| cutpaid.com/vdCU | 104.21.48.87 | 301 Moved Permanently | 0 B |
IP104.21.48.87:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vdCU HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Oct 2022 11:05:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 04 Oct 2022 12:05:08 GMT
Location: https://cutpaid.com/vdCU
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Olw3dxbzbD6m3RcyRcL6fhSNxmFyq40glDY91Bju84pWZD1LT%2FuWeB3CGkpF6%2Bpb5se5pEj%2BV6jge3ObSIUvd%2BKv23U%2Bv1U%2BSFOxBefoEXY6z7tCaQqLODX2Xrokbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754d70d22ddcb529-OSL
alt-svc: h2=":443"; ma=60
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.36 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.36:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 10:38:17 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fsgt2xoMlODegzOl0WLbWdnYnDfWxlFNG5unj4QDY4Q_FBlJtu0acQ==
Age: 1611
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9955bda9c9ef64bc5700a14af0bae25e 8de7b7469e905af0374bdfcc3006bbb844f13e94 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3486
Expires: Tue, 04 Oct 2022 12:03:14 GMT
Date: Tue, 04 Oct 2022 11:05:08 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -nmBkTg6VwslwnNY_pXYwkD2qVFfp_aqNDk-XtuWH2hzFIsTK9jxaQ==
age: 20201
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 11:05:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| i.imgur.com/4nDF4PP.png | 151.101.84.193 | 200 OK | 7.0 kB |
IP151.101.84.193:0
File typePNG image data, 250 x 72, 8-bit/color RGB, non-interlaced\012- data Hashcb7480a0a433fd916168ba91ae24e8e8 f49c10d3ac373780ba6ede61e67909cb45c2403d d3fbcdbb65aec7adf8d368f0540eb7abf08e83cf8d42742003df35abba13c75e
GET /4nDF4PP.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Oct 2018 03:18:48 GMT
etag: "cb7480a0a433fd916168ba91ae24e8e8"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 04 Oct 2022 11:05:08 GMT
age: 3091134
x-served-by: cache-iad-kcgs7200146-IAD, cache-bma1660-BMA
x-cache: HIT, HIT
x-cache-hits: 454, 1
x-timer: S1664881509.923791,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6966
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash9e40b2c69615f45f2bc898334ab3e343 6a569648ed10564e126d3bbf3f91352e6b3f6d4f 4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashb45b15bb651cc185ea82d91a51f06b5a 44987727be72bb12b4e4fc4fac50145835512750 f0b61426de169cf2efde87ac98d5123ea785004ad05c05932a099b644b2fdf64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit | 142.250.74.164 | 200 OK | 582 B |
URL HTTP/2www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP142.250.74.164:0
File typeASCII text, with very long lines (918), with no line terminators Hashc55718924748005e2cc1c783fbb63434 5602885c4bb324d0a19f2fd59d967d87b7095a89 82c84ad3e40a35836b88b2a35708e615e39686e2f89f2fa5454bdc93fd13901b
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 04 Oct 2022 11:05:08 GMT
date: Tue, 04 Oct 2022 11:05:08 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash9e40b2c69615f45f2bc898334ab3e343 6a569648ed10564e126d3bbf3f91352e6b3f6d4f 4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash129fe858bf2aa7291fd2c6dd4cf9d226 e3e048b964b851ebbdcfb5bd80ebdbad13720cf6 addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.36 | 200 OK | 36 kB |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.36:0
Hashb14a09fc28636f08ec7165f682e90beb 1b0d5ed68f158917838aa267c08a07cbea15f5c7 8a172d9596ddef800fe2f79a55477ddef53c1be9650faa37ebd9bcc2e467ddae
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 10:29:33 GMT
Expires: Tue, 04 Oct 2022 11:17:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F2MOpXPlZZoTbCYU557TwKiRZOepmiLvnJ5QvhuLwJRWecLEBzPcYA==
Age: 2136
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash0ac04f7c449093fff4f846a7ae56cd4f 50aeb5664545a0dec4173920a274e906bcbcdf6f 18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash0ac04f7c449093fff4f846a7ae56cd4f 50aeb5664545a0dec4173920a274e906bcbcdf6f 18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 | 216.58.207.195 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data Hashea2343c7dccad57360fb611d67204445 b603d9e68bb1ed5e4b33d5e31121160cb4d23452 2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:19:56 GMT
