b0fa068809862e834c814ba90fd43313a28226418b6 Loading...

	cutty.app/js/public/layouts/_partials/nav-links.js?id=1d0c9735c2507df90f331187ff792505	991 B	2023-03-07	2023-03-17
Pretty URL cutty.app/js/public/layouts/_partials/nav-links.js?id=1d0c9735c2507df90f331187ff792505 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:11 Last Seen2023-03-17 10:37:30 Times Seen1 Hash 1d0c9735c2507df90f331187ff792505 f72f66f5594254093773a8ffdbed00e77f6e4862 37a1273ddc0a56a2f503d04ed8764a7e02a1de3bc95f89608dd852e895224496 Loading...

	www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP	219 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:05:06 Last Seen2023-03-11 15:05:06 Times Seen1 Hash 6ae2c9b9ff5594b0b55a9b5b9a3b3b23 3a806d8b843000eedf48632c39a977e5413168b2 316972444e46c63dd9a87a49edfbb688f6c10fb486f828cf547065644a1a1574 Loading...

	offfurreton.com/400/5180207	82 kB	2023-03-11	2023-03-11
Pretty URL offfurreton.com/400/5180207 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:05:06 Last Seen2023-03-11 15:05:06 Times Seen1 Hash 19965107a533d253ec7ac5ecb83f2978 2cd3619c852a8ed62541c4192ef921fd25df5fea eff19770725f160ee31c33b79bc18821f3e075db683766078bbd1b2920738a5c Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-10	2023-03-11
Pretty URL tzegilo.com/stattag.js IP 172.67.194.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:53:52 Last Seen2023-03-11 19:05:14 Times Seen1 Hash 44c40fdee96d172d73fdb26f6258c3bf e0fddaf008b67747907ef3bfd11b679866d7a3df 3b791712086001011a3a913120c1bc35bb8238c72e9d3d0dba6f80b687e0d1f4 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	cutty.app/sw.js	101 kB	2023-03-11	2023-03-11
Pretty URL cutty.app/sw.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:00:17 Last Seen2023-03-11 22:26:43 Times Seen1 Hash 61b4e37dbc34ddf6923729e0aea83be6 928ad4a6a443edf71e8c6e67069c9885110d8fcb 0f47c2a07ef1a622927ac598164bfd0c6e085f58bd386d4e1b2e06a65032c86a Loading...

	cutty.app/js/public/links/first.js?id=9e922e19314a5a2dc89b579c811b4b49	9.9 kB	2023-03-07	2023-03-17
Pretty URL cutty.app/js/public/links/first.js?id=9e922e19314a5a2dc89b579c811b4b49 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:11 Last Seen2023-03-17 10:37:30 Times Seen1 Hash 54bbc7ff6f2328fbd68e2d4d14277c06 256b78145daee01e483c26316e695443f74f2c7c 17fb028dad71c76bd7047cdb1e789bbb6eaeb729ace46266bd72a8aca7107770 Loading...

	www.google.com/recaptcha/api.js	850 B	2023-03-08	2023-03-17
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash a6d9f11246866ef6247a51ae9116cf53 1ba0ec4e57dd5d3845edb729fea44e6f709c7aca 60eac53947f6a289ca775891e56b3a4a1084cb8763fe2bf4220b759a58761f1d Loading...

HTTP Transactions (72)

URL IP Response Size

cuty.io/fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA==

172.67.74.103

301 Moved Permanently

0 B

URL HTTP/1.1
cuty.io/fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA==
IP
172.67.74.103:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA== HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 21 Nov 2022 02:02:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 21 Nov 2022 03:02:04 GMT
Location: https://cuty.io/fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl8MeHzBi8Q0nqrCdaEes7jOnbxi9PgCQ0OPjskYLUvZixVU%2BhR9pBTSW1eO5hxbv6kXYeJAy7NTvKVZIwvNrtboUmVjpKaUjIy2DOXStyhGUTsDTQM0jfQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76d5d7530bd6b4ee-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ed951622549ed76959631f8a1bf497b
682b2dd2a72190510e3fa7bdb0c0c6f25a322dfb
86f5e5ae2da408a899d16c83b7ca441033ac0c30062cd29f2db1b1b5be666746

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86F5E5AE2DA408A899D16C83B7CA441033AC0C30062CD29F2DB1B1B5BE666746"
Last-Modified: Sat, 19 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4462
Expires: Mon, 21 Nov 2022 03:16:26 GMT
Date: Mon, 21 Nov 2022 02:02:04 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2061bb5a62c7dbe5a39e49a98bf7d214
812ff4923fc0fa69fa7db7c362d5af728e297099
6f0c1ecd37ba47802a386c487e3c2eb1794a06e8b9f56e016326686e3d80ef92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6026
Cache-Control: max-age=122986
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:04 GMT
Etag: "637a01fc-1d7"
Expires: Tue, 22 Nov 2022 12:11:50 GMT
Last-Modified: Sun, 20 Nov 2022 10:31:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2616
Expires: Mon, 21 Nov 2022 02:45:40 GMT
Date: Mon, 21 Nov 2022 02:02:04 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
f00bd0906b736ffed2c2acfa4cd59eb0
529abb6d45d49171c863b816e7f02cd9ea04300b
fcf15af09a6399a27b1c98a9666fc52d33ecf95308d28e62e40368d810a2ffcc

