cut-y.net/sDfj
172.67.193.143301 Moved Permanently 155 B IP 172.67.193.143:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 42c394b8f0152b372537ace9acc3f7bb
1219c55c4e3ea109c473aab65deb81f09a0fe0a6
6aaad3365c30c4f8d2504e569527e588d33eeae66dd7045bcfeef7413820db2a
GET /sDfj HTTP/1.1
Host: cut-y.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Sep 2022 20:28:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cut-y.net/sDfj
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8SHNaw4vG1ZfX1g%2BxR3Q7KkAXmkEm%2FuXEVV5MrfZnlquOL2iH7T%2FxRC6DbXM3bjXuklPUZJbDVHvfGMMKoINahZjrTS%2BoCDwdnmdTdrFFGqqupV5wn735CKwWI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7440c06c2bb7b506-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6938
Expires: Thu, 01 Sep 2022 22:23:57 GMT
Date: Thu, 01 Sep 2022 20:28:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 19:41:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: E4YijMQlrNBaJP6SkKplI9bWSQqtGc8G3YZ10q8OGPRVTTzFtkGHrQ==
Age: 2819
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VqB-RNTsgBZhwjOi2-KT6GNQ58LGvYlO49LRfWdD-06VE8YJhnKVRA==
age: 69183
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 20:28:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 19:57:05 GMT
Expires: Thu, 01 Sep 2022 19:59:33 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OA7__yDoShGCQpYPEaupuNCeImHYZn49RCBaYfwezXLnYSrhBqN1Eg==
Age: 1875
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4947
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Last-Modified: Thu, 01 Sep 2022 19:05:53 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qLwbSMdKTxE+P/v0WT9Y0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: v+ScmAmjXOFIfPQEYg502QSc3DY=
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 233b56ca7ee50ea48aa0d1b4f4028b8d
657416ef3adcd88b42356ceb4eed9ae93deb9fa4
82da529cb39a66e88cf384ae4456528008b3d50ecb8d73fe1be2f8500ac46e86
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "82DA529CB39A66E88CF384AE4456528008B3D50ECB8D73FE1BE2F8500AC46E86"
Last-Modified: Tue, 30 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10395
Expires: Thu, 01 Sep 2022 23:21:35 GMT
Date: Thu, 01 Sep 2022 20:28:20 GMT
Connection: keep-alive
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
IP 142.250.74.10:0
Hash bd35eb51cf0f1e2ae2673e6d52767d8c
6a55f1be68346e981d22e8a0b7199666bb1572fa
ad7ced2086896f47995e53f5d8fc5ba9c6ac5fadae6ea29cc41d372318834db0
GET /css2?family=Inter:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Sep 2022 20:28:20 GMT
date: Thu, 01 Sep 2022 20:28:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 59bdc2e0a449c6388eb0c96da3586600
c61d2414961c4f05c9bcf400d6a1d9792fbe9093
2b3c911dddbf9fad01ea3232354ac2f0e6731541ab3a7e916ef09682dd43cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cut-y.net/sDfj
104.21.49.213200 OK 15 kB IP 104.21.49.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (17359)
Hash 7da7f9c7f7b38b95316a642b802bcbe8
89a8c7f4cfa2681d32c84e42d05eeacdeb133e2e
a4272ece44048484e91f2465f0ab689f666aa1de2ad1e57c7f7dd9464099a76e
GET /sDfj HTTP/1.1
Host: cut-y.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:28:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: must-revalidate, no-cache, no-store, private
pragma: no-cache
expires: -1
x-frame-options: SAMEORIGIN, SAMEORIGIN
set-cookie: XSRF-TOKEN=eyJpdiI6ImlvM2pHa1FXNmgzRG9OYnlKMUt4NFE9PSIsInZhbHVlIjoiaXFla24vbHR0K3pWaEpEaDdFR29vZ3crL3JsWDBYVXQvTTIySVZXQlh6bDkyYmJiSDJPUG05djNHaGZBaUxlNFhKUlBQZGo3bmVnWXJjMzdxMFcwa0V1UERoTjdkemwzcGdPN2FmcGVKN2wzZmtXbXBGRm0vVGkyZHRaeEV1c2IiLCJtYWMiOiJiMzU3MjdmZWJlYzhlNjAzOThiYmIwOGNlM2E5NTQwYjEyN2U4OTc1YjUwMWI1Zjk2MDEwM2RjN2E5ZDk0YWU4IiwidGFnIjoiIn0%3D; expires=Thu, 08 Sep 2022 20:28:20 GMT; Max-Age=604800; path=/; samesite=lax
cuty_session=eyJpdiI6ImdzZ3VkS0Jsb0FpNFp4U1J4ZGlWZ3c9PSIsInZhbHVlIjoiZ3BGUDdCdWprTlo2dnBFR1lsQ29pbXI5SVF2RWFoQU41MDNQa0YwYkpSelp3NTlVaEVwc1Q3SHhxRjR4THdZZTRjLytSWUpOL0xHZWxxM1FkK2ZrVElyNHhWSnJta3pRM2duQXNQSGNtUFIxZkwyMkE2YTBxdWhVQlBVbkwzdXAiLCJtYWMiOiJlOTlhZWI3NDZlOGM4MjZlMDRjMDM2MGY4ZmE0MDY2NDc2MWI3YTUxNzhhY2JlMTNlMGZhMjVlYWFiZWE1NDc4IiwidGFnIjoiIn0%3D; expires=Thu, 08 Sep 2022 20:28:20 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJRrPoDWxBnbYfpfZ256Z8CJFCoHlATYPBW2XvnSxuqbsYC3%2BchR365%2Fbzge8JYthmHjH%2FIELVNh944DogGFdUDe5XVe1xy%2Bia3opb9LUGzQsgnIM1kM2dfYYpY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7440c06de800b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0df4349f922a424e3feb92b8037a644b
515b467c1248b527a30dd7b806cf421dd8c58ed5
d62b59f7ebdb3e7dd80e7c3373846612c7d6f5953bdb0511c50a6343f92896b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.163200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cut-y.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 06:03:56 GMT
expires: Fri, 01 Sep 2023 06:03:56 GMT
cache-control: public, max-age=31536000
age: 51864
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simoolkankrej.com/tbDiri6ECfK2Via/51949
23.109.248.145200 OK 25 B URL HTTP/1.1 simoolkankrej.com/tbDiri6ECfK2Via/51949
IP 23.109.248.145:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
Analyzer Verdict Alert quad9 Sinkholed
GET /tbDiri6ECfK2Via/51949 HTTP/1.1
Host: simoolkankrej.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 20:28:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://cut-y.net
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Fri, 02-Sep-2022 20:28:20 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Fri, 02-Sep-2022 20:28:20 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
d192r5l88wrng7.cloudfront.net/?rwlrd=961706
54.230.245.16200 OK 116 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=961706
IP 54.230.245.16:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 116 kB (115660 bytes)
Hash 1bfc39790f2adf4e3b9d584f9b89f111
e2961dfbdfbeeab36a53554ecd3d4081f63758df
cfdd49255f1d259d64c08b4c5cb53fad40fa50ebf1d9441a1a46d9f590672577
GET /?rwlrd=961706 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 115660
date: Thu, 01 Sep 2022 20:28:20 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qYWoYd03L2eV5psp69by6JABnw6lZVXM2pga9REudZVu62SQhOQfyQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4d5614637f1342f66b326bb56e326f06
e5ea4b5f42d88b28f899bf1a4f9963fa96617281
cc78190067eb07d86ded5cfef97454e0c87882a404d9472ea7145e152e2d22bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC78190067EB07D86DED5CFEF97454E0C87882A404D9472EA7145E152E2D22BB"
Last-Modified: Wed, 31 Aug 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18288
Expires: Fri, 02 Sep 2022 01:33:08 GMT
Date: Thu, 01 Sep 2022 20:28:20 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 446f266f32b492240f4c0bc723f953eb
b7f42cfd300460457ce5ad7e8d8fff783971de94
a669c4d247023d0eb4bf871984284e978f32f8485c5a61fb32ad2315a30be9a7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A669C4D247023D0EB4BF871984284E978F32F8485C5A61FB32AD2315A30BE9A7"
Last-Modified: Tue, 30 Aug 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10400
Expires: Thu, 01 Sep 2022 23:21:40 GMT
Date: Thu, 01 Sep 2022 20:28:20 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 446f266f32b492240f4c0bc723f953eb
b7f42cfd300460457ce5ad7e8d8fff783971de94
a669c4d247023d0eb4bf871984284e978f32f8485c5a61fb32ad2315a30be9a7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A669C4D247023D0EB4BF871984284E978F32F8485C5A61FB32AD2315A30BE9A7"
Last-Modified: Tue, 30 Aug 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10400
Expires: Thu, 01 Sep 2022 23:21:40 GMT
Date: Thu, 01 Sep 2022 20:28:20 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 446f266f32b492240f4c0bc723f953eb
b7f42cfd300460457ce5ad7e8d8fff783971de94
a669c4d247023d0eb4bf871984284e978f32f8485c5a61fb32ad2315a30be9a7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A669C4D247023D0EB4BF871984284E978F32F8485C5A61FB32AD2315A30BE9A7"
Last-Modified: Tue, 30 Aug 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10400
Expires: Thu, 01 Sep 2022 23:21:40 GMT
Date: Thu, 01 Sep 2022 20:28:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 49 kB IP 142.250.74.3:0
Hash 1ea59187ab5971e3f250db40827f6baa
fbd09326c7a0dc81913a88b475985723a25b435c
0ade28eb5d3e6640152dece12874bc4cfc2413c673ab57e5d89b70e47a050747
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 67921e2bd7c620bdd4db5ed1e73d3146
1deaa030ab490c63f94bde4c7ada5e2f849fb506
7fcee2496cdc63c9779941621d9e61acd006910947ccb6c7e98f383b0bf4574c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
athyimmesa.shop/SHNqUFMpEQk9bClOCHYmOh9XdWEOVlgWN3lKWCJmJEtSJyEmFF1+MCQcHzQ1OhwEJH0mFh51YQ4iDzsrJSIyFQkBBA0+By9HBhE9MDo+GGIaED80MAIbPyUbPwMSEQEZFy4SYz05WjdqBBs7ZAU/R1gRPTAxMhMSAD8SChspFCcmFiMXUwEQCSUtGBUbKR0FGAEEW2gbCT4FFRcZIC8qAg45BjMDBCUZIxsvMgYTOngiMmNnLxcsaRgpJTgoBBk5UwZhGjAlFz8dEDhgBwEbJ2UFDRtSGD0kOyAIIxspLxlnKSU4KBI/CxoGAgo6PhcZHxIsAhouMkcVOA0bLzoCez5ZAxswKwkFFQQVLDQ4GUMFIRcyPj8YEAUWMBUecBc8EiUZJR1lBHsyTDogJx0abTQdHxwBGy5KLTIhMQ
54.230.111.42200 OK 1.2 kB URL HTTP/2 athyimmesa.shop/SHNqUFMpEQk9bClOCHYmOh9XdWEOVlgWN3lKWCJmJEtSJyEmFF1+MCQcHzQ1OhwEJH0mFh51YQ4iDzsrJSIyFQkBBA0+By9HBhE9MDo+GGIaED80MAIbPyUbPwMSEQEZFy4SYz05WjdqBBs7ZAU/R1gRPTAxMhMSAD8SChspFCcmFiMXUwEQCSUtGBUbKR0FGAEEW2gbCT4FFRcZIC8qAg45BjMDBCUZIxsvMgYTOngiMmNnLxcsaRgpJTgoBBk5UwZhGjAlFz8dEDhgBwEbJ2UFDRtSGD0kOyAIIxspLxlnKSU4KBI/CxoGAgo6PhcZHxIsAhouMkcVOA0bLzoCez5ZAxswKwkFFQQVLDQ4GUMFIRcyPj8YEAUWMBUecBc8EiUZJR1lBHsyTDogJx0abTQdHxwBGy5KLTIhMQ
IP 54.230.111.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3018), with no line terminators
Hash 31c5e47bd360fc8a0dfbd77b7f002a6b
bb938c5f8ee3d787eb17ff1cf4d4d0a15a1dc424
07a0cd9fcab03516ce1fa8de3dd3e3c374d3c9c59c4b7bcaaaf9727e1de968cc
GET /SHNqUFMpEQk9bClOCHYmOh9XdWEOVlgWN3lKWCJmJEtSJyEmFF1+MCQcHzQ1OhwEJH0mFh51YQ4iDzsrJSIyFQkBBA0+By9HBhE9MDo+GGIaED80MAIbPyUbPwMSEQEZFy4SYz05WjdqBBs7ZAU/R1gRPTAxMhMSAD8SChspFCcmFiMXUwEQCSUtGBUbKR0FGAEEW2gbCT4FFRcZIC8qAg45BjMDBCUZIxsvMgYTOngiMmNnLxcsaRgpJTgoBBk5UwZhGjAlFz8dEDhgBwEbJ2UFDRtSGD0kOyAIIxspLxlnKSU4KBI/CxoGAgo6PhcZHxIsAhouMkcVOA0bLzoCez5ZAxswKwkFFQQVLDQ4GUMFIRcyPj8YEAUWMBUecBc8EiUZJR1lBHsyTDogJx0abTQdHxwBGy5KLTIhMQ HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1173
date: Thu, 01 Sep 2022 20:28:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qBzHRTyjhQw7xFcRNGX4FfuFf55Dn_JkT2LK4KTRFXAI8er515ecVQ==
X-Firefox-Spdy: h2
athyimmesa.shop/NEhIYThVKisMB1V1KkdNRiR1RApybXonXAVxehMNWHBwFkpaL39PW1gnPQVeRicmFRZaLTxECnIqBidfThwyN2B6eXgRe18JMDcLfQUJDFNxLj8oa3kjCQZvBBokM18FLBEgfnUtEAZ7cXkjCWBhHR47b1gKHAtPey4wL2F7HngOe3YBcTlrQwEKOQ1nA3kCclYKHVdudSN5OXxiKx8lamcpLwVBVhp5RApyDQk7V3MyKyR6bHgJJWp1DyknAFkfeCRfciZ4J2xzCQ4keXkJLjB5eg0JO1dlHCMwekwjAwRqRw0rM2INCh4sAWELGgB9Yzh5B2lhDikgFXpteiN6ZR5xIGANHBAySGMDHhF1UhkNK3x1AnogClgJCzZTEiI7DlZEdT0jUGARO1d1AgMiD1BFBR4
54.230.111.42200 OK 1.2 kB URL HTTP/2 athyimmesa.shop/NEhIYThVKisMB1V1KkdNRiR1RApybXonXAVxehMNWHBwFkpaL39PW1gnPQVeRicmFRZaLTxECnIqBidfThwyN2B6eXgRe18JMDcLfQUJDFNxLj8oa3kjCQZvBBokM18FLBEgfnUtEAZ7cXkjCWBhHR47b1gKHAtPey4wL2F7HngOe3YBcTlrQwEKOQ1nA3kCclYKHVdudSN5OXxiKx8lamcpLwVBVhp5RApyDQk7V3MyKyR6bHgJJWp1DyknAFkfeCRfciZ4J2xzCQ4keXkJLjB5eg0JO1dlHCMwekwjAwRqRw0rM2INCh4sAWELGgB9Yzh5B2lhDikgFXpteiN6ZR5xIGANHBAySGMDHhF1UhkNK3x1AnogClgJCzZTEiI7DlZEdT0jUGARO1d1AgMiD1BFBR4
IP 54.230.111.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3006), with no line terminators
Hash d166093eec7fd66dffacbc578645c81e
42d1816377e5e6f805750c69b2ac85ed95677f56
e53f72719884e0c645999d2d8b8cec79d3a2907ae4ec637c8877c6455fab5bbb
GET /NEhIYThVKisMB1V1KkdNRiR1RApybXonXAVxehMNWHBwFkpaL39PW1gnPQVeRicmFRZaLTxECnIqBidfThwyN2B6eXgRe18JMDcLfQUJDFNxLj8oa3kjCQZvBBokM18FLBEgfnUtEAZ7cXkjCWBhHR47b1gKHAtPey4wL2F7HngOe3YBcTlrQwEKOQ1nA3kCclYKHVdudSN5OXxiKx8lamcpLwVBVhp5RApyDQk7V3MyKyR6bHgJJWp1DyknAFkfeCRfciZ4J2xzCQ4keXkJLjB5eg0JO1dlHCMwekwjAwRqRw0rM2INCh4sAWELGgB9Yzh5B2lhDikgFXpteiN6ZR5xIGANHBAySGMDHhF1UhkNK3x1AnogClgJCzZTEiI7DlZEdT0jUGARO1d1AgMiD1BFBR4 HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1165
date: Thu, 01 Sep 2022 20:28:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iJu_yUy7ChTb443frVox1wIOlevLPm5lriFZ4VYLjcqaiQlw7D21Dg==
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
142.250.74.164200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 20ea0fc27ddf01e53ed8882484fc01de
0ab2af2f82275ff31c78701aeaad55f702ac8a40
f6bd5bccba08ad51ba7be815ff11f12155c7f507a37c690075b3e01dc25d6fcd
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 01 Sep 2022 20:28:20 GMT
date: Thu, 01 Sep 2022 20:28:20 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
142.250.74.72200 OK 74 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-GGDCMPL4QP
IP 142.250.74.72:0
File type ASCII text, with very long lines (14270)
Hash d9e640387e983d6e9683699c48be7127
671598c98905602432849d3cb1bb026a16d73a67
bfd1e7b6bfd91fd025f64861e34bf6c2c92658ce5e8c4035558052961558a41b
GET /gtag/js?id=G-GGDCMPL4QP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Sep 2022 20:28:20 GMT
expires: Thu, 01 Sep 2022 20:28:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
athyimmesa.shop/ME94anJRLRsHTVFyGkwHQiNFT0B2akosFgF2ShhHXHdAHQBeKE9EEVwgDQ4UQiAWHlxeKgxPQHYiKgA4ewI+Ox5oHCo9E0oFGiYVATsbKzgVfT4rQHIoLy4eVgASMyJ8JDU7FmcoTwkKV2pKKCRoNxYgMXY+ORIrVx8+MEFxBzEbJ0kdIAslchcyLDxAKwA7AGYLIl0wXTc9IDFcFRxbQkQGEztXAgktEEIVfTo/IQAYMTkRYAVJUgd8fkwHJ2gJSA46CCoiLT9xKhANAVQ4NhwzSBUSKzpALCg5GngCEDwfVCQIEzBXOw8oHwgLPgc/cSoTIxtpOD0mMWcFFysfHQIuMBxqGTRbPxV9PiEgVHscBygCDksFM2oXIS4QRwUTIzRDey4+O0AcFVIxdSFALyhxDQEnBQl4XgABXyEIVxZDC0swA3MDAA1EZz8fMjs
54.230.111.42200 OK 1.2 kB URL HTTP/2 athyimmesa.shop/ME94anJRLRsHTVFyGkwHQiNFT0B2akosFgF2ShhHXHdAHQBeKE9EEVwgDQ4UQiAWHlxeKgxPQHYiKgA4ewI+Ox5oHCo9E0oFGiYVATsbKzgVfT4rQHIoLy4eVgASMyJ8JDU7FmcoTwkKV2pKKCRoNxYgMXY+ORIrVx8+MEFxBzEbJ0kdIAslchcyLDxAKwA7AGYLIl0wXTc9IDFcFRxbQkQGEztXAgktEEIVfTo/IQAYMTkRYAVJUgd8fkwHJ2gJSA46CCoiLT9xKhANAVQ4NhwzSBUSKzpALCg5GngCEDwfVCQIEzBXOw8oHwgLPgc/cSoTIxtpOD0mMWcFFysfHQIuMBxqGTRbPxV9PiEgVHscBygCDksFM2oXIS4QRwUTIzRDey4+O0AcFVIxdSFALyhxDQEnBQl4XgABXyEIVxZDC0swA3MDAA1EZz8fMjs
IP 54.230.111.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators
Hash 9a09abcff991319e132d05a6217ec6c5
075a602d6ee2f6acded9129f1fa25a286da8456e
345a08587aaba68b41aa526484e243a71671f5002331f48cf37e0f626b4ae869
GET /ME94anJRLRsHTVFyGkwHQiNFT0B2akosFgF2ShhHXHdAHQBeKE9EEVwgDQ4UQiAWHlxeKgxPQHYiKgA4ewI+Ox5oHCo9E0oFGiYVATsbKzgVfT4rQHIoLy4eVgASMyJ8JDU7FmcoTwkKV2pKKCRoNxYgMXY+ORIrVx8+MEFxBzEbJ0kdIAslchcyLDxAKwA7AGYLIl0wXTc9IDFcFRxbQkQGEztXAgktEEIVfTo/IQAYMTkRYAVJUgd8fkwHJ2gJSA46CCoiLT9xKhANAVQ4NhwzSBUSKzpALCg5GngCEDwfVCQIEzBXOw8oHwgLPgc/cSoTIxtpOD0mMWcFFysfHQIuMBxqGTRbPxV9PiEgVHscBygCDksFM2oXIS4QRwUTIzRDey4+O0AcFVIxdSFALyhxDQEnBQl4XgABXyEIVxZDC0swA3MDAA1EZz8fMjs HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1184
date: Thu, 01 Sep 2022 20:28:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 00NNHaQgCYdGMjKOGrkJos4aabi95kC-nuoYeMUY3bHW7_OB2JjVsg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ployeesihigh.one/VEZ1dUF7eRYGfAF3My8iOTYHLxZtAC1HCzgfIAUgNXQ7ABBlKVMBKDB7TENwY3ZDUzE9IkhEZycyFAE0J3tEUyg6IBpIZyJ7RFtyYGhHTW9kYABIcHIyBRQmaXdTBTUgKkhEd2J0RUN1ZXZFR3Jj
172.67.132.192204 No Content 0 B URL HTTP/2 ployeesihigh.one/VEZ1dUF7eRYGfAF3My8iOTYHLxZtAC1HCzgfIAUgNXQ7ABBlKVMBKDB7TENwY3ZDUzE9IkhEZycyFAE0J3tEUyg6IBpIZyJ7RFtyYGhHTW9kYABIcHIyBRQmaXdTBTUgKkhEd2J0RUN1ZXZFR3Jj
IP 172.67.132.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VEZ1dUF7eRYGfAF3My8iOTYHLxZtAC1HCzgfIAUgNXQ7ABBlKVMBKDB7TENwY3ZDUzE9IkhEZycyFAE0J3tEUyg6IBpIZyJ7RFtyYGhHTW9kYABIcHIyBRQmaXdTBTUgKkhEd2J0RUN1ZXZFR3Jj HTTP/1.1
Host: ployeesihigh.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Sep 2022 20:28:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tj1iDTQCFNhqq%2BPJKkukooPGxoNfeVMW%2BMua5PKhHVmwBTa1IOeKXvyXfxN6OPmrbA%2B7iSNk%2FwBI3KdNjEE6OxlB6G3H%2FpnR0jjRcnZklOrPplHDyi%2F%2Fe6tAdb72RBeVoHBp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7440c0766ed2fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ployeesihigh.one/M3B2aWgcTxUaVWceGjA/dEFCOi8KAyEhBHERGysOVjUwHQoCA1AdAVdNT19ZBEBBTxhaFEtYUBUDAggcRgNLWE5aHhAGVRUGS1hGA15HR1oVBUtYTkcAFw5VAlYGHRxfTUdfXgFAQF1ZA0BEX14
172.67.132.192204 No Content 0 B URL HTTP/2 ployeesihigh.one/M3B2aWgcTxUaVWceGjA/dEFCOi8KAyEhBHERGysOVjUwHQoCA1AdAVdNT19ZBEBBTxhaFEtYUBUDAggcRgNLWE5aHhAGVRUGS1hGA15HR1oVBUtYTkcAFw5VAlYGHRxfTUdfXgFAQF1ZA0BEX14
IP 172.67.132.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /M3B2aWgcTxUaVWceGjA/dEFCOi8KAyEhBHERGysOVjUwHQoCA1AdAVdNT19ZBEBBTxhaFEtYUBUDAggcRgNLWE5aHhAGVRUGS1hGA15HR1oVBUtYTkcAFw5VAlYGHRxfTUdfXgFAQF1ZA0BEX14 HTTP/1.1
Host: ployeesihigh.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Sep 2022 20:28:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pn4rW92IOnXKJYcFZ68WMo1l72b0YpRio0czXytlVaHTJno5lm%2BIPdhGA7tku4X%2BK6GhTE6agGDAn1%2Bhk%2FkxDUKjSeZLlAZGLzo3Z1WbNPvqqzy6rY%2BTrfmT1NPzLp2gNeBV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7440c0766edbfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ployeesihigh.one/UFRPWXR/aywqSQUSJyouPBImODI4ARUOJj8DIz0ZCQM7PyE9BWktHTRpdm9EZWd7fwQ5MHJoUiMgLi0BI2l+fx0+MiBkUiZpfndHZHp9YVpgcjpkRXYgPzgTbWVpKQAkOHJoQmZmf29AYWR/a0Fn
172.67.132.192204 No Content 0 B URL HTTP/2 ployeesihigh.one/UFRPWXR/aywqSQUSJyouPBImODI4ARUOJj8DIz0ZCQM7PyE9BWktHTRpdm9EZWd7fwQ5MHJoUiMgLi0BI2l+fx0+MiBkUiZpfndHZHp9YVpgcjpkRXYgPzgTbWVpKQAkOHJoQmZmf29AYWR/a0Fn
IP 172.67.132.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UFRPWXR/aywqSQUSJyouPBImODI4ARUOJj8DIz0ZCQM7PyE9BWktHTRpdm9EZWd7fwQ5MHJoUiMgLi0BI2l+fx0+MiBkUiZpfndHZHp9YVpgcjpkRXYgPzgTbWVpKQAkOHJoQmZmf29AYWR/a0Fn HTTP/1.1
Host: ployeesihigh.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Sep 2022 20:28:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sx684%2F6PNflNlP%2F90LSqKttJcE6hmHdPp9o2h0TmA2jVupCXXp5YtO58LJRtFFI4yXXZYX8nsAUHqGmCSvvsROK7EXxQORPsN4vEpn5la%2BJFgIjugNX5SfhRBD8O8qoZdMY4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7440c0767ee5fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 414ff8012191c933c8e899d8747fc7e4
e27ebe1c5805da5ad35c3c2103080eecde9324ac
2d7821e987f1cc3049d4d9454091f26ca2e1b3de886a8b12fde553de902c6ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 32 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 709da92d34c58571856af209a101cba5
b34bb7a0c924e5222d847aebff5979db0521614e
b96cecb27e1efa56be7780796134bb18ee77babe1f505a33b35ecc3879f27bde
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A669C4D247023D0EB4BF871984284E978F32F8485C5A61FB32AD2315A30BE9A7"
Last-Modified: Tue, 30 Aug 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10399
Expires: Thu, 01 Sep 2022 23:21:40 GMT
Date: Thu, 01 Sep 2022 20:28:21 GMT
Connection: keep-alive
d192r5l88wrng7.cloudfront.net/QekxmQXEZIwgnTg4lAnxITH1RcUdcJhUuHwpxARQdDB0uJ0g9LhQ4Vw42AnxBXCAHLxZHagMvEkd9QCAVGHFSZwUKIw18HAMoEDQSEzQFJlcPLVssHgAlCi0QX34gdF9KaVRxWQJ9V2RCOGlUcR0TIhM5VEh8HnlHJXpSZEI4aVRxAwxpVQBITGJWaFRIfA-EkEhEjQ3M3SHxXcUFLfFdkQ0oqDzMUHCMeZEM8dVBvQVw5W3A
54.230.245.16200 OK 566 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/QekxmQXEZIwgnTg4lAnxITH1RcUdcJhUuHwpxARQdDB0uJ0g9LhQ4Vw42AnxBXCAHLxZHagMvEkd9QCAVGHFSZwUKIw18HAMoEDQSEzQFJlcPLVssHgAlCi0QX34gdF9KaVRxWQJ9V2RCOGlUcR0TIhM5VEh8HnlHJXpSZEI4aVRxAwxpVQBITGJWaFRIfA-EkEhEjQ3M3SHxXcUFLfFdkQ0oqDzMUHCMeZEM8dVBvQVw5W3A
IP 54.230.245.16:0
File type ASCII text, with very long lines (788), with no line terminators
Hash d6c6b7bf3329e863435d5d7ce62f6855
c99cf3af93539beb1e7d99c5891417f24730dfb7
099e31c86737393eac8fada451923e8c7e3bed173b93d0d09a28c46b6b6c27c6
GET /QekxmQXEZIwgnTg4lAnxITH1RcUdcJhUuHwpxARQdDB0uJ0g9LhQ4Vw42AnxBXCAHLxZHagMvEkd9QCAVGHFSZwUKIw18HAMoEDQSEzQFJlcPLVssHgAlCi0QX34gdF9KaVRxWQJ9V2RCOGlUcR0TIhM5VEh8HnlHJXpSZEI4aVRxAwxpVQBITGJWaFRIfA-EkEhEjQ3M3SHxXcUFLfFdkQ0oqDzMUHCMeZEM8dVBvQVw5W3A HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://athyimmesa.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 566
date: Thu, 01 Sep 2022 20:28:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ydqDJtP0PmeqLhmQ8ulRg5vYP37vEG1UdvK0Gs5wTKcPCyC1Kahk9g==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/mRjJKMFQlXSRWazJbLg1tcAJ/A2BgWDlfOjYPLkMQdWg7cxg+VXxnJCFqAxYgPFZ3AHIqUyRXaWBXJFNpdxQrVDZ7BmxEJClZd10tIkQ/Uz0+US0WIScPJ18uL14mUXF0dH8eZGMAehgsdwNvAxZjAHpcPShHMhVmdkpyBgtwBm8DFmMAekIiYwELCWJoAm-MVZnZVL1M/KRd4dmZ2A3oAZXYDbwJkIFs4VTIpSm8CEn8EZAByMw97
54.230.245.16200 OK 502 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/mRjJKMFQlXSRWazJbLg1tcAJ/A2BgWDlfOjYPLkMQdWg7cxg+VXxnJCFqAxYgPFZ3AHIqUyRXaWBXJFNpdxQrVDZ7BmxEJClZd10tIkQ/Uz0+US0WIScPJ18uL14mUXF0dH8eZGMAehgsdwNvAxZjAHpcPShHMhVmdkpyBgtwBm8DFmMAekIiYwELCWJoAm-MVZnZVL1M/KRd4dmZ2A3oAZXYDbwJkIFs4VTIpSm8CEn8EZAByMw97
IP 54.230.245.16:0
File type ASCII text, with very long lines (688), with no line terminators
Hash acada517e45fc65531cb69bcc5c5418a
59d3e21c338f28c68978dd71181511d731178327
71f4e380cd6b159337613a3918004c338d0bdc41438cece9baaa353ffd8ee596
GET /mRjJKMFQlXSRWazJbLg1tcAJ/A2BgWDlfOjYPLkMQdWg7cxg+VXxnJCFqAxYgPFZ3AHIqUyRXaWBXJFNpdxQrVDZ7BmxEJClZd10tIkQ/Uz0+US0WIScPJ18uL14mUXF0dH8eZGMAehgsdwNvAxZjAHpcPShHMhVmdkpyBgtwBm8DFmMAekIiYwELCWJoAm-MVZnZVL1M/KRd4dmZ2A3oAZXYDbwJkIFs4VTIpSm8CEn8EZAByMw97 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://athyimmesa.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 502
date: Thu, 01 Sep 2022 20:28:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uQrjRfZfW9zokugDr0pNRnF78yZYbRQpjDe-adMOYRjHWEWtsp_faQ==
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/bNFgzTzVXN10pCkAxV3IMAmkEfwISMkAgW0RlRg1dYAFAeXgCE1khXUUVZWlBTjwOfxNYOV0oCBI9XSwIBX5SK1cJbBU6VAk1XDVcWDRSagdybR1/EAZoGzcEBX0ADRAGaF8mW0EgFn0FTGAFEAMAfQANEAZoQTkQBxkKeRsEcRZ9BVM9UCRaEWp1fQUFaA-N+BQV9AX9TXSpWKVpMfQEJDAJ2A2lACWk
54.230.245.16200 OK 190 B URL HTTP/2 d192r5l88wrng7.cloudfront.net/bNFgzTzVXN10pCkAxV3IMAmkEfwISMkAgW0RlRg1dYAFAeXgCE1khXUUVZWlBTjwOfxNYOV0oCBI9XSwIBX5SK1cJbBU6VAk1XDVcWDRSagdybR1/EAZoGzcEBX0ADRAGaF8mW0EgFn0FTGAFEAMAfQANEAZoQTkQBxkKeRsEcRZ9BVM9UCRaEWp1fQUFaA-N+BQV9AX9TXSpWKVpMfQEJDAJ2A2lACWk
IP 54.230.245.16:0
File type ASCII text, with no line terminators
Hash bb96480a9fcac8f2b1576103853869f9
67d9bb1c562be8bcb9d86e6e14ecd7661681347e
78a87686024fc743b32d378d979101f3f4e608a32e3788643df09d5218bcc5dc
GET /bNFgzTzVXN10pCkAxV3IMAmkEfwISMkAgW0RlRg1dYAFAeXgCE1khXUUVZWlBTjwOfxNYOV0oCBI9XSwIBX5SK1cJbBU6VAk1XDVcWDRSagdybR1/EAZoGzcEBX0ADRAGaF8mW0EgFn0FTGAFEAMAfQANEAZoQTkQBxkKeRsEcRZ9BVM9UCRaEWp1fQUFaA-N+BQV9AX9TXSpWKVpMfQEJDAJ2A2lACWk HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://athyimmesa.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 190
date: Thu, 01 Sep 2022 20:28:21 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DCa4h6Oh7W6tSTimOYxHN7EUrBIxd4setLom8yLagU7r48e3Irv_oA==
X-Firefox-Spdy: h2
accedenonre.xyz/
44.195.137.121200 OK 0 B IP 44.195.137.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: accedenonre.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 382
Origin: https://cut-y.net
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 11 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 20c434859751df95371d6c412de519b5
4cd9233d1b4fe1a26726aeccfc4ca139ae44b8c7
59e898b4782ba9d4752c2683f15aad9d6d49420da1475af9f57c051f26efb606
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 20:28:21 GMT
Server: ECS (dcb/7EED)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Pdy2HHIEBAnXhtQ47ZtwCsRLiCitl54Muu9_ipt299-eXcb2VJasOQ==
foreukandth.xyz/utx?tid=961366&top=cut-y.net&cb=LO7zZOor4Fvv
54.230.111.65204 No Content 0 B URL HTTP/2 foreukandth.xyz/utx?tid=961366&top=cut-y.net&cb=LO7zZOor4Fvv
IP 54.230.111.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=961366&top=cut-y.net&cb=LO7zZOor4Fvv HTTP/1.1
Host: foreukandth.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cut-y.net
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 01 Sep 2022 20:28:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://cut-y.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 01 Sep 2022 20:29:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uhOPNGfydFPpf6AXZHlSY_WtHDDUYlboSx1hniULORUsW6UviQZdgA==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1abf157c3f71ca66025a737feef47911
74bca092cdb5cd901037dd26bc3dac2b59d5ff89
60e3f65f9192db5c1a4c3720f1c1a6a24dc21663d8f8440b29f05fe5864cab0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6592
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:21 GMT
Last-Modified: Thu, 01 Sep 2022 18:38:29 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0baf5d701366d0b1a47ea77ea18ad9
5ab565240dc1236e8c5fe1feccd68537b282fdf5
2af2d87becf2dda7c35e067d03e5adaca50e8f07af1acadc0c8452bbc828b354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0baf5d701366d0b1a47ea77ea18ad9
5ab565240dc1236e8c5fe1feccd68537b282fdf5
2af2d87becf2dda7c35e067d03e5adaca50e8f07af1acadc0c8452bbc828b354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 394 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash a4c86d2bfe1e837a20f8013682812ef1
624cdd2cf68eed3050db468c5dff4c14a650fd7b
bfcab5ab1e748171610a568bf974b4f8d1ec36f66110059e6ffb3412495d8528
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Sep 2022 20:28:21 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1326427655%3A1662064101688481&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWAITvUWXVtSsBLxFTlw5P2Iug8BjAbkSkT2YMw_ZVtbNtQ1evkfs6JaQwq1mXeye3iaUet-Q
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-2qkxjUmkfCI07ha9FsPxtw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 394
server: GSE
set-cookie: __Host-GAPS=1:c4axGrkZWT9HsJyQ_o2oipH9J7yVfQ:RcWfbAc9Nu6Cwaxv;Path=/;Expires=Sat, 31-Aug-2024 20:28:21 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
athyimmesa.shop/utx?cb=XdUcza9kbrZK&top=cut-y.net&tid=961706
54.230.111.42204 No Content 162 B URL HTTP/2 athyimmesa.shop/utx?cb=XdUcza9kbrZK&top=cut-y.net&tid=961706
IP 54.230.111.42:0
Hash d0719bb1e3fedbfa668ae6938cfdf7f7
0983984b4f187b2d0d897d9dced2b7d7c660416d
d8ea0b6439da26365ab1d9a5d2b0f11e19ef8e024969cf9a551a7507675eed75
GET /utx?cb=XdUcza9kbrZK&top=cut-y.net&tid=961706 HTTP/1.1
Host: athyimmesa.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cut-y.net
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 01 Sep 2022 20:28:21 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://cut-y.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 01 Sep 2022 20:29:21 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LECv0XsUvZPVNBhFqEyaiqWLG_3BjBdhgzA-2l3XO9iqbchpERG5vw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18134
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:28:21 GMT
Connection: keep-alive
accedenonre.xyz/dmFydTkNQwECZgMTHlcDVAkGAUkFW11aWgMVXwwXGAQGWkoBTxgGG1pDARhfVFtDWRsFDARXA1RVXEYbWkMGFF4pCBZXA1RYREQKQFdQWRsFFBAqUBJTUE8bQ1NLQVgTAEFYDEZYE1gNF1RCWFhEWEBYXBJTRhQKE1lHEAlAQw8
44.195.137.121502 Bad Gateway 0 B URL HTTP/2 accedenonre.xyz/dmFydTkNQwECZgMTHlcDVAkGAUkFW11aWgMVXwwXGAQGWkoBTxgGG1pDARhfVFtDWRsFDARXA1RVXEYbWkMGFF4pCBZXA1RYREQKQFdQWRsFFBAqUBJTUE8bQ1NLQVgTAEFYDEZYE1gNF1RCWFhEWEBYXBJTRhQKE1lHEAlAQw8
IP 44.195.137.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmFydTkNQwECZgMTHlcDVAkGAUkFW11aWgMVXwwXGAQGWkoBTxgGG1pDARhfVFtDWRsFDARXA1RVXEYbWkMGFF4pCBZXA1RYREQKQFdQWRsFFBAqUBJTUE8bQ1NLQVgTAEFYDEZYE1gNF1RCWFhEWEBYXBJTRhQKE1lHEAlAQw8 HTTP/1.1
Host: accedenonre.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 502 Bad Gateway
set-cookie: 38659fe7c94ce159a691f739f6a70a41=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 401 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Hash f5335735829b38c9bfb813102f2d58fc
d8d8a1c1dc749b77bbd92fdd5af2092ec54787e2
02b9123d9ee53cfd449c0ee7168b86adbfe8da5a9b7ddd37904e243e8fa39d78
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Sep 2022 20:28:21 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1358731571%3A1662064101699421&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVMVzGsRRjwH5-UbMBDCpL84T8iZk_oMTb3GW_7IjFSw5C4Xy0ssbsrlBKqmfzNFxCbTmNBBw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce--0NX3do1_Zb1rKcssjnmqA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
set-cookie: __Host-GAPS=1:fzno_WJ_sDOfeZN-e5XWzw3Q4Jh26Q:xzednaeziLYVG0qR;Path=/;Expires=Sat, 31-Aug-2024 20:28:21 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18134
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:28:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18134
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:28:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18134
Expires: Fri, 02 Sep 2022 01:30:35 GMT
Date: Thu, 01 Sep 2022 20:28:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gwk8Z-MzgO1APlMgvdN3-5KGdQ2K4I959yy-YdbVUD5AOZTQ0mjYhQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 00:00:46 GMT
age: 73655
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:19 GMT
age: 82262
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac4d5b101c9dc6a6f7e4bf252bfa9ca7
b844f3dcb14a2995644312406a80842e3f02a114
e81f08ce6d9c7670f6e291f3d6a674b624386bd550d5c364264c3ff8fb7c797a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd1bafb-f92b-46dc-9f17-4df493cefb83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10137
x-amzn-requestid: 7d5f19c4-7c9b-4aad-928c-bb44da795f1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaISzFY1IAMF-zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630720de-0ea5331041f0167a196f9820;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:12:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: h1ELVJBwpf4d3Fbspah-2KCSXx08D8_ZAgcZZjQSJdkMIUmtNmGJOw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:59:05 GMT
age: 55756
etag: "b844f3dcb14a2995644312406a80842e3f02a114"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 13:35:58 GMT
age: 24743
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: et3ZsWRVoBNMpArUk9CohTyMpS5F0eKiR6cZJRfwAEiiFJUaeay58g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:44:24 GMT
age: 81837
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAEve6mBQ9a1hr2fBR8xq42pxeG9Kjn4yWaMr4z4On46QC9R1K91pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 14:45:21 GMT
age: 20580
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5750c2d8ad348838b41b96ebb27b0b81
86526a56637555a0463df607b7b5cf565a439f27
5cbde2bd32be846c5afb1fce35b0f7de0c4aeec9de4213ddd118467ea70c3e62
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1abf157c3f71ca66025a737feef47911
74bca092cdb5cd901037dd26bc3dac2b59d5ff89
60e3f65f9192db5c1a4c3720f1c1a6a24dc21663d8f8440b29f05fe5864cab0b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6592
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:21 GMT
Last-Modified: Thu, 01 Sep 2022 18:38:29 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed0d982177205beee7fe2a874d759219
86649dcfb3b756df526a4ee83445884902a709eb
ad0c07211b6d2c5f157e4f878bfe57ed6d9a094cf3925f3401b6bdd44ee0fce9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
216.58.207.194200 OK 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cut-y.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Thu, 01 Sep 2022 20:28:21 GMT
expires: Thu, 01 Sep 2022 20:28:21 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17895108528285813737
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 003e8a2cb35bb65683fccbf8bf7a9797
b26fbc7607825162686c7e164d51956addeb1a6c
a71ec1144878270f76c09c51967a1d24b7d82dd700e83216be1e814a74796403
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freychang.fun/asd100.bin
104.21.45.207200 OK 102 kB IP 104.21.45.207:0
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cut-y.net/
Origin: https://cut-y.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:28:21 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cut-y.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 689
last-modified: Thu, 01 Sep 2022 20:16:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQvzl4s3b5GW%2Bp42dYAyfo8LSPZ9UM60wq21kubz0lAlrEcIN%2FtxswWgQHG7EYK4zz8qhX%2BIwLf1l1GaXzWUwPSUjbjUJA0OzGZZT6LzLjPfXKvTGGOnuD5EHHolrOo7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7440c07b7b410b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 24da99bbb6147610a3cb3ea7b826a240
5314c5d75d0cab943686cafea7dc6b4066871056
aff69a9dd0a19991fc9cafa62778c5b8382961f7ac0af625a9d714ce8721ff0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 20:28:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accedenonre.xyz/a05ORHIwbHdyQ1h4eGZeSWxiZkdZd3olFwp9Y3FCUi9jcBNefmMlQFJ8YyEWWXovdxdTeyt0RElibHIUWS8oJRZSY3h3QltjenJEU2N3IBMPY3Z2FAosKnxGUy96cFBHbD0zUEdsLycRDiorKh0FPCtqChI0bGhQWn5gcVBHKC8oAQ5iKCUeGCtiIhMHPSsZ
44.195.137.121200 OK 13 kB URL HTTP/2 accedenonre.xyz/a05ORHIwbHdyQ1h4eGZeSWxiZkdZd3olFwp9Y3FCUi9jcBNefmMlQFJ8YyEWWXovdxdTeyt0RElibHIUWS8oJRZSY3h3QltjenJEU2N3IBMPY3Z2FAosKnxGUy96cFBHbD0zUEdsLycRDiorKh0FPCtqChI0bGhQWn5gcVBHKC8oAQ5iKCUeGCtiIhMHPSsZ
IP 44.195.137.121:0
File type ASCII text, with very long lines (33861), with no line terminators
Hash 2b6bb9f28627c1202ae44abfb8b70629
0b6cf3128131161f51a7aea8451e44a7cecc7627
c42ada7d80a2f743a75e7b2aca39de4c77e1f4cd0e7734209b294ed4822e81ab
GET /a05ORHIwbHdyQ1h4eGZeSWxiZkdZd3olFwp9Y3FCUi9jcBNefmMlQFJ8YyEWWXovdxdTeyt0RElibHIUWS8oJRZSY3h3QltjenJEU2N3IBMPY3Z2FAosKnxGUy96cFBHbD0zUEdsLycRDiorKh0FPCtqChI0bGhQWn5gcVBHKC8oAQ5iKCUeGCtiIhMHPSsZ HTTP/1.1
Host: accedenonre.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
set-cookie: 3892b1afc31648d49a22bf6135e12c84=1; Max-Age=604800
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
cache-control: public, max-age=86400
etag: W/"8445-ATWnxUmcsnRYznegtC9eBE/8maE"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
freychang.fun/asd100.bin
104.21.45.207200 OK 102 kB IP 104.21.45.207:0
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cut-y.net/
Origin: https://cut-y.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:28:21 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cut-y.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 689
last-modified: Thu, 01 Sep 2022 20:16:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7wsBFbMbYMdYgweT7%2B6dtjduj6M0%2BMqMqrNXx0zF%2FvtMnAlsAVV3xfmsy9CtDmMsK1mnutYo2nICDAbptYjTwpC4eZyDb%2BVfaiEpQXgznvKTogMPokT40L%2FGXqnlAKa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7440c07b7b380b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: iDQXyyJCD8ALjDrebc2NMD3DW6TDUFNfKTHXSybNAlw+B01kpccEvneJQGTqrmB9yECpRNNdagQyvdyCICXKEw==
date: Thu, 01 Sep 2022 20:28:21 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuty.io/images/shared/logo.svg
104.26.4.236200 OK 0 B URL HTTP/2 cuty.io/images/shared/logo.svg
IP 104.26.4.236:0
GET /images/shared/logo.svg HTTP/1.1
Host: cuty.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cut-y.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:28:20 GMT
content-type: image/svg+xml
last-modified: Thu, 14 Jul 2022 10:06:16 GMT
vary: Accept-Encoding
etag: W/"62cfea98-175a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 5922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpUYpKlAPENpQJN0RABOPuabw2pPwLDddGeo8nbaa7MQtO8jNGjebsK4B9z4i28Ai4UbYIdQc8O7k5vO%2FSKMAHU6qYEqJFbFg4mc0unrTHpmPnmE1Og6SVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7440c07479010b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-1358731571%3A1662064101699421&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVMVzGsRRjwH5-UbMBDCpL84T8iZk_oMTb3GW_7IjFSw5C4Xy0ssbsrlBKqmfzNFxCbTmNBBw
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-1358731571%3A1662064101699421&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVMVzGsRRjwH5-UbMBDCpL84T8iZk_oMTb3GW_7IjFSw5C4Xy0ssbsrlBKqmfzNFxCbTmNBBw
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-1358731571%3A1662064101699421&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmVMVzGsRRjwH5-UbMBDCpL84T8iZk_oMTb3GW_7IjFSw5C4Xy0ssbsrlBKqmfzNFxCbTmNBBw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cut-y.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Sep 2022 20:28:21 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-X8kYU30J5EFDUDKiJHQfVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=sTTXLqJaTZWAX60ZX1jlWbrmE03k4EVSWSSsrKdXEg_IBM7yNS0bmlQLmBX1MG8R9mxlgPud4HHwL7eWEIRgov_tJgrY9s4yz-OE8RC-crgdP5T2pAMqDy2X2qqpBAtdd3a6gSzgpqMA95tF-S_J2by88kMSIHy3UUpYvkF0pEE; expires=Fri, 03-Mar-2023 20:28:21 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1326427655%3A1662064101688481&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWAITvUWXVtSsBLxFTlw5P2Iug8BjAbkSkT2YMw_ZVtbNtQ1evkfs6JaQwq1mXeye3iaUet-Q
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1326427655%3A1662064101688481&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWAITvUWXVtSsBLxFTlw5P2Iug8BjAbkSkT2YMw_ZVtbNtQ1evkfs6JaQwq1mXeye3iaUet-Q
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1326427655%3A1662064101688481&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmWAITvUWXVtSsBLxFTlw5P2Iug8BjAbkSkT2YMw_ZVtbNtQ1evkfs6JaQwq1mXeye3iaUet-Q HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cut-y.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Sep 2022 20:28:21 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-nt5TMHU8lS2FHYhSHV4BIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=uIiC9nFWa-Q84Fb39ijxDBx-u3owFIpekUNoh5GybgAsKMbtBWBK6vxxTLg8sqG_nYAPhAr2bfR1scHP_rCqD3qJLHPtNRuQtalWqAzhRFfeA6uQ2gkIYsaRx7NX5RU2MrR6IanLqUd0PreHr81CAMqByMnixsAbRImHcS9HSic; expires=Fri, 03-Mar-2023 20:28:21 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
freychang.fun/
104.21.45.207200 OK 0 B IP 104.21.45.207:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: freychang.fun
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cut-y.net/
Origin: https://cut-y.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Sep 2022 20:28:21 GMT
content-type: text/plain
set-cookie: csu=737714324758279@1@1662064101; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://cut-y.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4HHZm6YRJFkFLebCHehhEg7DqLLUH0DWvrl7DtSgR5jmNzz84Rl63EjXLCuC%2FM6skBbgCUrYOqjmjGgJjJEP8rQ5Eca9AGhLgD5%2Bj8T2APxGLUCSzVTRwpxNxOFDGX7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7440c07b7b460b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2