expires: Fri, 29 Sep 2023 06:19:56 GMT
cache-control: public, max-age=31536000
age: 449113
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 | 216.58.207.195 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data Hashac0d2859ea5f8fd6bcb3c305c08ec184 7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7 ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 411891
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash0ac04f7c449093fff4f846a7ae56cd4f 50aeb5664545a0dec4173920a274e906bcbcdf6f 18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash16ebfb2aa621547ecf581e26fc828a7d f78993331f6f5b8af6409a9ad2fc50b77070f68a 0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6344
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:09 GMT
Last-Modified: Tue, 04 Oct 2022 09:19:25 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashf2ea6617f710407c3584647c6bdc742b 9b616310420abf6a67d1a7bece6243b5a9c7e7fc 1e3c19e46622c46c57a0cd431d83d998457b9e1719d260dbc4d901896de86e65
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C19E46622C46C57A0CD431D83D998457B9E1719D260DBC4D901896DE86E65"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Tue, 04 Oct 2022 17:04:55 GMT
Date: Tue, 04 Oct 2022 11:05:09 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 34.210.107.213 | 101 Switching Protocols | 61 kB |
URL HTTP/1.1push.services.mozilla.com/ IP34.210.107.213:0
Hash7b8fe44487bbb9536c6bc7c4a64c8adc 96b0095c2a414d3f74cfcfe29e864977f063e757 c83588c6a78f25c6cccf2add102a306877bd00abbd57a0e9a324b40e2f1c0017
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4rcAiq2+X/rmwvVOZAnKNw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /ZO2hdUIzJ9KOY/x0TQJQN4RWJ4=
|
|
| plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js | 192.243.59.13 | 200 OK | 20 kB |
URL HTTP/1.1plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (59449), with no line terminators Hashd621754173219e20a8d86bfbe2316c88 625972f21b11413c47f966a20ef0f038709c37f6 1e92b7bd67be6ed451789956e6144adc8cea4ae3c172b1c087aa64fcfb18ff31
GET /7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js HTTP/1.1
Host: plungebriefinggladly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 11:05:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ee531fbb3da223fbb52a2e67f7a29d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 346 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashce3fb5d49960804116950311b4b8eb7d ac27d1b4c62eb74fd793b31f9fa7f596d7340ff9 cd212b572ab47332db014243791147cf29ad81235a987bb40d528924230327e0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CD212B572AB47332DB014243791147CF29AD81235A987BB40D528924230327E0"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3518
Expires: Tue, 04 Oct 2022 12:03:47 GMT
Date: Tue, 04 Oct 2022 11:05:09 GMT
Connection: keep-alive
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.156 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.156:0
Hash5051734aa47e871f30936254a98cebee 38ecb55e50d18f22f54e1ebc0bf5d70f6912cc97 45727a8f22a365165d5bfd7b562ee3fe43cb02f918228bcd6441deb4a33bd421
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 11:05:09 GMT
Last-Modified: Tue, 04 Oct 2022 10:31:42 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FW_ZIpy-nXtJOqb4TuGhB_hucohjH1ns5GQ3pbLhX10GyNua7Lczbw==
Age: 2007
|
|
| simplewebanalysis.com/stats | 3.66.118.16 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP3.66.118.16:0
File typeASCII text, with no line terminators Hash5b9968cf1ca3a3a72b17792a1ef04b3f 388563b44ece147a400a86c62c95834ed735ca7e fa74d41ddde33606f17303d3fb7442ec8d9eca7e953c16edc632c0643413eafb
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cutpaid.com
access-control-allow-credentials: true
set-cookie: uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; expires=Fri, 01 Oct 2032 11:05:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| addresseepaper.com/sfp.js | 172.64.100.4 | 200 OK | 28 kB |
URL HTTP/2addresseepaper.com/sfp.js IP172.64.100.4:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashd45b6a48b296659dbe9ba2af5a7748a8 4954ee7687f9603d4a8d19b1ee30438ee0c8bef7 0bd051193fc2a7a1c0f87479429cd68aa6a106ea1952f2564be8ec0f0ffc5eb2
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 13754e891efc9af182bff607050b6285
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 04 Oct 2022 11:05:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=smYldmBHDwag8FAK8ryzBii1idjnH1OQLTxqDRqCKKHwefq7Xl7bsv5iBrX3T6WeW8kNAJpj2bc0XPu6U0DU%2F2gauozIK7bdFavP8R1r8cJYSS8NwZLgq%2B0wdpcw%2FYwToT8%2F17A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70dcda427795-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0b3583bada6a90ca23d9af1db7f0b361 80070b13219a6df5dde7a2b7c84df33381d268b8 70efc800ed2f1acee19ccc88dbafa7724c0f00d9b7cda191d69cf69c1a38a98f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70EFC800ED2F1ACEE19CCC88DBAFA7724C0F00D9B7CDA191D69CF69C1A38A98F"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9382
Expires: Tue, 04 Oct 2022 13:41:32 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0b3583bada6a90ca23d9af1db7f0b361 80070b13219a6df5dde7a2b7c84df33381d268b8 70efc800ed2f1acee19ccc88dbafa7724c0f00d9b7cda191d69cf69c1a38a98f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70EFC800ED2F1ACEE19CCC88DBAFA7724C0F00D9B7CDA191D69CF69C1A38A98F"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9382
Expires: Tue, 04 Oct 2022 13:41:32 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive
|
|
| interesteddeterminedeurope.com/pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=1060&bv=22.8.v.1&tmpl=70 | 192.243.59.20 | 200 OK | 0 B |
URL HTTP/1.1interesteddeterminedeurope.com/pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=1060&bv=22.8.v.1&tmpl=70 IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1693&rd=1693&fd=1060&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 11:05:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| interesteddeterminedeurope.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js | 192.243.59.20 | 200 OK | 13 kB |
URL HTTP/1.1interesteddeterminedeurope.com/01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js IP192.243.59.20:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with very long lines (37152), with no line terminators Hashea6df2238a4b218731baa30d0e052285 6604b5899b5679ba8aa84e513447c14c0a74f289 822d8264001106153670b7478b84e6c8d43c2071c4ee58cfb262ede7e5703477
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /01/ff/d3/01ffd36dfbce3d569baf8d846cd7bc65.js HTTP/1.1
Host: interesteddeterminedeurope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 04 Oct 2022 11:05:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8900e4ef3d5b05243bc22ce5ab81d7d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashedec9323540293b99ece306037d35de7 e7540f9962a6c7ee91168eee1e0fe343d5f5406e 5cf16c168d74a28dc30c0edf93edd09366a8c8609ac36e352e056580f7b24a20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CF16C168D74A28DC30C0EDF93EDD09366A8C8609AC36E352E056580F7B24A20"
Last-Modified: Mon, 03 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21278
Expires: Tue, 04 Oct 2022 16:59:48 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive
|
|
| www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js | 142.250.74.163 | 200 OK | 159 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js IP142.250.74.163:0
File typeASCII text, with very long lines (711) Size159 kB (158844 bytes) Hashb4ed95d4318e3b78b936c9c0f1ffa96e b53c9376b1459afb07fb4b5c2e8d8dad776d3a02 3c21880cb7be6bec40f9d40c23ad39c9758999cf950cec07b86c83b21fde175f
GET /recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:05:31 GMT
expires: Sun, 01 Oct 2023 01:05:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
content-type: text/javascript
age: 295179
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha2c61b32f211fe60d537aaad7a9c7a94 7884833f23b0296a66c42690ba434d446a2cf35b 5abbd70a62a13f449213703cc8587969e00461aaf021675d94afbef8c21f7440
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5ABBD70A62A13F449213703CC8587969E00461AAF021675D94AFBEF8C21F7440"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3805
Expires: Tue, 04 Oct 2022 12:08:35 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive
|
|
| banquetunarmedgrater.com/advertisers.js | 173.233.139.164 | 200 OK | 0 B |
URL HTTP/1.1banquetunarmedgrater.com/advertisers.js IP173.233.139.164:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:10 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 741f61e175a29c02d20867eee075d996
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9856
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9856
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9856
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9856
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 11:05:10 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg | 34.120.237.76 | 200 OK | 5.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6c6882c60d7ca6f918c77104e3ad1d52 20ef861be49c652a938e0145e4ca3a60159367e2 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 48037
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd8c08f8066cc732de8befd6ccd629a95 22aab05208a01ae5def4d63dc145085630f57bcb f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48050
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg | 34.120.237.76 | 200 OK | 3.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash488ec5b4267ccb1cdc4e6e08556f7f3b 42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88 d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 22a0e400-1567-4c9c-aca9-782f3f81a8ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLCrEn4IAMFZWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f210-11fa888c78719c44160accf8;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: czAJIO54qhc57-FC2v3o_6iUysen6MFHxo4KWJL7Uhs3ZBmRalqgMw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 09:44:26 GMT
age: 4844
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg | 34.120.237.76 | 200 OK | 4.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash24a4a122273ef9f772852031eb13114a c20f1fac9020eb4bd6c84583f73872979639b991 8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48050
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashae824db4a95391149198a4b6b8556c70 db07d58d8feff4ea01866d095e5264ee5c8e1ca3 19e96d204813247697e1858daf9e07d6c4cafd9ab1175a3bf39a7f07f6991521
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f5624b4-8e2a-461e-a32a-38d6b5a3a8d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11101
x-amzn-requestid: f98e84d9-1e66-4436-b793-219a777f2ba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqcvE8JoAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5784-25bd2b234c1093de70074c92;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: becOxfqUowywFrxzDSeK7F1lFdDVTSHIF1TLC5k5aSlLPpsR6F8gjw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:42:37 GMT
age: 44553
etag: "db07d58d8feff4ea01866d095e5264ee5c8e1ca3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6779181f9c06975f2a662da743893939 585e7146fd24cdc2496b05baafea04091dc541e2 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 48050
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664881510111&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:10472285&@b3:1664881510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FvdCU&@w | 192.99.8.28 | 200 OK | 51 B |
URL HTTP/1.1s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664881510111&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:10472285&@b3:1664881510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FvdCU&@w IP192.99.8.28:0
File typeASCII text, with no line terminators Hash03abcb728bcf71c51cd9041b9461880a 0ed28053f7ebea36c2d2f260f476e1131a825e68 660519f5212ba5c6951c4d7ce4d0319eb5a70b2b1074a82c80950f66317c3b55
GET /stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1664881510111&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1280&@b1:10472285&@b3:1664881510&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2FvdCU&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 51
Connection: close
|
|
| s10.histats.com/counters/cc_1034.js | 46.105.201.240 | 200 OK | 5.5 kB |
URL HTTP/2s10.histats.com/counters/cc_1034.js IP46.105.201.240:0
File typeHTML document, ASCII text, with very long lines (15333), with no line terminators Hashce205bf9427d1fc8a6d26329c3811f67 807840d7c9174fcab11a9d4520538a19d8effadc b167e0e8b5c1c0d7d4ef6b1050cba84e150e0aa62f9bdc128fc5c68fca8473ed
GET /counters/cc_1034.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:04:30 GMT
etag: "-241208617"
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-request-id: 517870004
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 5479
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash0543e2bd00def4c93631f95a27e606e8 eff03fe9484f54d5c9e5f5223593edb7927b5eea 8d214efdc14ea6cd21b5b3ae45be98cd73074afe0b7eb9c4f724d2e3beeeab49
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D214EFDC14EA6CD21B5B3AE45BE98CD73074AFE0B7EB9C4F724D2E3BEEEAB49"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4560
Expires: Tue, 04 Oct 2022 12:21:11 GMT
Date: Tue, 04 Oct 2022 11:05:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4bd610954d1cad0675c2010a63e9c018 bd7e8708e02d74c5d7534a48221c9314530917f6 3b51bf349c5fc0841b5ee253093aa1dfabb8271f84bbb0eee07836dec331c1cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B51BF349C5FC0841B5EE253093AA1DFABB8271F84BBB0EEE07836DEC331C1CD"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10773
Expires: Tue, 04 Oct 2022 14:04:44 GMT
Date: Tue, 04 Oct 2022 11:05:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4bd610954d1cad0675c2010a63e9c018 bd7e8708e02d74c5d7534a48221c9314530917f6 3b51bf349c5fc0841b5ee253093aa1dfabb8271f84bbb0eee07836dec331c1cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B51BF349C5FC0841B5EE253093AA1DFABB8271F84BBB0EEE07836DEC331C1CD"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10773
Expires: Tue, 04 Oct 2022 14:04:44 GMT
Date: Tue, 04 Oct 2022 11:05:11 GMT
Connection: keep-alive
|
|
| contagiousantagonizequarry.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98%3A3%3A1 | 173.233.137.52 | 200 OK | 2.4 kB |
URL HTTP/1.1contagiousantagonizequarry.com/sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98%3A3%3A1 IP173.233.137.52:0
File typeJSON data\012- , ASCII text, with very long lines (5754), with no line terminators Hash1d6bf29082518fec175383b5d4337131 bd07e4eb748d7a67473ba00b69bfe26b289ec0df 1197dd98b840a49b1c15008bb6f5554b028ebb05235ae563471b8da80d893829
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /sbar.json?key=01ffd36dfbce3d569baf8d846cd7bc65&uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98%3A3%3A1 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutpaid.com
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16650200; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; expires=Tue, 11 Oct 2022 11:05:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
uncs=1; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 05 Oct 2022 11:05:11 GMT; secure; SameSite=None
slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]; expires=Tue, 04 Oct 2022 11:05:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bb9cfddad3e01e245ef027947df66a66
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hasha1c45d147edffcf7edf9a2a6efcc27d1 3377fb5f6ff4311aa5ba6087dd389074fae7279c 5658f0c18fb7b3e8c28473d83dddae2d7672c70746004f49a04e9d00582bf587
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1271
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 11:05:11 GMT
Last-Modified: Tue, 04 Oct 2022 10:44:00 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
|
|
| unseenreport.com/pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 | 192.243.59.13 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=7e1d8f1ae70c40a4c328807cbe5300ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f0e8ff0dba3fa78a592dbb3444ac2503
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 | 192.243.59.13 | 200 OK | 1 B |
URL HTTP/1.1unseenreport.com/pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 IP192.243.59.13:0 ASN#39572 DataWeb Global Group B.V.
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pxf.gif?uuid=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=01ffd36dfbce3d569baf8d846cd7bc65&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=11 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d8352b72b6aabc69ae2ea827c853656
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| contagiousantagonizequarry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjWaTZ9GnbbQadDZYe1GlEcBoLSRitshCFtIncT%2FtYLvX8AAAD%2F%2FwEAAP%2F%2F7%2Bp2YYAEAAA%3D | 173.233.137.52 | 200 OK | 7 B |
URL HTTP/1.1contagiousantagonizequarry.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjWaTZ9GnbbQadDZYe1GlEcBoLSRitshCFtIncT%2FtYLvX8AAAD%2F%2FwEAAP%2F%2F7%2Bp2YYAEAAA%3D IP173.233.137.52:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjWaTZ9GnbbQadDZYe1GlEcBoLSRitshCFtIncT%2FtYLvX8AAAD%2F%2FwEAAP%2F%2F7%2Bp2YYAEAAA%3D HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b9298f35c096ac64761b5c6442acabf
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash66909c9078632d44ebf4a15cd12a5595 c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2 b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Tue, 04 Oct 2022 12:09:21 GMT
Date: Tue, 04 Oct 2022 11:05:12 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash66909c9078632d44ebf4a15cd12a5595 c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2 b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Tue, 04 Oct 2022 12:09:21 GMT
Date: Tue, 04 Oct 2022 11:05:12 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash66909c9078632d44ebf4a15cd12a5595 c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2 b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Tue, 04 Oct 2022 12:09:21 GMT
Date: Tue, 04 Oct 2022 11:05:12 GMT
Connection: keep-alive
|
|
| contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=667 | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=667 IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Findex.html&l=1688&fd=667 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg | 172.64.200.2 | 200 OK | 60 kB |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg IP172.64.200.2:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=821, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1232], progressive, precision 8, 281x290, components 3\012- data Hash9337eb4f9526f6d16e6d1602d8fee3ae 203c7272c5a60a752db43857b2d337d644f690f5 1e803197ccab280a9285cdae1adbea170504d59ef0bbf02aab3d9785c0871422
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/icon.jpg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: image/jpeg
content-length: 59931
last-modified: Tue, 08 Feb 2022 14:18:00 GMT
etag: "62027b98-ea1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5360456
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBQW9mABstkd8b%2FkvdycBHdbjyVda80Iydbgp6I%2F7uiKb%2BynnM4ctSa%2BRdRxXmLE1Z9imtbdfQ9sebmpwfqn8ApeqekoKx7Wi6SB4OeOhKkhMr%2FuWbRTMLB0p8t2QbVPleA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee79cc76ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.77.32 | 200 OK | 345 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash66909c9078632d44ebf4a15cd12a5595 c11a63fa7f302a0bafc7f20821d0e9ca9328f9d2 b525db57340ac0c9ac960f9e711431b1992008b5b1506d72e8260ad3743b8f3b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B525DB57340AC0C9AC960F9E711431B1992008B5B1506D72E8260AD3743B8F3B"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3849
Expires: Tue, 04 Oct 2022 12:09:21 GMT
Date: Tue, 04 Oct 2022 11:05:12 GMT
Connection: keep-alive
|
|
| contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=370 | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=370 IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fanimate.css&l=79245&fd=370 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fjs%2Fscript.js&l=468&fd=376 | 173.233.137.52 | 200 OK | 660 B |
URL HTTP/1.1contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fjs%2Fscript.js&l=468&fd=376 IP173.233.137.52:0
File typegzip compressed data, max compression\012- data Hash5860c780c8e9daa4f852038f02b5bdc2 c75c8b4db36bffe075ce493f06d011f855d5541a f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fjs%2Fscript.js&l=468&fd=376 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| contagiousantagonizequarry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjW9EWHyVh2mGy1W7HkgrXbzOcxZ00RRRy5m%2FC3Xuj9AwAA%2F%2F8BAAD%2F%2F28%2Bo4mABAAA | 173.233.137.52 | 200 OK | 7 B |
URL HTTP/1.1contagiousantagonizequarry.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjW9EWHyVh2mGy1W7HkgrXbzOcxZ00RRRy5m%2FC3Xuj9AwAA%2F%2F8BAAD%2F%2F28%2Bo4mABAAA IP173.233.137.52:0
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | fortinet | Phishing | | quad9 | Sinkholed | |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tcVRi9r8lCcCHVbhSUWYgoNJP35sebN1Yo1hoppk1pFbvT%2B%2BtNrrnv3ce9782bZBUsSpbjf%2FByJmloraLgTiwyKXQREDpuzML8D6J0JSIzDY5%2Bm%2B8795zF%2Bc53v9gtToiPgh5fvmq2lNZ0uV33a6%2FfCoILtVWVFoPaIAo%2FDlsXarb%2FZjes%2B2%2FU3pN8wyw3%2FMD3Az%2BorSgrYzNYnpJQ2f1uUO%2F69VajHrRbGNj%2FY1d4cNSD6J%2BQ56HEZPGhdw6Kj5Em316WbiM32fl3k0LT3Fj0xcGH6UZqyhTJfIythzg9OFXDuMcrD2DS%2FZldmP6%2FQqYmxHv0ACw9ODUJ1t%2Bb%2BWQaMgUTz6LsjyH1GIqOwc1tKPGYAFzg2hrS5M41Y0u6%2BZSlU3ZCFp%2F8AVVOyOJv55Am31zSalC7aXSRK5M6DOIKajCG6o2RFYfIt85AlYfg%2BWdQ4mey%2FGQVabK35rSBEsevyiaNaLsdLnUobS21uixcYlFIl5qtQMqIN6TsRrOAlBpDxWNoOQR1Cyich0J5KGIPReYhEcc1HgRBxxec%2BlGX86boSBYKP6CdOKCBH0Yo%2BHSHIfJsCK6H4HYbmd3GhhrCFj%2FBrVdwwoPLCfqiQikJSkdQUoJSEZQ5Qdmv9oV2DVfdEdoVLDjtjdPerEYm7%2B3SfZP3ZEp2sxNydhbc38%2F9ig15XPODOBbNUMSMy6Zoh11G40hErZCLDuNhG05VUO4MqPOwNT3i1%2BeRqQkhP%2FwJRg%2Fh9CG4OgtavAxajjoNH3R91Ip8bKX38kRSm9a5SSBMhSxfRL7p7eoT8uLMRfPWa5D86OIn7Ork97t%2FgdsKma3wqXpI0NM7oxumJHs3TOnId2tZrhK1RaenvZnTXC7ce19ulsaKK5fd8O7bfEpMx%2FsfSJev0lSotOfIV5eUENKuGMsl%2BfGK%2B0iy64Vbv1TYtMhWr7%2BzciXJrHROmXQMOl3s0RG4mpBnvt%2Bf%2FdqXPt%2BBsmPYokJSHJHTgjKH4Nk2XDb378wCrJ5rWOahLKqRbbD5o1YEWs4xZRXcfzCbz7tuBz37Cmh%2BG2lSoW8r9HUFqodwxcIoz%2BzRxV%2BaswLT3ohp6%2B0xbfWXT8N16rjW9EWHyVh2mGy1W7HkgrXbzOcxZ00RRRy5m%2FC3Xuj9AwAA%2F%2F8BAAD%2F%2F28%2Bo4mABAAA HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e16186e2c82736cebeb26e53e76114bd
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=394 | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1contagiousantagonizequarry.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=394 IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fflip_icon%2F13%2Fcss%2Fstyle.css&l=10065&fd=394 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| contagiousantagonizequarry.com/pixel/sbs?c=1 | 173.233.137.52 | 200 OK | 0 B |
URL HTTP/1.1contagiousantagonizequarry.com/pixel/sbs?c=1 IP173.233.137.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | | quad9 | Sinkholed | |
GET /pixel/sbs?c=1 HTTP/1.1
Host: contagiousantagonizequarry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Cookie: u_pl=16650200; uid_id2=e3a8a556-7aa4-49b6-b86a-341ee8c2ee98:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01ffd36dfbce3d569baf8d846cd7bc65=[3364902]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 04 Oct 2022 11:05:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400 IP142.250.74.10:0
GET /css?family=Montserrat:400,700%7CMuli:300,300i,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 11:05:08 GMT
date: Tue, 04 Oct 2022 11:05:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| creepingbrings.com/sfp.js | 172.64.199.30 | 200 OK | 0 B |
URL HTTP/2creepingbrings.com/sfp.js IP172.64.199.30:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:10 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bb255c3af90aa2062f754ba9d8a7180c
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 04 Oct 2022 11:05:10 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kiu%2BErbfbmm2lAS8aL%2FJjNTdc7wyM6XrKBhLn8hyDhbcVyOQFP9wZXlI7jCTUduxe7nnQtL808cTGb%2F7JB%2FJsPCWuk8QC9ixzJ1UOl1o7vDmBMslGWaWTkZUBi3JqaVfXjnT%2BbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70e14e847720-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html | 104.26.7.19 | 200 OK | 0 B |
URL HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html IP104.26.7.19:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 11:16:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMzVGURm%2BI9JVjgpg2QoUkWIGlEYfrfQKuPgLf2ZdCwY3jZoVqKxQKy4%2F48VJdGL4d0WHUH%2BYpSsnug7Ol1cswLwXIrh44bsTqn%2FHt0dDTs5IbpqalghCALmiJln5akkyZylOmo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70e9a8df1c02-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg | 172.64.200.2 | 200 OK | 0 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg IP172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: image/svg+xml
last-modified: Mon, 17 Jan 2022 14:26:00 GMT
etag: W/"61e57c78-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2764921
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9E1mjbSrwrJEXLFB%2Bv6kwqqZDkYon%2FM4mrGvgRvJJLsHxBlg6m8DBa%2BkFPRZDGLDHHPxXDD1Wk%2Fc5s2OOs4REzOhhQs%2BUcqo%2FSVxt4eEsKRyoDADKWjJEuzyrlw7P%2Br8XbE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee79c876ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css | 172.64.200.2 | 200 OK | 0 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css IP172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: text/css
last-modified: Mon, 17 Jan 2022 14:25:59 GMT
etag: W/"61e57c77-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K6Ye1LVbAwo67F12D4H54JrsNrOMDY0Vtb5hQNduS%2BndHO0rGOqYvnV2YI0O6ybPiopX5Z5DRY6A%2BQyB0H287rF4aUsJ1EsDnGXvu3TO%2FKixCV4RtJM%2FXQ6%2ByFJ30wV9qM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee69b076ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cutpaid.com/vdCU | 172.67.183.8 | 200 OK | 0 B |
IP172.67.183.8:0
GET /vdCU HTTP/1.1
Host: cutpaid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:08 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
set-cookie: AppSession=c5339b706dc80751c25f1856b40830fc; path=/; HttpOnly
csrfToken=ff6bbd9c2f4c2294961f501d567e652d551fc8fdfbd1e82d669019319942d47afc6d822238068ceb3b2739afaf7c1aa280c0b4defcc19beb4f1e2e18d228b4fa; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpDdG7i7CWXfX35vfVmOOGVmsNK8hYyRr7X17YKxVl8Ol8mO96dgteeoJDnIX1kVMIgV%2FZ2pVPb361SCzgfsBD3o3ZwXAri95qbcgj4HxTPxM3WlBADMZwRN12jGbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754d70d3b970fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js | 172.64.200.2 | 200 OK | 0 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js IP172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: application/javascript
last-modified: Mon, 17 Jan 2022 14:40:54 GMT
etag: W/"61e57ff6-1e8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGE2ZLEYgzrYmF%2BjZpd0ZoHCmrYfOWXzFYQqfOLQ8%2BVxssRrU6NCIA4XYqT3FEJ50izAcaQARXyIVpnjinKko8k%2FnHxFU1FdwzXOSFMfZ%2BX%2F7vCWjSrJWsGmE6l1YRXQOhc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee69ac76ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css | 172.64.200.2 | 200 OK | 0 B |
URL HTTP/2cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css IP172.64.200.2:0
GET /sb/notifications/utility/default/us/blog/Progamerage/flip_icon/13/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutpaid.com
Connection: keep-alive
Referer: https://cutpaid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 11:05:12 GMT
content-type: text/css
last-modified: Wed, 09 Feb 2022 11:16:21 GMT
etag: W/"6203a285-2751"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCtyZ1SDbSq03vtGXKk9BPEfAExv8YG7L%2FJKbdu3gjJX6xE7POqIQhBv8f%2Bn6avCipYo%2Fk4rrdI%2Fed5g02q1yMbDZQHBs087SrBrklJJrrzSdxzMZ%2BH38Hel7FyodunY9I0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754d70ee69aa76ba-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|