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FCF15AF09A6399A27B1C98A9666FC52D33ECF95308D28E62E40368D810A2FFCC"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11850
Expires: Mon, 21 Nov 2022 05:19:34 GMT
Date: Mon, 21 Nov 2022 02:02:04 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 21 Nov 2022 01:45:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1003
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ODBx+MX17FDUua3OdI64W9TejyCO/eD1IeWwVmCjT4G8teKFmpne71jrteUeBd6ozDA4GOX4/Urpb2Ue8PdfAw==
x-amz-request-id: 0883FDH9BKTKCYJV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 21 Nov 2022 01:38:57 GMT
age: 1387
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 02:02:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
f00bd0906b736ffed2c2acfa4cd59eb0
529abb6d45d49171c863b816e7f02cd9ea04300b
fcf15af09a6399a27b1c98a9666fc52d33ecf95308d28e62e40368d810a2ffcc

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FCF15AF09A6399A27B1C98A9666FC52D33ECF95308D28E62E40368D810A2FFCC"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11849
Expires: Mon, 21 Nov 2022 05:19:34 GMT
Date: Mon, 21 Nov 2022 02:02:05 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 21 Nov 2022 01:44:50 GMT
cache-control: public,max-age=3600
age: 1035
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
27138f8625c320bd1434ccd92263b641
6a8f18728c9f324c1c631ffc85901d84ec4d0e0c
02338368cfa2325e8463bd169cb0ad4df2967ca4260b75bc665cd0836e90e9f4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 290
Cache-Control: max-age=112178
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:05 GMT
Etag: "6379ee2d-1d7"
Expires: Tue, 22 Nov 2022 09:11:43 GMT
Last-Modified: Sun, 20 Nov 2022 09:06:53 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.162.125.72

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.125.72:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lgo+JMDa+uJ7f2GqxE52Pw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2alFYOt2aMLpkw5/i6ZwlvHjauo=

e1.o.lencr.org/

23.36.76.226

200 OK

712 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
712 B (712 bytes)
Hash
fe1610b06d0a1f6f6e4e8d169c939563
80b27c962edec69060cc208cc674e7e12388fc16
5624c260720eac6bbd0d07735860dbca977dec2387e7a374746115bd36c2752b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FCF15AF09A6399A27B1C98A9666FC52D33ECF95308D28E62E40368D810A2FFCC"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11848
Expires: Mon, 21 Nov 2022 05:19:34 GMT
Date: Mon, 21 Nov 2022 02:02:06 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8796b1bba5e0df458c07179adea64173
b3c3f64718de099805a200e156774ea356a08132
ae32033094ed99df37e4537b91ec3d52a8fd2f0d2f538e3c81901e1f9c29a0a2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

32 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
32 kB (31736 bytes)
Hash
7be16df1503d6acdbb438e3056acda73
b85ab21f9ab44e8aec15d909c548ef225871811a
65810f7430ba2a8539fe2eeaf0b76ddde6b83ef92760438f372774c8f339507b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
662c6190c63609f87a23660fc808a650
a4178dd92d6f8a4f7c4da846a08d4104575f3636
93a8fd2af027f09640a8f5c3e2f10603d8b7aff4c74bc274cdbea7deeb396f3c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js

142.250.74.164

200 OK

553 B

URL HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (850), with no line terminators
Size
553 B (553 bytes)
Hash
1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Mon, 21 Nov 2022 02:02:06 GMT
date: Mon, 21 Nov 2022 02:02:06 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c28dcab32cb68e75be2f9d541e417a3c
7e94e4d48e4004090b100451a37752a7ae691550
fe2434a22cb390d054adcb47b67cbc3d1141a753f87839723554dd1bced75e45

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP

142.250.74.168

200 OK

76 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21484)
Size
76 kB (76540 bytes)
Hash
c4b531a11dee324c6485b34f7b231eb8
6b34cc08e450d0ce32e7691682a97e3f0770f2ff
9710ccb6ba8be7b8c4ecdd8e3444e1e288fa557d996b0f95d38fee30eda088df

HTTP Headers

GET /gtag/js?id=G-GGDCMPL4QP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 21 Nov 2022 02:02:06 GMT
expires: Mon, 21 Nov 2022 02:02:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
801bfa5219b8edbae22ab4be73ea5f1b
6795d174c6af1841ff34a78c0723c8fd9a69bdce
5288c50ab4af870e03058d86bbf4fca0cb0cbb10136580858cb7c05e91605805

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
076fce031812d9f7b34acd5c23a2b805
0944320efa72944b5f41ae1e95c6c17d935ad5de
f17d9d30e25b394f3db33d75a478cc24095ad920377002764e4af39b4e83d908

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F17D9D30E25B394F3DB33D75A478CC24095AD920377002764E4AF39B4E83D908"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15148
Expires: Mon, 21 Nov 2022 06:14:34 GMT
Date: Mon, 21 Nov 2022 02:02:06 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a16fd70048d81d63ac778964066b5fd5
8678fd9c7ef3f0b3a286e170e87bf59773f41881
fa9dd59489cb48e8509ce8297c3491823e446cdcde0f7393cd621b2abd0702dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
40f4c28263cb2c92c7b4f209a86ae69b
136b2634e4f605b858dfaa6d101435e89da1a258
a3a536cce6b0a6404515747cd6113ea0e3c80206e708054a5fbf7ad719e6590d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3A536CCE6B0A6404515747CD6113EA0E3C80206E708054A5FBF7AD719E6590D"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3141
Expires: Mon, 21 Nov 2022 02:54:27 GMT
Date: Mon, 21 Nov 2022 02:02:06 GMT
Connection: keep-alive

saltateblit.com/tOADPiI9J2GBTD/51949

23.109.87.74

200 OK

25 B

URL HTTP/1.1
saltateblit.com/tOADPiI9J2GBTD/51949
IP
23.109.87.74:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

HTTP Headers

GET /tOADPiI9J2GBTD/51949 HTTP/1.1
Host: saltateblit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 21 Nov 2022 02:02:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cutty.app
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 22-Nov-2022 02:02:06 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Tue, 22-Nov-2022 02:02:06 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

2.9 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
2.9 kB (2928 bytes)
Hash
66111373b24459391758e6357698ed65
a7ba938393cda27520aab688bb9c0172087404d1
12ea12c89fe847f5254f417a8346634016f0d00339d0361a47314c1653399aa6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e76b210ab91d11c5394f61a3af1e53e
d0f5b8c331a76524ee94af286acc715932fe4cbb
acc7e43f3b57bff38e2cfc94f0f0fa9532e1b9e9cf42114e1c317371ee271796

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACC7E43F3B57BFF38E2CFC94F0F0FA9532E1B9E9CF42114E1C317371EE271796"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14759
Expires: Mon, 21 Nov 2022 06:08:05 GMT
Date: Mon, 21 Nov 2022 02:02:06 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0e76b210ab91d11c5394f61a3af1e53e
d0f5b8c331a76524ee94af286acc715932fe4cbb
acc7e43f3b57bff38e2cfc94f0f0fa9532e1b9e9cf42114e1c317371ee271796

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACC7E43F3B57BFF38E2CFC94F0F0FA9532E1B9E9CF42114E1C317371EE271796"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15116
Expires: Mon, 21 Nov 2022 06:14:02 GMT
Date: Mon, 21 Nov 2022 02:02:06 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.195

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutty.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 06:03:56 GMT
expires: Fri, 17 Nov 2023 06:03:56 GMT
cache-control: public, max-age=31536000
age: 331090
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9afe0ae0199aff69fefbe5a55490d31
126f648ad266469bf531b5c08f7f71a973d0eeb0
105d272d89fa39de018c77cb85f97c12af739243c6bf8172e2914217bd2efec5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d561fb4c2606ae6f3e27b550aac78eb1
08fab66de067ec1b26229eb8ca8025228b1e77df
696702c1838990050310f6b21658aa22f4e5d69921a3043ad0f07923db441688

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

taghaugh.com/tag.min.js

139.45.197.237

200 OK

72 kB

URL HTTP/2
taghaugh.com/tag.min.js
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
Unicode text, UTF-8 text, with very long lines (65340), with no line terminators
Size
72 kB (71785 bytes)
Hash
dea7de831fd829ec91df3bae90b61187
c4b2548a4e00aa2d2021386a0a4eca6fca9c0f5b
80a35186fd98bc4d715015531b1242910504a9d9e040362d46f43389be082a94

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 02:02:06 GMT
content-type: text/javascript; charset=utf-8
content-length: 23258
content-encoding: br
x-trace-id: f26ec4d82052150538e5408f6758ff81
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Fri, 18 Nov 2022 12:18:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1b7709fef1ff94d93b98e43634326a64
ebc91eff4b8e0a6ac070c5198d9347088cf1c122
d4a2a6b6f42b0f0b7bc6b069b8947a7fbbf7068d9b88bfddd44eaf00ac286c86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4A2A6B6F42B0F0B7BC6B069B8947A7FBBF7068D9B88BFDDD44EAF00AC286C86"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3991
Expires: Mon, 21 Nov 2022 03:08:37 GMT
Date: Mon, 21 Nov 2022 02:02:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e1fee52baa5c11a94459c67d8fe93ef4
e57ee1ce391b4daf4a0d059c45a090b9c6b5354a
406a94e764b73c626b2b63784b0cb1a0de086c014c1e4add434c4558a8ce5114

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1285
Cache-Control: max-age=110293
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Etag: "6379e2ee-117"
Expires: Tue, 22 Nov 2022 08:40:19 GMT
Last-Modified: Sun, 20 Nov 2022 08:18:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
e1fee52baa5c11a94459c67d8fe93ef4
e57ee1ce391b4daf4a0d059c45a090b9c6b5354a
406a94e764b73c626b2b63784b0cb1a0de086c014c1e4add434c4558a8ce5114

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1285
Cache-Control: max-age=110293
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:06 GMT
Etag: "6379e2ee-117"
Expires: Tue, 22 Nov 2022 08:40:19 GMT
Last-Modified: Sun, 20 Nov 2022 08:18:54 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

ablesasmetotr.monster/utx?tid=961366&top=cutty.app&cb=4oxfUIY5irH2

143.204.55.56

204 No Content

0 B

URL HTTP/2
ablesasmetotr.monster/utx?tid=961366&top=cutty.app&cb=4oxfUIY5irH2
IP
143.204.55.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?tid=961366&top=cutty.app&cb=4oxfUIY5irH2 HTTP/1.1
Host: ablesasmetotr.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Mon, 21 Nov 2022 02:02:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://cutty.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Mon, 21 Nov 2022 02:03:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z4ap1GE8BlOQNjQKPgbOPyrNJxZNC5wiMV04oIKWi5K69UvhkieDFg==
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.194.45

200 OK

5.7 kB

URL HTTP/2
tzegilo.com/stattag.js
IP
172.67.194.45:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13017), with no line terminators
Size
5.7 kB (5711 bytes)
Hash
cd8ca2f979d525d055651faeaa8cbb62
d1ca62b2b9c419de91215725195214bd64787251
e50b049d8060ab7886a30ded6b625a3a0f482ca0d7b8922c4e877d0db519f4a4

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 02:02:06 GMT
content-type: application/javascript
last-modified: Tue, 18 Oct 2022 14:05:58 GMT
etag: W/"634eb2c6-32d9"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1480
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2BFUUYp1r6uzXINuux4FYj7z2ljlIWjidZ%2BdnTLbzf%2F6wrfEQCaBuEermYVZYeFR9QgjAUr3bNN1Qyaw5YgzDVkwb6WTphOJAW8DUO27Z2b1aZHjPUODis7bZqx4fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d5d75f2ee5b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
419e11329b40f6d11706372a1618331f
f6846a20afbbe22c8ad5be20cc711014bc314a27
91f7516f31fec4ded19345ceda5e923324666f5d20c75c47bc36d95a31c43cf3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 21 Nov 2022 02:02:06 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 18:25:19 GMT
Expires: Thu, 24 Nov 2022 18:25:18 GMT
Etag: "f6846a20afbbe22c8ad5be20cc711014bc314a27"
Cache-Control: max-age=317591,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76d5d7603fdcb523-OSL

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 896
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 21 Nov 2022 02:02:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://cutty.app
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3606
Expires: Mon, 21 Nov 2022 03:02:13 GMT
Date: Mon, 21 Nov 2022 02:02:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3606
Expires: Mon, 21 Nov 2022 03:02:13 GMT
Date: Mon, 21 Nov 2022 02:02:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3606
Expires: Mon, 21 Nov 2022 03:02:13 GMT
Date: Mon, 21 Nov 2022 02:02:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3606
Expires: Mon, 21 Nov 2022 03:02:13 GMT
Date: Mon, 21 Nov 2022 02:02:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
798ef0955be535268547903e74dacfcd
782823486f9ded693609cade264d1950e816f7d0
75df3810e787be95774282d4851ce350bba5c326843f1bd02348746355866e95

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75DF3810E787BE95774282D4851CE350BBA5C326843F1BD02348746355866E95"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3606
Expires: Mon, 21 Nov 2022 03:02:13 GMT
Date: Mon, 21 Nov 2022 02:02:07 GMT
Connection: keep-alive

my.rtmark.net/gid.js?userId=db5419909dcc49b3bdcd433a622837f5

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?userId=db5419909dcc49b3bdcd433a622837f5
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
23d6ca178d68cb93eb50ce8d508ab8fd
bd2fe816f4f8abe000e6684754f821f4a064f867
3db9f2a020b606fc92f9cc4ba5af7923c0ca0f318289617a81b7eb62d403dc39

HTTP Headers

GET /gid.js?userId=db5419909dcc49b3bdcd433a622837f5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 02:02:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://cutty.app
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=db5419909dcc49b3bdcd433a622837f5; expires=Tue, 21 Nov 2023 02:02:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5342 bytes)
Hash
a9e0f5c07511d0f6ad0f2441db92797d
2dcc6187d7173ce741975ad4ec24435c9dcb0880
3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: PkFAourr7ixQ5NYcdMugerMxFTdCLgIAaBz6erANuppgzE2Tm4yVpA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 22:34:27 GMT
age: 12460
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 07:27:17 GMT
age: 66890
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

54 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc4c1abc-3872-4c83-8aa1-1567c50e3925.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
54 kB (54185 bytes)
Hash
a159a1394648f9ce45e89e567663a603
24835c4fc8c761118ef301667e00d3bf48e6423a
f1185c4d5424c51d312736d62f738871795be507d17431a846decf00c8a8f3ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc4c1abc-3872-4c83-8aa1-1567c50e3925.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14563
x-amzn-requestid: 5e99f7c5-4aef-495f-8621-5b07c7512586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bkiY3EmZIAMF4Rw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371b105-5a98f8c9324ce0aa2db4bc96;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 03:07:49 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: U9_bjIc7RJEuINOBuquYbWKGwxnX4-AL39T6-4Jq__7-WMyfdhpw6A==
via: 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 22:15:19 GMT
age: 13608
etag: "847d3be0fead43e8826f4aa8d98d787d8a2bfecc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F483177e4-1071-4ce1-b7a0-64f9f2201b30.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
5.8 kB (5753 bytes)
Hash
c19eca1c65605ace5a0746eea74a7f19
404f02ecc8de56cd5a12c57cf46b02bd7779c790
d64e5db50c8ae5eaa6da50cf6c447858f8809397ed12f4339feeeb74d7461aa5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F483177e4-1071-4ce1-b7a0-64f9f2201b30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5105
x-amzn-requestid: eb2790a4-e616-4f23-a5ff-c01c20aabdc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b61rpF9jIAMF7tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9cb0-5dd235dd12cd01646ef4f1cc;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:31:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: tXi8uTXJMREmkwn4y9FeDFOIisJ3Z5hEDRhCMxT5K1_bH7_gL3Dukg==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:47:05 GMT
age: 15302
etag: "0e52816963c93b6f8406699db01bf617bbd4da36"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4722fc7c-db56-497e-b54c-1ee27515a678.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
11 kB (11280 bytes)
Hash
2050a23d46be5db25ba4050ef3ccbbfb
2cad181cd8ade2e0d2b7717182b3c9a6392da76a
7e15ee08ae1a267f0ae167d4bc9f5192d92dcebd31b7b1362e79864c228a2465

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4722fc7c-db56-497e-b54c-1ee27515a678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10833
x-amzn-requestid: 31a106d0-b7f0-46be-8606-be4fe6d87924
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b6e85FX5oAMFe2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a7852-2f6ca1300fdfd0f35742a695;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 18:56:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: G5Ws2r1R2li7IOkDj3q5nZUfTROQvk8g4bI3pybfyt368NOltq7tzQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 20:05:59 GMT
age: 21368
etag: "a04c4689f1064f7992638fad18b0ba86f899a22b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (5045 bytes)
Hash
96135f96986369533c0362367c1e6fd8
bc8b0612b79cb30817880fac9728318f837854b4
f4eab133baf21daae8b809966e8ffbe64a2414fd334538a226a2a39ab39c3d46

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F645dc32f-cd66-4021-92e9-77c4eff2fa1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5045
x-amzn-requestid: 93295168-385b-4b26-92e0-65858db59541
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0PgfGfVoAMFjWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377f936-7d3d9e44191051f454bd53ca;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:29:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hYkfj6mcRyzHioX7RAjvhpITDBX_CXLhum92tHz6ilGAY2C0fNi48g==
via: 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 12:50:23 GMT
age: 47504
etag: "bc8b0612b79cb30817880fac9728318f837854b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP&gtm=2oeb90&_p=1602608278&cid=226368250.1668996127&ul=en-us&sr=1280x1024&_s=1&sid=1668996126&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FY1NRZsA&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GGDCMPL4QP&gtm=2oeb90&_p=1602608278&cid=226368250.1668996127&ul=en-us&sr=1280x1024&_s=1&sid=1668996126&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FY1NRZsA&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GGDCMPL4QP&gtm=2oeb90&_p=1602608278&cid=226368250.1668996127&ul=en-us&sr=1280x1024&_s=1&sid=1668996126&sct=1&seg=0&dl=https%3A%2F%2Fcutty.app%2FY1NRZsA&dt=Shorten%20Links%20And%20Earn%20Money%20%7C%20Cuty&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://cutty.app
date: Mon, 21 Nov 2022 02:02:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ksehinkitw.hair/

107.22.28.167

200 OK

0 B

URL HTTP/2
ksehinkitw.hair/
IP
107.22.28.167:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 380
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

offfurreton.com/500/5180207?excludes=&oaid=db5419909dcc49b3bdcd433a622837f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fcutty.app%2FY1NRZsA&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.237

200 OK

0 B

URL HTTP/2
offfurreton.com/500/5180207?excludes=&oaid=db5419909dcc49b3bdcd433a622837f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fcutty.app%2FY1NRZsA&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/5180207?excludes=&oaid=db5419909dcc49b3bdcd433a622837f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fcutty.app%2FY1NRZsA&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://cutty.app/
Origin: https://cutty.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 02:02:07 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://cutty.app
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d5ccc6ed714b650846fefb0a8e24ca22
30521fa613dcb97b95ad3baab58c4446482d5061
ef46e9367b670662ae596685c5f27da1bf065e714ef2e86c65d5267a188d08d3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.163

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Nov 2022 11:26:10 GMT
expires: Mon, 20 Nov 2023 11:26:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 52557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

139.45.197.237

200 OK

1.4 kB

URL HTTP/2
offfurreton.com/500/5180207?excludes=&oaid=db5419909dcc49b3bdcd433a622837f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fcutty.app%2FY1NRZsA&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type
data
Size
1.4 kB (1441 bytes)
Hash
ecab6b42c290fc3cbe97d27fed82e91b
2f996f5495574c0eeacfd1f889752c919424f217
d1fe52b4d882a437719f5b9b9fd4f2dc6e23a4a101f5e85cbfe0065471053599

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5180207?excludes=&oaid=db5419909dcc49b3bdcd433a622837f5&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fcutty.app%2FY1NRZsA&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Cookie: OAID=c4b1bb905d4644f7ac15d2d0484e3155
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 02:02:07 GMT
content-type: application/javascript
x-trace-id: 2aa4652e834bf875a66c06360ca5d4b2
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://cutty.app
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=db5419909dcc49b3bdcd433a622837f5; expires=Tue, 21 Nov 2023 02:02:07 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.34

200 OK

0 B

URL HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 21 Nov 2022 02:02:07 GMT
expires: Mon, 21 Nov 2022 02:02:07 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4405147390661673479
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49129
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1b6cc48c7f314bc7ef251703eabe72b4
a70bf5ad955836f15b24590f0e322d5cee53b0b1
4d6e589df129380106a5a4f666882703fb04074c3b2a9b963be91b14fc20352f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 21 Nov 2022 02:02:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png

104.22.32.172

200 OK

97 kB

URL HTTP/2
offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
IP
104.22.32.172:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
97 kB (96644 bytes)
Hash
3ef316842349308dfa69b2337a1f2f26
cfb295c74af7d2432c8f0dde1819e1aa35b2ab89
88d7d3964d36d102797d185fb23dab82ac6142c12a5119497b95d2dc018c5bcd

HTTP Headers

GET /www/images/3ef316842349308dfa69b2337a1f2f26.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 21 Nov 2022 02:02:07 GMT
content-type: image/png
content-length: 96644
last-modified: Thu, 10 Dec 2020 16:09:13 GMT
etag: "5fd24829-17984"
expires: Tue, 22 Nov 2022 02:02:07 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76d5d763bdc3be60-CPH
X-Firefox-Spdy: h2

ksehinkitw.hair/

107.22.28.167

200 OK

0 B

URL HTTP/2
ksehinkitw.hair/
IP
107.22.28.167:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Content-Type: text/plain;charset=UTF-8
Origin: https://cutty.app
Content-Length: 347
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

ksehinkitw.hair/

107.22.28.167

200 OK

0 B

URL HTTP/2
ksehinkitw.hair/
IP
107.22.28.167:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Content-Type: text/plain;charset=UTF-8
Origin: https://cutty.app
Content-Length: 350
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb887a886-c144-47cc-bd88-c20180fd79ee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12264 bytes)
Hash
379503256d42092f53620f3abfc69438
621d80219a8fbb23ee32a69b2d61d280b22a59a9
398a4b899de52101bbb532634bead90cf489efc7d42a1523f2eaf23f02e27482

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb887a886-c144-47cc-bd88-c20180fd79ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 12264
x-amzn-requestid: b9ad0edd-ce99-4314-add0-2d394c9d9d97
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b61qmEZeoAMFviQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637a9caa-79e45df94fed4bca0b499a67;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 21:31:22 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: RGpPsjyC9B5BKFKbMPdQJ-2l_StesDbRcZ-R65GCyR3ze7NDG3eKxQ==
via: 1.1 2ecd59b4298afe9d7bb9266870458a74.cloudfront.net (CloudFront), 1.1 da4fa914888b330b3e8a08632b8e41be.cloudfront.net (CloudFront), 1.1 google
date: Sun, 20 Nov 2022 21:55:26 GMT
age: 14807
etag: "621d80219a8fbb23ee32a69b2d61d280b22a59a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cuty.io/images/shared/logo.svg

104.26.4.236

200 OK

0 B

URL HTTP/2
cuty.io/images/shared/logo.svg
IP
104.26.4.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/shared/logo.svg HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 21 Nov 2022 02:02:06 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Jul 2022 10:06:16 GMT
vary: Accept-Encoding
etag: W/"62cfea98-175a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbBrB%2BCbG0fz8eAsmdYIrkV81zEtpH2ytrMN09WSYX6cWSVo0cQroy3nEv1Ic92R%2Fc%2FyGVhH9BG2%2BIori9a5WYRuq9SJL6p5dw6jYNcIEghipvsKJD0q1XQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d5d75c9a0fb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

taghaugh.com/5/5535648/?oo=1&aab=1

139.45.197.237

200 OK

0 B

URL HTTP/2
taghaugh.com/5/5535648/?oo=1&aab=1
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /5/5535648/?oo=1&aab=1 HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutty.app
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 02:02:06 GMT
content-type: application/json
x-trace-id: 4736d0b66b3cfb46103a9fe381b7d37e
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://cutty.app
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=db5419909dcc49b3bdcd433a622837f5; expires=Tue, 21 Nov 2023 02:02:06 GMT; path=/; secure; SameSite=None
oaidts=1668996126; expires=Tue, 21 Nov 2023 02:02:06 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

cuty.io/fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA==

104.26.4.236

302 Found

0 B

URL HTTP/2
cuty.io/fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA==
IP
104.26.4.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fps?token=e49f3b2f67034bb8f66325fdf&data=dWdnY2Y6Ly9xZXZpci50YmJ0eXIucGJ6L3N2eXIvcS8xdjhSaVczb3dmckM4TW1vYjZBVmtQMXNSNW9yVkIwdHovaXZyaj9oZmM9ZnVuZXZhdA== HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Mon, 21 Nov 2022 02:02:05 GMT
content-type: text/html; charset=UTF-8
location: https://cuty.io/Y1NRZsA
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ijl4S0grc3VZTTY2MG1GK3hlZ3p1VkE9PSIsInZhbHVlIjoicDlxdW1hOUpRNzc0N2xTd1lPVkhrSWhlNFlRMU10V2tyQ2pFSHlXZ1Q5WTFMOEIxSUJoVmVkQlozSzZrWStvUnU2U1d3K1dMQ1N0d1VZZFBqTHZtM0VuS0FJendoc05tSGYwaytDd3FteVlvdThuQTZjeXR3dU1zSUN5bTU1UTIiLCJtYWMiOiIzYmExMzQzZTY4ZTk1ZWIwOGJhOTA0NWU5YjliMmZiMzViYTQzMzdkMzc5NjYwZjJlYThhZTlkNjlhMzdiMzIyIiwidGFnIjoiIn0%3D; expires=Mon, 28 Nov 2022 02:02:05 GMT; Max-Age=604800; path=/; samesite=lax
cuty_session=eyJpdiI6IjhSZUF1UUpnOFJoRUVwODlzMENqWlE9PSIsInZhbHVlIjoibVdNRGNsdFFxczBmUHNQU3RRa0QxQlFIMGdoQWw5MmlzS29udnVHZ2E0UVllYUorTzhteUgza3d2bEgrUnBzWFFJSHpkV2VGRG1HTW5KSjFaUnBTdXZTNzNGYWNIZXNCTVZ0YnNIdHZLTW1iOURYVFpoMmpIRHdGbG9mUVEwZjAiLCJtYWMiOiIxYzZhOWMyMjc4MjUwMWMxYmJkZThjNDNjNThkY2EzZmFjNDliMmJkOGY2MWYyNGRlNDg1NmIzNjViNjRlNWUxIiwidGFnIjoiIn0%3D; expires=Mon, 28 Nov 2022 02:02:05 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uWAVXn%2BPTt79biVZPqJ%2FqiZ%2BVP6xAqfW5r%2BUfnz7Z2%2BGgmJE%2FdnhOG2eDNsRqZzWUzhz4Pb34S8LiXbbDl98Q5M3BKf6TW78D2C5l4Zt51lkWFap1FTZs4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d5d7551fce0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Inter:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 21 Nov 2022 02:02:06 GMT
date: Mon, 21 Nov 2022 02:02:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ksehinkitw.hair/dVROa2kOdj0cNgAmIklTVzw6HxkGbmFECgAgOhJHFCQ%2BRBoCeiQYS1l2PQYPV25%2FR0sGOThJU1dgYFhLWXY6Cg4qPSpJU1dteFpaQ2JsR0sGISw0ABFmbFFLETd7U15HYi1GW0VjK0ZdRWx5RgtAZ3lGWEE2fwkIQ2J2DltHdjM

107.22.28.167

502 Bad Gateway

0 B

URL HTTP/2
ksehinkitw.hair/dVROa2kOdj0cNgAmIklTVzw6HxkGbmFECgAgOhJHFCQ%2BRBoCeiQYS1l2PQYPV25%2FR0sGOThJU1dgYFhLWXY6Cg4qPSpJU1dteFpaQ2JsR0sGISw0ABFmbFFLETd7U15HYi1GW0VjK0ZdRWx5RgtAZ3lGWEE2fwkIQ2J2DltHdjM
IP
107.22.28.167:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dVROa2kOdj0cNgAmIklTVzw6HxkGbmFECgAgOhJHFCQ%2BRBoCeiQYS1l2PQYPV25%2FR0sGOThJU1dgYFhLWXY6Cg4qPSpJU1dteFpaQ2JsR0sGISw0ABFmbFFLETd7U15HYi1GW0VjK0ZdRWx5RgtAZ3lGWEE2fwkIQ2J2DltHdjM HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 502 Bad Gateway
set-cookie: 81da61fa8a5becbb61dd4337e2a77b40=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2

ksehinkitw.hair/VU5EOWUObH0PVGZ4chtJd2xoGwE2e3wOV2MtaQtVYitpDVVteWlbUGZ5aQhRN38mWFNjdiELV3diZg1cYShyClRtYyAPAzdjcFxRZWMlDVcwY3wNXGIrJl1dbC1wAEd5bDdOR3lsL0oAPScqUgwhOWpRBDw8ZhVHZH5qDEd5KCVVFjBiIlgJJitoXwQ5PSFk

107.22.28.167

200 OK

0 B

URL HTTP/2
ksehinkitw.hair/VU5EOWUObH0PVGZ4chtJd2xoGwE2e3wOV2MtaQtVYitpDVVteWlbUGZ5aQhRN38mWFNjdiELV3diZg1cYShyClRtYyAPAzdjcFxRZWMlDVcwY3wNXGIrJl1dbC1wAEd5bDdOR3lsL0oAPScqUgwhOWpRBDw8ZhVHZH5qDEd5KCVVFjBiIlgJJitoXwQ5PSFk
IP
107.22.28.167:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /VU5EOWUObH0PVGZ4chtJd2xoGwE2e3wOV2MtaQtVYitpDVVteWlbUGZ5aQhRN38mWFNjdiELV3diZg1cYShyClRtYyAPAzdjcFxRZWMlDVcwY3wNXGIrJl1dbC1wAEd5bDdOR3lsL0oAPScqUgwhOWpRBDw8ZhVHZH5qDEd5KCVVFjBiIlgJJitoXwQ5PSFk HTTP/1.1
Host: ksehinkitw.hair
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutty.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: d098913e0faba2932e61fea04ee3cf02=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-/A3vTJPDPOj3v8J3Cy0b4H1p4CU"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cuty.io/Y1NRZsA

104.26.4.236

302 Found

0 B

URL HTTP/2
cuty.io/Y1NRZsA
IP
104.26.4.236:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Y1NRZsA HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ijl4S0grc3VZTTY2MG1GK3hlZ3p1VkE9PSIsInZhbHVlIjoicDlxdW1hOUpRNzc0N2xTd1lPVkhrSWhlNFlRMU10V2tyQ2pFSHlXZ1Q5WTFMOEIxSUJoVmVkQlozSzZrWStvUnU2U1d3K1dMQ1N0d1VZZFBqTHZtM0VuS0FJendoc05tSGYwaytDd3FteVlvdThuQTZjeXR3dU1zSUN5bTU1UTIiLCJtYWMiOiIzYmExMzQzZTY4ZTk1ZWIwOGJhOTA0NWU5YjliMmZiMzViYTQzMzdkMzc5NjYwZjJlYThhZTlkNjlhMzdiMzIyIiwidGFnIjoiIn0%3D; cuty_session=eyJpdiI6IjhSZUF1UUpnOFJoRUVwODlzMENqWlE9PSIsInZhbHVlIjoibVdNRGNsdFFxczBmUHNQU3RRa0QxQlFIMGdoQWw5MmlzS29udnVHZ2E0UVllYUorTzhteUgza3d2bEgrUnBzWFFJSHpkV2VGRG1HTW5KSjFaUnBTdXZTNzNGYWNIZXNCTVZ0YnNIdHZLTW1iOURYVFpoMmpIRHdGbG9mUVEwZjAiLCJtYWMiOiIxYzZhOWMyMjc4MjUwMWMxYmJkZThjNDNjNThkY2EzZmFjNDliMmJkOGY2MWYyNGRlNDg1NmIzNjViNjRlNWUxIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
date: Mon, 21 Nov 2022 02:02:05 GMT
content-type: text/html; charset=UTF-8
location: https://cutty.app/Y1NRZsA
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkVFdHNSTG5ldFBGdnU5TlJxdzdPNkE9PSIsInZhbHVlIjoiRHJGRndkb3UxT3NWT0dxeGpFbzZCdHNDeFBaM1BtKzl4MW1EbHoxRXg0eTA5ZmF0MDBSVk5Mc0ZldTZmYkNNQU9LMmhjRUFyMTgyY1BSSmlQVEN3OVlMeldFb3FrQVBManF4d3hvRURsNU54bDVMOVpYbXpEQm5GdElBekwvWmsiLCJtYWMiOiI3N2YzYWMxZjY1OWI2MjY2YWNjZDQ0OTQzMGViNTRjZGIyYTU3ZDE4MzQ2YWY0YzkyNTcwMmQ2NzI1NTVhNzViIiwidGFnIjoiIn0%3D; expires=Mon, 28 Nov 2022 02:02:05 GMT; Max-Age=604800; path=/; samesite=lax
cuty_session=eyJpdiI6InRSTS9lNTNXeEFDWjgwN3d0SXl0V2c9PSIsInZhbHVlIjoiNmV3VGRxNjZuSHYxbGNETGNpUzMvd050c1RwOWNpdWZrdXZZckhOdjg3V3BBNXRPdElDU3NQSUFGUGVHd253dy9XZ1A4WUgwSXB5eXZBckpEWjVERW1sNWkwRlo4S2oxMnRKWm9Vcy9sMW4yeWFKM0Fkdk9RM0RXcGVLN0NXa2YiLCJtYWMiOiIxNjYzYWRhNzM3YWU0ZTJiYzIyYTRjNmI1MGI0ZDQ3YmZkZmQxOTY4ZTU2YzYzNWM2NTA2NTFhMzFlNTI3MmMxIiwidGFnIjoiIn0%3D; expires=Mon, 28 Nov 2022 02:02:05 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjZothHGA4WWXcFNPZBS4Uyh6JRGrW0Qwcrjp3R226538UXOuJ%2FffO1MEvsmt7Lxl8HsynkWLr40diyGXVz7gkX3YxoI%2BS%2Fzqy3%2FJft3RUh5c1dDcf0LlW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76d5d755e8490b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

taghaugh.com/?rb=Mnu1A42u3kj0QzTaYtPF1ttYVTvzqiIeGZ3dLOmODSb9MRvW6NMKH9V05HOzOkZcsXcGUz7w6Ma2fjBZENSPj7cQYqj9IKGTcvl3-BZUB4ZxvNuO1U7KRRfYkYSWdtOocYyJytOl_8Li9xnb-SesD6oiK7FHy39PJS0f4ncXbvz2mbZl86BlCNF-3KSgwxIzO8nO6uBnJhG5PPnxTf7Kfo_kcmMyswZ2zdGFNg%3D%3D&request_ab2=0&zoneid=5535648&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fcutty.app%2FY1NRZsA&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=67ed9705-9cdb-47b2-9558-41e3dfe9d616&userId=db5419909dcc49b3bdcd433a622837f5&m=link

139.45.197.237

200 OK

0 B

URL HTTP/2
taghaugh.com/?rb=Mnu1A42u3kj0QzTaYtPF1ttYVTvzqiIeGZ3dLOmODSb9MRvW6NMKH9V05HOzOkZcsXcGUz7w6Ma2fjBZENSPj7cQYqj9IKGTcvl3-BZUB4ZxvNuO1U7KRRfYkYSWdtOocYyJytOl_8Li9xnb-SesD6oiK7FHy39PJS0f4ncXbvz2mbZl86BlCNF-3KSgwxIzO8nO6uBnJhG5PPnxTf7Kfo_kcmMyswZ2zdGFNg%3D%3D&request_ab2=0&zoneid=5535648&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fcutty.app%2FY1NRZsA&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=67ed9705-9cdb-47b2-9558-41e3dfe9d616&userId=db5419909dcc49b3bdcd433a622837f5&m=link
IP
139.45.197.237:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /?rb=Mnu1A42u3kj0QzTaYtPF1ttYVTvzqiIeGZ3dLOmODSb9MRvW6NMKH9V05HOzOkZcsXcGUz7w6Ma2fjBZENSPj7cQYqj9IKGTcvl3-BZUB4ZxvNuO1U7KRRfYkYSWdtOocYyJytOl_8Li9xnb-SesD6oiK7FHy39PJS0f4ncXbvz2mbZl86BlCNF-3KSgwxIzO8nO6uBnJhG5PPnxTf7Kfo_kcmMyswZ2zdGFNg%3D%3D&request_ab2=0&zoneid=5535648&js_build=iclick-v1.450.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fcutty.app%2FY1NRZsA&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.450.0&bs=67ed9705-9cdb-47b2-9558-41e3dfe9d616&userId=db5419909dcc49b3bdcd433a622837f5&m=link HTTP/1.1
Host: taghaugh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutty.app/
Origin: https://cutty.app
Connection: keep-alive
Cookie: OAID=db5419909dcc49b3bdcd433a622837f5; oaidts=1668996126
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 21 Nov 2022 02:02:07 GMT
content-type: application/json
x-trace-id: 40378f7274088729b4cb94001442a024
access-control-allow-origin: https://cutty.app
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=db5419909dcc49b3bdcd433a622837f5; expires=Tue, 21 Nov 2023 02:02:07 GMT; path=/; secure; SameSite=None
oaidts=1668996127; expires=Tue, 21 Nov 2023 02:02:07 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 28 Nov 2022 02:02:07 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations