Report - cutpaid.com/vdCU

Report Overview

Submitted URL
cutpaid.com/vdCU
IP
172.67.183.8
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-04 11:05:19
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
interesteddeterminedeurope.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	835 B	15 kB	192.243.59.20
banquetunarmedgrater.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	327 B	173.233.139.164
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	846 B	192.243.59.13
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397 B	1.2 kB	142.250.74.164
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	3.6 kB	23.36.77.32
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	404 B	3.66.118.16
cdn.sb4you1.com	22321	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	64 kB	172.64.200.2
cutpaid.com	390939	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	768 B	1.6 kB	104.21.48.87
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	38 kB	143.204.55.36
i.imgur.com	5110	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	7.6 kB	151.101.84.193
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.3 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	61 kB	34.210.107.213
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	28 kB	172.64.100.4
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	932 B	64 kB	216.58.207.195
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	143.204.42.156
creepingbrings.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	344 B	962 B	172.64.199.30
cdn.yourwebbars.com	62037	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	743 B	104.26.7.19
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	160 kB	142.250.74.163
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	746 B	142.250.74.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	12 kB	23.36.77.32
plungebriefinggladly.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	21 kB	192.243.59.13
s4.histats.com	12782	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	548 B	183 B	192.99.8.28
contagiousantagonizequarry.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.6 kB	8.4 kB	173.233.137.52
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	45 kB	34.120.237.76
s10.histats.com	15211	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	5.8 kB	46.105.201.240

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-04	medium	contagiousantagonizequarry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjW9EWHyVh2mGy1W7HkgrXbzOcxZ00RRRy5m%2FC3Xuj9AwAA%2F%2F8BAAD%2F%2F28%2Bo4mABAAA	Phishing
2022-10-04	medium	contagiousantagonizequarry.com/pixel/sbs?c=1	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-04	medium	interesteddeterminedeurope.com	Sinkholed
2022-10-04	medium	interesteddeterminedeurope.com	Sinkholed
2022-10-04	medium	banquetunarmedgrater.com	Sinkholed
2022-10-04	medium	contagiousantagonizequarry.com	Sinkholed
2022-10-04	medium	unseenreport.com	Sinkholed
2022-10-04	medium	unseenreport.com	Sinkholed
2022-10-04	medium	contagiousantagonizequarry.com	Sinkholed
2022-10-04	medium	contagiousantagonizequarry.com	Sinkholed
2022-10-04	medium	contagiousantagonizequarry.com	Sinkholed
2022-10-04	medium	contagiousantagonizequarry.com	Sinkholed
2022-10-04	medium	contagiousantagonizequarry.com	Sinkholed
2022-10-04	medium	contagiousantagonizequarry.com	Sinkholed
2022-10-04	medium	contagiousantagonizequarry.com	Sinkholed

Files detected

URL
contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fjs%2Fscript.js&l=468&fd=376
IP
173.233.137.52
ASN
#7979 SERVERS-COM

File type
gzip compressed data, max compression\012- data
Size
660 B (660 bytes)
Hash
5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (22)

	URL	Size	First Seen	Last Seen
	s10.histats.com/js15_as.js	11 kB	2023-03-07	2024-03-25
Pretty URL s10.histats.com/js15_as.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-03-25 09:24:29 Times Seen1978 Hash e959fbdd13def4b9a9d0a5fc9a7de4d4 1e39712307e3673b40c0bdb8c7d3e86a3e8b60a0 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Loading...

	www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js	399 kB	2023-03-08	2023-03-11
Pretty URL www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:40:09 Last Seen2023-03-11 13:30:42 Times Seen1 Hash f35658481ed15bc5f9e381e5babb040b 6ac7505ec9c522b239aeefed9ff6c1ff4d7c98e5 bec7e5a49219ef10544321dbd44f27849644f20623c16f05baeeeaa73e3b9332 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=cjma758cweo8	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=cjma758cweo8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:37 Last Seen2023-03-08 05:45:37 Times Seen1 Hash d64e459b4480343131716ce7018a3f04 0bffbd32fb852930d51523fe0b690a92199614c1 080cca299cab25e28ec5bc7eb57cecf8fb1efddf550d25d61bdd596f15470237 Loading...

	http:blank	716 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:37 Last Seen2023-03-08 05:45:37 Times Seen1 Hash a0fd7c396a291e4c48b6e695c9c96765 13f5eeef482e419e218105ace897bb6097e8ff83 6d4496843ff12602fcb47559e90c63c7089769df85f5c49eed8b9db91f2178f0 Loading...

	cutpaid.com/vdCU	430 B	2023-03-08	2023-03-29
Pretty URL cutpaid.com/vdCU IP 104.21.48.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-29 22:06:36 Times Seen2 Hash 7aac5e52fb7e633aae0abac80855c601 b4ee61c866f96767a0aad5f79c2e49243bc484e6 475c9f963a66047bf142844906892a05f35c847099cc18935477a8545f83eb13 Loading...

	plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js	59 kB	2023-03-08	2023-03-08
Pretty URL plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:37 Last Seen2023-03-08 05:45:37 Times Seen1 Hash c30f5835352c1dbe416482e2b97d3e5e 651f479a3031290d33143d86b53f89c24542413e e9fd0d7bdf368a82ab08b53b543f8dca141b10001f50b541453197e1797be9f8 Loading...

	cutpaid.com/js/ads.js	106 B	2023-03-08	2024-04-14
Pretty URL cutpaid.com/js/ads.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2024-04-14 20:13:59 Times Seen141 Hash 31129bbaf6802ed0bdd11a024afe7646 22ea0726f15adb8b677d9b4b829b39ce61da1bfc 42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee Loading...

	cutpaid.com/modern_theme/build/js/script.min.js?ver=5.3.0	200 kB	2023-03-08	2023-11-20
Pretty URL cutpaid.com/modern_theme/build/js/script.min.js?ver=5.3.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-11-20 06:15:32 Times Seen16 Hash 600ef0f9468f01f5abdedae5521cb01a 238cec6955608cbeb8b709ae7aa19d1e05d560ac 62eb8c55e05f53ef96a7daaec19f0b9bf2beee9846b83368ac423fb3297d80b4 Loading...

	cutpaid.com/vdCU	102 B	2023-03-07	2024-04-25
Pretty URL cutpaid.com/vdCU IP 104.21.48.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:22 Last Seen2024-04-25 10:44:43 Times Seen61 Hash ea63ff4f4742b4aa558f8960f24321fc 11326481f53e4c7c546ea8a3b6c8c6c9d5f3173f 7fc5a11cbe7f9e9815748889cea6101fb2a2184232db2e6843d57bb0d6bf4bae Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn	178 B	2023-03-08	2023-03-13
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-13 11:11:28 Times Seen1 Hash 953c44590dd6578cf99f2c143726375c 409dfc36febce032d3d993458d6870d252ea48ba c8b8efcec5fb775ee88c788a901aab41e823c65f9deecf951eb1951eee9b60a7 Loading...

	s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664881510111&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:10472285&@b3:1664881510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FvdCU&@w	51 B	2023-03-08	2023-03-08
Pretty URL s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664881510111&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:10472285&@b3:1664881510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FvdCU&@w IP 192.99.8.28 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:37 Last Seen2023-03-08 05:45:37 Times Seen1 Hash 03abcb728bcf71c51cd9041b9461880a 0ed28053f7ebea36c2d2f260f476e1131a825e68 660519f5212ba5c6951c4d7ce4d0319eb5a70b2b1074a82c80950f66317c3b55 Loading...

	interesteddeterminedeurope.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js	37 kB	2023-03-08	2023-03-08
Pretty URL interesteddeterminedeurope.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:45:37 Last Seen2023-03-08 05:45:37 Times Seen1 Hash 3397894eb02dec5b9fcfd39ac4698a9c d9bec5d2355f82722353b85e7e5c6e6c3249d0b6 d99674d1cba50c2a88cae74eba6eeb2d4a039cda40481ac91db8e1ba18e93939 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 18:20:07 Times Seen37069280 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=cjma758cweo8	69 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=normal&cb=cjma758cweo8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 17:38:33 Times Seen99499 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	s10.histats.com/counters/cc_1034.js	15 kB	2023-03-08	2023-03-29
Pretty URL s10.histats.com/counters/cc_1034.js IP 46.105.201.240 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-29 22:06:36 Times Seen2 Hash be2f730a5e9bbc68ecf7b4713c3bcb88 733a7e632e3e4a3668c3db143fcba8c864884496 6d7d4e25d21c283ccd3c684718d06a4447b90715bea27c8a4edcac43ce5478b7 Loading...

	cutpaid.com/vdCU	1.1 kB	2023-03-08	2023-03-29
Pretty URL cutpaid.com/vdCU IP 104.21.48.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:18:15 Last Seen2023-03-29 22:06:36 Times Seen2 Hash 9014ee790fb4b15456c9f711ad186d2e 9409e7b0ccc8734d2226e1dbe7c9b23d4793c569 4a9894232c93199d2aab52da87938b076059c98fd6608f6aec504471e3f6fa36 Loading...

	www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	918 B	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:43:31 Last Seen2023-03-08 08:35:02 Times Seen1 Hash f657f12ecae1d2ff89bd14c5dc5900e6 1bc3d34aa0c6287a6c60305303d1bd3fe0b5ef4f 091d370d3fe6076da644862c50515c964fc8fd92d7aab3e1b9af56abe41d1da8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c4d295cfa88a0805c2a3a15e5f191fbc	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash c4d295cfa88a0805c2a3a15e5f191fbc 00b3c5ea6b390072a5207ddc66f0f5bd8d8a35e6 ba41c5348d38a6ebd3399d0378ae76921f287d04f94ff5d93d6709e7f2a962b7 Loading...

	#2 Eval - 4e4735fd2b45e9f85f94ee7a077bdbfd	16 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash 4e4735fd2b45e9f85f94ee7a077bdbfd 3a98b06d3ac90c1b6a69968c82f112afb345d0cb 1bf232e3afa032afeeb821804dac4bdcfae32c16178d33975a668df67e9d0841 Loading...

	#3 Eval - 67d87ef14a243a0987831c2eac6e76c6	18 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 05:45:37 Last Seen2023-03-08 05:45:37 Times Seen1 Hash 67d87ef14a243a0987831c2eac6e76c6 b28957568185d5a7aa06e329585f94a778f3b282 d295cb11bafd6a50141d60be95ef124250f2e43dec3fbeb77fd6fa0fbadff2c8 Loading...

	#4 Eval - 22a65f4cef52e208803b7c3bb11ebf4b	22 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash 22a65f4cef52e208803b7c3bb11ebf4b 9ca60f59d7efeb1b54ad6197611aeabada756f7c eb3a140c9b84b3b5c69ed2966cf442240e63fc12aaf1e79d0c35aec5b237d9d7 Loading...

	#5 Eval - ce2f37889c95c02b5a921a78720467b8	64 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 04:29:18 Last Seen2023-03-08 12:41:28 Times Seen1 Hash ce2f37889c95c02b5a921a78720467b8 749a0a7ceb08f6f75cadc9d2eb27866057f9a939 87c99b9a88a42ee46bbe6ce447b600a1653142b3ebb7b9ed96bc786f7a99d488 Loading...

HTTP Transactions (72)

URL IP Response Size

cutpaid.com/vdCU

104.21.48.87

301 Moved Permanently

0 B

URL HTTP/1.1
cutpaid.com/vdCU
IP
104.21.48.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vdCU HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 11:05:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 12:05:08 GMT
Location: https://cutpaid.com/vdCU
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Olw3dxbzbD6m3RcyRcL6fhSNxmFyq40glDY91Bju84pWZD1LT%2FuWeB3CGkpF6%2Bpb5se5pEj%2BV6jge3ObSIUvd%2BKv23U%2Bv1U%2BSFOxBefoEXY6z7tCaQqLODX2Xrokbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754d70d22ddcb529-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 10:38:17 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fsgt2xoMlODegzOl0WLbWdnYnDfWxlFNG5unj4QDY4Q_FBlJtu0acQ==
Age: 1611

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3486
Expires: Tue, 04 Oct 2022 12:03:14 GMT
Date: Tue, 04 Oct 2022 11:05:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -nmBkTg6VwslwnNY_pXYwkD2qVFfp_aqNDk-XtuWH2hzFIsTK9jxaQ==
age: 20201
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:05:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

i.imgur.com/4nDF4PP.png

151.101.84.193

200 OK

7.0 kB

URL HTTP/2
i.imgur.com/4nDF4PP.png
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
PNG image data, 250 x 72, 8-bit/color RGB, non-interlaced\012- data
Size
7.0 kB (6966 bytes)
Hash
cb7480a0a433fd916168ba91ae24e8e8
f49c10d3ac373780ba6ede61e67909cb45c2403d
d3fbcdbb65aec7adf8d368f0540eb7abf08e83cf8d42742003df35abba13c75e

HTTP Headers

GET /4nDF4PP.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 10 Oct 2018 03:18:48 GMT
etag: "cb7480a0a433fd916168ba91ae24e8e8"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 04 Oct 2022 11:05:08 GMT
age: 3091134
x-served-by: cache-iad-kcgs7200146-IAD, cache-bma1660-BMA
x-cache: HIT, HIT
x-cache-hits: 454, 1
x-timer: S1664881509.923791,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6966
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b45b15bb651cc185ea82d91a51f06b5a
44987727be72bb12b4e4fc4fac50145835512750
f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.164

200 OK

582 B

URL HTTP/2
www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (918), with no line terminators
Size
582 B (582 bytes)
Hash
c55718924748005e2cc1c783fbb63434
5602885c4bb324d0a19f2fd59d967d87b7095a89
82c84ad3e40a35836b88b2a35708e615e39686e2f89f2fa5454bdc93fd13901b

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 04 Oct 2022 11:05:08 GMT
date: Tue, 04 Oct 2022 11:05:08 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

36 kB

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
data
Size
36 kB (35904 bytes)
Hash
b14a09fc28636f08ec7165f682e90beb
1b0d5ed68f158917838aa267c08a07cbea15f5c7
8a172d9596ddef800fe2f79a55477ddef53c1be9650faa37ebd9bcc2e467ddae

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 10:29:33 GMT
Expires: Tue, 04 Oct 2022 11:17:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F2MOpXPlZZoTbCYU557TwKiRZOepmiLvnJ5QvhuLwJRWecLEBzPcYA==
Age: 2136

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Size
31 kB (31196 bytes)
Hash
ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

HTTP Headers

GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:19:56 GMT
expires: Fri, 29 Sep 2023 06:19:56 GMT
cache-control: public, max-age=31536000
age: 449113
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 411891
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Last-Modified: Tue, 04 Oct 2022 09:19:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2ea6617f710407c3584647c6bdc742b
9b616310420abf6a67d1a7bece6243b5a9c7e7fc
1e3c19e46622c46c57a0cd431d83d998457b9e1719d260dbc4d901896de86e65

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C19E46622C46C57A0CD431D83D998457B9E1719D260DBC4D901896DE86E65"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Tue, 04 Oct 2022 17:04:55 GMT
Date: Tue, 04 Oct 2022 11:05:09 GMT
Connection: keep-alive

push.services.mozilla.com/

34.210.107.213

101 Switching Protocols

61 kB

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.107.213:0
ASN
#16509 AMAZON-02

File type
data
Size
61 kB (60716 bytes)
Hash
7b8fe44487bbb9536c6bc7c4a64c8adc
96b0095c2a414d3f74cfcfe29e864977f063e757
c83588c6a78f25c6cccf2add102a306877bd00abbd57a0e9a324b40e2f1c0017

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4rcAiq2+X/rmwvVOZAnKNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /ZO2hdUIzJ9KOY/x0TQJQN4RWJ4=

plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js

192.243.59.13

200 OK

20 kB

URL HTTP/1.1
plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59449), with no line terminators
Size
20 kB (20354 bytes)
Hash
d621754173219e20a8d86bfbe2316c88
625972f21b11413c47f966a20ef0f038709c37f6
1e92b7bd67be6ed451789956e6144adc8cea4ae3c172b1c087aa64fcfb18ff31

HTTP Headers

GET /7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js HTTP/1.1
Host: plungebriefinggladly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 11:05:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ee531fbb3da223fbb52a2e67f7a29d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
ce3fb5d49960804116950311b4b8eb7d
ac27d1b4c62eb74fd793b31f9fa7f596d7340ff9
cd212b572ab47332db014243791147cf29ad81235a987bb40d528924230327e0

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CD212B572AB47332DB014243791147CF29AD81235A987BB40D528924230327E0"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3518
Expires: Tue, 04 Oct 2022 12:03:47 GMT
Date: Tue, 04 Oct 2022 11:05:09 GMT
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5051734aa47e871f30936254a98cebee
38ecb55e50d18f22f54e1ebc0bf5d70f6912cc97
45727a8f22a365165d5bfd7b562ee3fe43cb02f918228bcd6441deb4a33bd421

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:05:09 GMT
Last-Modified: Tue, 04 Oct 2022 10:31:42 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FW_ZIpy-nXtJOqb4TuGhB_hucohjH1ns5GQ3pbLhX10GyNua7Lczbw==
Age: 2007

simplewebanalysis.com/stats

3.66.118.16

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.66.118.16:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5b9968cf1ca3a3a72b17792a1ef04b3f
388563b44ece147a400a86c62c95834ed735ca7e
fa74d41ddde33606f17303d3fb7442ec8d9eca7e953c16edc632c0643413eafb

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cutpaid.com
access-control-allow-credentials: true
set-cookie: uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; expires=Fri, 01 Oct 2032 11:05:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

172.64.100.4

200 OK

28 kB

URL HTTP/2
addresseepaper.com/sfp.js
IP
172.64.100.4:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27465 bytes)
Hash
d45b6a48b296659dbe9ba2af5a7748a8
4954ee7687f9603d4a8d19b1ee30438ee0c8bef7
0bd051193fc2a7a1c0f87479429cd68aa6a106ea1952f2564be8ec0f0ffc5eb2

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 13754e891efc9af182bff607050b6285
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 04 Oct 2022 11:05:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smYldmBHDwag8FAK8ryzBii1idjnH1OQLTxqDRqCKKHwefq7Xl7bsv5iBrX3T6WeW8kNAJpj2bc0XPu6U0DU%2F2gauozIK7bdFavP8R1r8cJYSS8NwZLgq%2B0wdpcw%2FYwToT8%2F17A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70dcda427795-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0b3583bada6a90ca23d9af1db7f0b361
80070b13219a6df5dde7a2b7c84df33381d268b8
70efc800ed2f1acee19ccc88dbafa7724c0f00d9b7cda191d69cf69c1a38a98f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70EFC800ED2F1ACEE19CCC88DBAFA7724C0F00D9B7CDA191D69CF69C1A38A98F"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9382
Expires: Tue, 04 Oct 2022 13:41:32 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0b3583bada6a90ca23d9af1db7f0b361
80070b13219a6df5dde7a2b7c84df33381d268b8
70efc800ed2f1acee19ccc88dbafa7724c0f00d9b7cda191d69cf69c1a38a98f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70EFC800ED2F1ACEE19CCC88DBAFA7724C0F00D9B7CDA191D69CF69C1A38A98F"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9382
Expires: Tue, 04 Oct 2022 13:41:32 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive

interesteddeterminedeurope.com/pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=1060&bv=22.8.v.1&tmpl=70

192.243.59.20

200 OK

0 B

URL HTTP/1.1
interesteddeterminedeurope.com/pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=1060&bv=22.8.v.1&tmpl=70
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=1060&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 11:05:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

interesteddeterminedeurope.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js

192.243.59.20

200 OK

13 kB

URL HTTP/1.1
interesteddeterminedeurope.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37152), with no line terminators
Size
13 kB (13413 bytes)
Hash
ea6df2238a4b218731baa30d0e052285
6604b5899b5679ba8aa84e513447c14c0a74f289
822d8264001106153670b7478b84e6c8d43c2071c4ee58cfb262ede7e5703477

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 11:05:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8900e4ef3d5b05243bc22ce5ab81d7d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
edec9323540293b99ece306037d35de7
e7540f9962a6c7ee91168eee1e0fe343d5f5406e
5cf16c168d74a28dc30c0edf93edd09366a8c8609ac36e352e056580f7b24a20

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CF16C168D74A28DC30C0EDF93EDD09366A8C8609AC36E352E056580F7B24A20"
Last-Modified: Mon, 03 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21278
Expires: Tue, 04 Oct 2022 16:59:48 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive

www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js

142.250.74.163

200 OK

159 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (711)
Size
159 kB (158844 bytes)
Hash
b4ed95d4318e3b78b936c9c0f1ffa96e
b53c9376b1459afb07fb4b5c2e8d8dad776d3a02
3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f

HTTP Headers

GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 295179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2c61b32f211fe60d537aaad7a9c7a94
7884833f23b0296a66c42690ba434d446a2cf35b
5abbd70a62a13f449213703cc8587969e00461aaf021675d94afbef8c21f7440

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5ABBD70A62A13F449213703CC8587969E00461AAF021675D94AFBEF8C21F7440"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3805
Expires: Tue, 04 Oct 2022 12:08:35 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive

banquetunarmedgrater.com/advertisers.js

173.233.139.164

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:10 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 741f61e175a29c02d20867eee075d996
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9856
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9856
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9856
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9856
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5504 bytes)
Hash
6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 48037
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9917 bytes)
Hash
d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48050
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3430 bytes)
Hash
488ec5b4267ccb1cdc4e6e08556f7f3b
42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 22a0e400-1567-4c9c-aca9-782f3f81a8ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLCrEn4IAMFZWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f210-11fa888c78719c44160accf8;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: czAJIO54qhc57-FC2v3o_6iUysen6MFHxo4KWJL7Uhs3ZBmRalqgMw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 09:44:26 GMT
age: 4844
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4151 bytes)
Hash
24a4a122273ef9f772852031eb13114a
c20f1fac9020eb4bd6c84583f73872979639b991
8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48050
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11101 bytes)
Hash
ae824db4a95391149198a4b6b8556c70
db07d58d8feff4ea01866d095e5264ee5c8e1ca3
19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 44553
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4858 bytes)
Hash
6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48050
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664881510111&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:10472285&@b3:1664881510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FvdCU&@w

192.99.8.28

200 OK

51 B

URL HTTP/1.1
s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664881510111&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:10472285&@b3:1664881510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FvdCU&@w
IP
192.99.8.28:0
ASN
#16276 OVH SAS

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
03abcb728bcf71c51cd9041b9461880a
0ed28053f7ebea36c2d2f260f476e1131a825e68
660519f5212ba5c6951c4d7ce4d0319eb5a70b2b1074a82c80950f66317c3b55

HTTP Headers

GET /stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664881510111&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:10472285&@b3:1664881510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FvdCU&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close

s10.histats.com/counters/cc_1034.js

46.105.201.240

200 OK

5.5 kB

URL HTTP/2
s10.histats.com/counters/cc_1034.js
IP
46.105.201.240:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text, with very long lines (15333), with no line terminators
Size
5.5 kB (5479 bytes)
Hash
ce205bf9427d1fc8a6d26329c3811f67
807840d7c9174fcab11a9d4520538a19d8effadc
b167e0e8b5c1c0d7d4ef6b1050cba84e150e0aa62f9bdc128fc5c68fca8473ed

HTTP Headers

GET /counters/cc_1034.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:04:30 GMT
etag: "-241208617"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 517870004
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5479
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0543e2bd00def4c93631f95a27e606e8
eff03fe9484f54d5c9e5f5223593edb7927b5eea
8d214efdc14ea6cd21b5b3ae45be98cd73074afe0b7eb9c4f724d2e3beeeab49

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D214EFDC14EA6CD21B5B3AE45BE98CD73074AFE0B7EB9C4F724D2E3BEEEAB49"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4560
Expires: Tue, 04 Oct 2022 12:21:11 GMT
Date: Tue, 04 Oct 2022 11:05:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4bd610954d1cad0675c2010a63e9c018
bd7e8708e02d74c5d7534a48221c9314530917f6
3b51bf349c5fc0841b5ee253093aa1dfabb8271f84bbb0eee07836dec331c1cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B51BF349C5FC0841B5EE253093AA1DFABB8271F84BBB0EEE07836DEC331C1CD"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10773
Expires: Tue, 04 Oct 2022 14:04:44 GMT
Date: Tue, 04 Oct 2022 11:05:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4bd610954d1cad0675c2010a63e9c018
bd7e8708e02d74c5d7534a48221c9314530917f6
3b51bf349c5fc0841b5ee253093aa1dfabb8271f84bbb0eee07836dec331c1cd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B51BF349C5FC0841B5EE253093AA1DFABB8271F84BBB0EEE07836DEC331C1CD"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10773
Expires: Tue, 04 Oct 2022 14:04:44 GMT
Date: Tue, 04 Oct 2022 11:05:11 GMT
Connection: keep-alive

contagiousantagonizequarry.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98%3A3%3A1

173.233.137.52

200 OK

2.4 kB

URL HTTP/1.1
contagiousantagonizequarry.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98%3A3%3A1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
JSON data\012- , ASCII text, with very long lines (5754), with no line terminators
Size
2.4 kB (2446 bytes)
Hash
1d6bf29082518fec175383b5d4337131
bd07e4eb748d7a67473ba00b69bfe26b289ec0df
1197dd98b840a49b1c15008bb6f5554b028ebb05235ae563471b8da80d893829

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98%3A3%3A1 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutpaid.com
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16650200; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; expires=Tue, 11 Oct 2022 11:05:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]; expires=Tue, 04 Oct 2022 11:05:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb9cfddad3e01e245ef027947df66a66
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
a1c45d147edffcf7edf9a2a6efcc27d1
3377fb5f6ff4311aa5ba6087dd389074fae7279c
5658f0c18fb7b3e8c28473d83dddae2d7672c70746004f49a04e9d00582bf587

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1271
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:11 GMT
Last-Modified: Tue, 04 Oct 2022 10:44:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280

unseenreport.com/pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0e8ff0dba3fa78a592dbb3444ac2503
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11

192.243.59.13

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d8352b72b6aabc69ae2ea827c853656
Strict-Transport-Security: max-age=0; includeSubdomains

contagiousantagonizequarry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjWaTZ9GnbbQadDZYe1GlEcBoLSRitshCFtIncT%2FtYLvX8AAAD%2F%2FwEAAP%2F%2F7%2Bp2YYAEAAA%3D

173.233.137.52

200 OK

7 B

URL HTTP/1.1
contagiousantagonizequarry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjWaTZ9GnbbQadDZYe1GlEcBoLSRitshCFtIncT%2FtYLvX8AAAD%2F%2FwEAAP%2F%2F7%2Bp2YYAEAAA%3D
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjWaTZ9GnbbQadDZYe1GlEcBoLSRitshCFtIncT%2FtYLvX8AAAD%2F%2FwEAAP%2F%2F7%2Bp2YYAEAAA%3D HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b9298f35c096ac64761b5c6442acabf
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Tue, 04 Oct 2022 12:09:21 GMT
Date: Tue, 04 Oct 2022 11:05:12 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Tue, 04 Oct 2022 12:09:21 GMT
Date: Tue, 04 Oct 2022 11:05:12 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Tue, 04 Oct 2022 12:09:21 GMT
Date: Tue, 04 Oct 2022 11:05:12 GMT
Connection: keep-alive

contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=667

173.233.137.52

200 OK

0 B

URL HTTP/1.1
contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=667
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=667 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg

172.64.200.2

200 OK

60 kB

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 281x290, components 3\012- data
Size
60 kB (59931 bytes)
Hash
9337eb4f9526f6d16e6d1602d8fee3ae
203c7272c5a60a752db43857b2d337d644f690f5
1e803197ccab280a9285cdae1adbea170504d59ef0bbf02aab3d9785c0871422

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: image/jpeg
content-length: 59931
last-modified: Tue, 08 Feb 2022 14:18:00 GMT
etag: "62027b98-ea1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5360456
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBQW9mABstkd8b%2FkvdycBHdbjyVda80Iydbgp6I%2F7uiKb%2BynnM4ctSa%2BRdRxXmLE1Z9imtbdfQ9sebmpwfqn8ApeqekoKx7Wi6SB4OeOhKkhMr%2FuWbRTMLB0p8t2QbVPleA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee79cc76ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
66909c9078632d44ebf4a15cd12a5595
c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2
b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Tue, 04 Oct 2022 12:09:21 GMT
Date: Tue, 04 Oct 2022 11:05:12 GMT
Connection: keep-alive

contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=370

173.233.137.52

200 OK

0 B

URL HTTP/1.1
contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=370
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=370 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

173.233.137.52

200 OK

660 B

URL HTTP/1.1
contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fjs%2Fscript.js&l=468&fd=376
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
gzip compressed data, max compression\012- data
Size
660 B (660 bytes)
Hash
5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fjs%2Fscript.js&l=468&fd=376 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

contagiousantagonizequarry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjW9EWHyVh2mGy1W7HkgrXbzOcxZ00RRRy5m%2FC3Xuj9AwAA%2F%2F8BAAD%2F%2F28%2Bo4mABAAA

173.233.137.52

200 OK

7 B

URL HTTP/1.1
contagiousantagonizequarry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjW9EWHyVh2mGy1W7HkgrXbzOcxZ00RRRy5m%2FC3Xuj9AwAA%2F%2F8BAAD%2F%2F28%2Bo4mABAAA
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjW9EWHyVh2mGy1W7HkgrXbzOcxZ00RRRy5m%2FC3Xuj9AwAA%2F%2F8BAAD%2F%2F28%2Bo4mABAAA HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e16186e2c82736cebeb26e53e76114bd
Strict-Transport-Security: max-age=0; includeSubdomains

173.233.137.52

200 OK

0 B

URL HTTP/1.1
contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=394
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=394 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

contagiousantagonizequarry.com/pixel/sbs?c=1

173.233.137.52

200 OK

0 B

URL HTTP/1.1
contagiousantagonizequarry.com/pixel/sbs?c=1
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:400,700%7CMuli:300,300i,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 11:05:08 GMT
date: Tue, 04 Oct 2022 11:05:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

creepingbrings.com/sfp.js

172.64.199.30

200 OK

0 B

URL HTTP/2
creepingbrings.com/sfp.js
IP
172.64.199.30:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bb255c3af90aa2062f754ba9d8a7180c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 04 Oct 2022 11:05:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kiu%2BErbfbmm2lAS8aL%2FJjNTdc7wyM6XrKBhLn8hyDhbcVyOQFP9wZXlI7jCTUduxe7nnQtL808cTGb%2F7JB%2FJsPCWuk8QC9ixzJ1UOl1o7vDmBMslGWaWTkZUBi3JqaVfXjnT%2BbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70e14e847720-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html

104.26.7.19

200 OK

0 B

URL HTTP/2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html
IP
104.26.7.19:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 11:16:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMzVGURm%2BI9JVjgpg2QoUkWIGlEYfrfQKuPgLf2ZdCwY3jZoVqKxQKy4%2F48VJdGL4d0WHUH%2BYpSsnug7Ol1cswLwXIrh44bsTqn%2FHt0dDTs5IbpqalghCALmiJln5akkyZylOmo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70e9a8df1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg

172.64.200.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2764921
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9E1mjbSrwrJEXLFB%2Bv6kwqqZDkYon%2FM4mrGvgRvJJLsHxBlg6m8DBa%2BkFPRZDGLDHHPxXDD1Wk%2Fc5s2OOs4REzOhhQs%2BUcqo%2FSVxt4eEsKRyoDADKWjJEuzyrlw7P%2Br8XbE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee79c876ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css

172.64.200.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: text/css
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K6Ye1LVbAwo67F12D4H54JrsNrOMDY0Vtb5hQNduS%2BndHO0rGOqYvnV2YI0O6ybPiopX5Z5DRY6A%2BQyB0H287rF4aUsJ1EsDnGXvu3TO%2FKixCV4RtJM%2FXQ6%2ByFJ30wV9qM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee69b076ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cutpaid.com/vdCU

172.67.183.8

200 OK

0 B

URL HTTP/2
cutpaid.com/vdCU
IP
172.67.183.8:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /vdCU HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:08 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: AppSession=c5339b706dc80751c25f1856b40830fc; path=/; HttpOnly
csrfToken=ff6bbd9c2f4c2294961f501d567e652d551fc8fdfbd1e82d669019319942d47afc6d822238068ceb3b2739afaf7c1aa280c0b4defcc19beb4f1e2e18d228b4fa; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpDdG7i7CWXfX35vfVmOOGVmsNK8hYyRr7X17YKxVl8Ol8mO96dgteeoJDnIX1kVMIgV%2FZ2pVPb361SCzgfsBD3o3ZwXAri95qbcgj4HxTPxM3WlBADMZwRN12jGbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d70d3b970fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js

172.64.200.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGE2ZLEYgzrYmF%2BjZpd0ZoHCmrYfOWXzFYQqfOLQ8%2BVxssRrU6NCIA4XYqT3FEJ50izAcaQARXyIVpnjinKko8k%2FnHxFU1FdwzXOSFMfZ%2BX%2F7vCWjSrJWsGmE6l1YRXQOhc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee69ac76ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css

172.64.200.2

200 OK

0 B

URL HTTP/2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css
IP
172.64.200.2:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: text/css
last-modified: Wed, 09 Feb 2022 11:16:21 GMT
etag: W/"6203a285-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCtyZ1SDbSq03vtGXKk9BPEfAExv8YG7L%2FJKbdu3gjJX6xE7POqIQhBv8f%2Bn6avCipYo%2Fk4rrdI%2Fed5g02q1yMbDZQHBs087SrBrklJJrrzSdxzMZ%2BH38Hel7FyodunY9I0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee69aa76ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML