| cutwin.org/img/logo1.png | 104.21.42.54 | 200 OK | 34 kB |
IP104.21.42.54:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
File typePNG image data, 277 x 130, 8-bit/color RGBA, non-interlaced Hash94baea0d26ee500d54ef4aec7ad9576f c72ac5094921424da23052f8e16f1fe125bc1de7 768dd8e84dda93d321223ccad24d5bf2898bed4209625947124837d1fc3a887a
GET /img/logo1.png HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: image/png
content-length: 34282
x-frame-options: SAMEORIGIN
last-modified: Fri, 08 Nov 2019 23:36:42 GMT
cache-control: max-age=31536000
expires: Mon, 14 Apr 2025 21:34:13 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 968798
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T46NvX2QpEwYTRR%2FlqgtOfGfSnODNKrX%2BONLXgAQUdPpF7F6PLanv%2BJk8I9Om0JD6x091GTEEduwPIJ2zO9vd50uAStICLTer%2BPZD1LIFQs7xYn19YI%2BWZE7ikFM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e9886556c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.42.54 | 200 OK | 4.9 kB |
URL User Request GET HTTP/2IP104.21.42.54:443
CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1037), with CRLF, LF line terminators Hash7f26400f42112d1aafb21ce3837d5808 6d3248239e3dd9adfe037895922fd04fd4f9cb8d 8e2e29dfa4f3cc2b17db4dd9ce5e22e3c0831bcea7479a83495746655d570a21
GET /809vdER HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; path=/; HttpOnly
ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; expires=Fri, 26 Apr 2024 02:45:52 GMT; Max-Age=300; path=/; HttpOnly
csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIE6tSfhyfZR9eNW%2BXXh7EdIqoyFtdT7ifvkEY36E6KHK8e%2FqwDQSZ95SjlRDSfSTajJkggFUTVeU9hlXwZn3vOst6%2FPpwWDinP3JPVB6u%2B4zw27%2FBkO5OUNe8iU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e408255685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 23 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0 Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 02:02:48 GMT
expires: Wed, 23 Apr 2025 02:02:48 GMT
cache-control: public, max-age=31536000
age: 261485
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.227 | 200 OK | 24 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.227:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0 Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 15:44:03 GMT
expires: Fri, 25 Apr 2025 15:44:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 39410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Lato:300,400,700,900 | 142.250.74.106 | 200 OK | 887 B |
URL GET HTTP/2fonts.googleapis.com/css?family=Lato:300,400,700,900 IP142.250.74.106:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typegzip compressed data, max compression Hash11ff40a492d45e7f0adbb2c02e06fb73 a564014c6ee957b06df67e91beea4c7a205a22ba 1eab2c9109773555f8a451da4590931a3972d4b47407420eac3cb738becdfb1b
GET /css?family=Lato:300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:40:52 GMT
date: Fri, 26 Apr 2024 02:40:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| d1tt3ye7u0e0ql.cloudfront.net/?eyttd=996536 | 54.230.241.227 | 200 OK | 54 kB |
URL GET HTTP/2d1tt3ye7u0e0ql.cloudfront.net/?eyttd=996536 IP54.230.241.227:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (15945) Hash517016036a66262b88ac9e425af5cfb3 a226c9f8014dab08453dd7e63f80e7cfb3859262 b8e4f7b0b635e727ad7bcc3b9f722fbe5d4c58041326895d49f09a08030abacf
GET /?eyttd=996536 HTTP/1.1
Host: d1tt3ye7u0e0ql.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 54492
date: Fri, 26 Apr 2024 02:40:52 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vuaJPajiesKyKSR7ps0wir7QbCfjrDYOhcMuuCY2LteoZdncRt-hlA==
X-Firefox-Spdy: h2
|
|
| onservantasr.info/MEFjeVBRIwAUb1F8AV8lQi1eXGJ2ZFE/NAE1F0opVXYWSTUAMA9XM1wuFh02Qi4NDX5eJBdcYnYOMEs0WAxSGj9zAFovMXR5LDsBBTQAFRZlACQ/JHY5LS4daBgmPxVTJioePGAZICwjYRAXOB9zFDshFVsGIToBXgMxICV+EzEbEVoPIT8FWzsHFTR4GRkgPHEHFC8dWRQmIRF6OSgeHXQFDjckdTklGgB4GCY9FkMrKSgjaBMwOD9hEzEqMVkYKj5hX3YpDgp1ADE/dQIDMC8VZxs7DQB3ECkUMlwQCT89ZnYgDjhUCAk3E2U2Lg8zAQRGSxJyFi0MBnNsLi4KaDI1PyhqKiAVZWgJNB05YS0uPR1zdSY6PEg4BioWZABRI2dmcCI9Cl10NSwGZWRROx9hCCshEwk0NSozexg0LwhicTkINVdnCQo/XjFeAwF/AiVPEVUTFhEFSA | 54.230.111.88 | 200 OK | 1.2 kB |
URL GET HTTP/2onservantasr.info/MEFjeVBRIwAUb1F8AV8lQi1eXGJ2ZFE/NAE1F0opVXYWSTUAMA9XM1wuFh02Qi4NDX5eJBdcYnYOMEs0WAxSGj9zAFovMXR5LDsBBTQAFRZlACQ/JHY5LS4daBgmPxVTJioePGAZICwjYRAXOB9zFDshFVsGIToBXgMxICV+EzEbEVoPIT8FWzsHFTR4GRkgPHEHFC8dWRQmIRF6OSgeHXQFDjckdTklGgB4GCY9FkMrKSgjaBMwOD9hEzEqMVkYKj5hX3YpDgp1ADE/dQIDMC8VZxs7DQB3ECkUMlwQCT89ZnYgDjhUCAk3E2U2Lg8zAQRGSxJyFi0MBnNsLi4KaDI1PyhqKiAVZWgJNB05YS0uPR1zdSY6PEg4BioWZABRI2dmcCI9Cl10NSwGZWRROx9hCCshEwk0NSozexg0LwhicTkINVdnCQo/XjFeAwF/AiVPEVUTFhEFSA IP54.230.111.88:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerAmazon Subjectonservantasr.info Fingerprint4E:0A:E9:00:74:B8:B3:C9:4F:2A:1E:4E:6D:FA:10:D6:85:BC:6F:CE ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3042), with no line terminators Hashf9c55dcd76d1408ddf12219919598c15 7ded25cf1d038006495a4329d883dd4b4e9ef128 0bb4267dbb890fa8e92aff073dd38b257db046f8da5351db5ca4496da6233c3b
GET /MEFjeVBRIwAUb1F8AV8lQi1eXGJ2ZFE/NAE1F0opVXYWSTUAMA9XM1wuFh02Qi4NDX5eJBdcYnYOMEs0WAxSGj9zAFovMXR5LDsBBTQAFRZlACQ/JHY5LS4daBgmPxVTJioePGAZICwjYRAXOB9zFDshFVsGIToBXgMxICV+EzEbEVoPIT8FWzsHFTR4GRkgPHEHFC8dWRQmIRF6OSgeHXQFDjckdTklGgB4GCY9FkMrKSgjaBMwOD9hEzEqMVkYKj5hX3YpDgp1ADE/dQIDMC8VZxs7DQB3ECkUMlwQCT89ZnYgDjhUCAk3E2U2Lg8zAQRGSxJyFi0MBnNsLi4KaDI1PyhqKiAVZWgJNB05YS0uPR1zdSY6PEg4BioWZABRI2dmcCI9Cl10NSwGZWRROx9hCCshEwk0NSozexg0LwhicTkINVdnCQo/XjFeAwF/AiVPEVUTFhEFSA HTTP/1.1
Host: onservantasr.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Fri, 26 Apr 2024 02:40:53 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tPQxxnNZ9QLdubQamS2NGY4YSQmi8kYBuBylgNZErtVYL7zrom864g==
X-Firefox-Spdy: h2
|
|
| cutwin.org/js/ads.js?ver=6.6.2 | 104.21.42.54 | 200 OK | 126 B |
URL GET HTTP/3cutwin.org/js/ads.js?ver=6.6.2 IP104.21.42.54:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
Hash9e7e54b2d6fc22c0022b88b7125cbe03 236c6e87760ac733a938cb1897d3a7cb6fc5c86c 519204a7ecc3dc77ded647aa00567d6bf8c587049f389b1936914f7fab44c6fa
GET /js/ads.js?ver=6.6.2 HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:53 GMT
content-type: text/javascript
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=2592000
expires: Sun, 26 May 2024 02:40:53 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bJGIEyRSGSO4jNzO6sZOW%2BtxIRO26wWUySyFERUl%2FR4SPVDisKNGsELRHdRcT65r%2B6urWEg8fczcUYCdjNoIIoMIBgUYimu0tnEsuB4DDZQNIktOGA1Cd5d4yPr%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e9886656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cutwin.org/cloud_theme/build/fonts/fontawesome-webfont.woff2 | 104.21.42.54 | 200 OK | 77 kB |
URL GET HTTP/3cutwin.org/cloud_theme/build/fonts/fontawesome-webfont.woff2 IP104.21.42.54:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /cloud_theme/build/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:53 GMT
content-type: font/woff2
content-length: 77160
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3c%2Bqh7%2FkShGWPL9SNnMY2CsQSctB1%2BGDeDdDEw9RR1skZvMZLYY5%2FlxQP3u%2B5QGNzzjmXokFAvhos6wJOEO6%2FndOmK%2BgyPmbX0Lp2qHL3HaxEead0fQ%2B146PIC8e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335ea889756c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| d1tt3ye7u0e0ql.cloudfront.net/OS2dhM1coCA9VaD8OBQ5uclFUAGFtFxNWMXYEFEcgIglPXCUsQQtAOCUXXEkGBCQnBRYuNRRbAjNBFUkzdldHXzYlAFwVMiUEXAJxKgMDDmNtExFcPHYEDFsjJQsXRSAoQRRSaiYIG1o7JwZEARF+SVEWZXtPGQJmblQjFmV7CwhdIjNCUwMvc1E+BWNuVC-MWZXsVFxZkCl5XHWdiQlMDMC4EClxyeSFTA2Z7V1ADZm5VUVU+OQIHXC9uVScKYWVXR0Zqeg | 54.230.241.227 | | 511 B |
URL d1tt3ye7u0e0ql.cloudfront.net/OS2dhM1coCA9VaD8OBQ5uclFUAGFtFxNWMXYEFEcgIglPXCUsQQtAOCUXXEkGBCQnBRYuNRRbAjNBFUkzdldHXzYlAFwVMiUEXAJxKgMDDmNtExFcPHYEDFsjJQsXRSAoQRRSaiYIG1o7JwZEARF+SVEWZXtPGQJmblQjFmV7CwhdIjNCUwMvc1E+BWNuVC-MWZXsVFxZkCl5XHWdiQlMDMC4EClxyeSFTA2Z7V1ADZm5VUVU+OQIHXC9uVScKYWVXR0Zqeg IP54.230.241.227:0
CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (741), with no line terminators Hashed2815f4b7ca9f1e05163b26cb08b6de 43f3f5d46a57aa4ff677d19863f5a83301a9ee9c dcbe6ee45f72ac6583702c3e86944f59b89c982f6281f1093809c79082172f3d
GET /OS2dhM1coCA9VaD8OBQ5uclFUAGFtFxNWMXYEFEcgIglPXCUsQQtAOCUXXEkGBCQnBRYuNRRbAjNBFUkzdldHXzYlAFwVMiUEXAJxKgMDDmNtExFcPHYEDFsjJQsXRSAoQRRSaiYIG1o7JwZEARF+SVEWZXtPGQJmblQjFmV7CwhdIjNCUwMvc1E+BWNuVC-MWZXsVFxZkCl5XHWdiQlMDMC4EClxyeSFTA2Z7V1ADZm5VUVU+OQIHXC9uVScKYWVXR0Zqeg HTTP/1.1
Host: d1tt3ye7u0e0ql.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onservantasr.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 511
date: Fri, 26 Apr 2024 02:40:53 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7wCP8lZWangdslJ-Lzwylx8QeTJ7hDJVyFK7Z3YYRaBFPzehrlWIpA==
X-Firefox-Spdy: h2
|
|
| cutwin.org/cloud_theme/build/img/header.jpg | 104.21.42.54 | 200 OK | 148 kB |
URL GET HTTP/3cutwin.org/cloud_theme/build/img/header.jpg IP104.21.42.54:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1921x900, components 3 Size148 kB (147797 bytes) Hash6b2a1485a7fecf2952de8d1a509c9222 f2a1c65418f749944a823efc6d5881a7c81fdf23 574ed0467392f0d91d140cdbb5c7e38c8b2aa22731de61c50b9b5bfe01e13daf
GET /cloud_theme/build/img/header.jpg HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:53 GMT
content-type: image/jpeg
content-length: 147797
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=31536000
expires: Sat, 26 Apr 2025 02:40:53 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IA008tu3fCYFLl8oC7L53xe6ev%2FeNId024iXYajlLFceUJqoY2t4aA9co7sMjYo8Pl8yfX0bb0oEdYehnGmhTAjrqzTupgV2qzD4Bl9uL3OMiKgcoTb5ChY1g9tZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335ea688d56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js IP172.240.108.68:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subject*.sarcasticnotarycontrived.com Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40 ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT
File typeJavaScript source, ASCII text, with very long lines (31253), with no line terminators Hashb66e03f21f0fcd47cfd268509b23f5d5 bc4e06a165d5dba6d013d02c07f64b534b4cd8df b80ba2107a22f74a404d11ee69175cee036e89ddc230ed78de057a2f6ab3f232
GET /b00fd22bf5adda5ce1b6b4739264d77a/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2bc7e76f1153b88f66b489041fbf4ca4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js IP172.240.108.68:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subject*.sarcasticnotarycontrived.com Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40 ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT
File typeJavaScript source, ASCII text, with very long lines (31286), with no line terminators Hash589f00b44314b0385fb58bc0de960738 4f03695cd3e8b4e5a029015723ea4a8d46743eb0 0813f5d6f7078005ea9a90d99b9f9292aeaf020b136f25806ab4bb0f6c03723f
GET /b00fd22bf5adda5ce1b6b4739264d77a/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90c920e77a11c03516d1b39806e2b1c0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| static.cloudflareinsights.com/beacon.min.js | 104.16.80.73 | 200 OK | 6.7 kB |
URL GET HTTP/2static.cloudflareinsights.com/beacon.min.js IP104.16.80.73:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typegzip compressed data, from Unix Hash4e6f710188df25bb459d5d73cf726231 8914d9049c9afcc3ba9b5d0c4ffbb7138167be2b 05193fe146ad1b442ee037caf0efe83763b8627127be0eb7a03760079b16c55e
GET /beacon.min.js HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a335e9acca56c5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashb10e4451e29c351958ddc769490f5c10 c4a24ba35412ad2f0fa61749fc62088615658601 44f8b1dee920e2c41df6ae2eb0803decfe6d060c7f318a26ef327c94e18dd363
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cutwin.org
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| sarcasticnotarycontrived.com/06749197bd890c2748ee08022147a644/invoke.js | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1sarcasticnotarycontrived.com/06749197bd890c2748ee08022147a644/invoke.js IP172.240.108.68:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subject*.sarcasticnotarycontrived.com Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40 ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT
File typeJavaScript source, ASCII text, with very long lines (31324), with no line terminators Hash0696f9c0a7566f24d8e4595c50268427 197acefb62f78497624ba32f3b98611555f19ceb dbe4ccdc4a3724e77a87af040f83b90e5d32293c289959eb01aabb95a137d6c5
GET /06749197bd890c2748ee08022147a644/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 280f3f82043ad7d185617093d1789fbc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js | 172.240.108.68 | 200 OK | 12 kB |
URL GET HTTP/1.1sarcasticnotarycontrived.com/b00fd22bf5adda5ce1b6b4739264d77a/invoke.js IP172.240.108.68:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subject*.sarcasticnotarycontrived.com Fingerprint10:5B:4C:2C:01:5E:16:45:2D:08:5B:5A:77:61:29:AA:A7:90:63:40 ValidityTue, 02 Apr 2024 07:02:01 GMT - Mon, 01 Jul 2024 07:02:00 GMT
File typeJavaScript source, ASCII text, with very long lines (31253), with no line terminators Hash76a5b7bc3eec6c901fb8e1dd6e00b149 8f71b872cf7d0ed07a3a47fc6aa82d4cedba866b 43600fb88565ed6405af5b841cd16d0aa066bbcb7dc5a22e121b584e1ff3739c
GET /b00fd22bf5adda5ce1b6b4739264d77a/invoke.js HTTP/1.1
Host: sarcasticnotarycontrived.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4f6fdce28cc370d3292ac8b02ed300df
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cutwin.org/cloud_theme/build/img/footer.jpg | 104.21.42.54 | 200 OK | 11 kB |
URL GET HTTP/3cutwin.org/cloud_theme/build/img/footer.jpg IP104.21.42.54:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x231, components 3 Hash8dc8323360a9ca5837521e0e70000799 e9f90a106ca330f77c87e80ee6e819294f5061fe 3ef0ac3809f5aacada358d6070cab7f6e7c0d21afcb59400331d6a52f4db8686
GET /cloud_theme/build/img/footer.jpg HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: image/jpeg
content-length: 10593
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=31536000
expires: Mon, 14 Apr 2025 21:34:22 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 968792
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rYoPLIY5%2F1OEh%2BBQFSHIn8LKLT25BIHATYBO%2Fl1vvKkYppFxvRv0W2eukvVh4x8egOhtW0MPhT1ygw119e32gRVdft%2FUASZwcCxkvUDv5sWOlpb7qGV%2FgZP1fdF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335f3eae956c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 | 216.58.207.227 | 200 OK | 22 kB |
URL GET HTTP/2fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 IP216.58.207.227:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22504, version 1.0 Hash1c6c65523675abc6fcd78e804325bd77 898d9808304dc157f5dcb18ca169ec6e2b96b3d7 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:32:58 GMT
expires: Fri, 25 Apr 2025 02:32:58 GMT
cache-control: public, max-age=31536000
age: 86876
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jumpedanxious.com/watch.963316278810.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 | 172.240.108.68 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1jumpedanxious.com/watch.963316278810.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 IP172.240.108.68:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectjumpedanxious.com Fingerprint11:0C:D6:84:95:BB:1E:9C:2D:47:45:E1:9F:5B:7B:AB:FA:F9:21:00 ValidityWed, 24 Apr 2024 15:00:10 GMT - Tue, 23 Jul 2024 15:00:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.963316278810.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: jumpedanxious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Location: https://jumpedanxious.com/watch.963316278810.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=c3a9a1024d45a00b4cde10aecc3f865978846e24e8baed803a4fa304f154a9edfb52a53afcf58a510afffacf5ee4a3e64f3255997f3206117727b77ce2e2415b6a6df02e59efe6a152921d5381e2071c70e3e1cb6e8fdaaacdafc3658df0356e5f&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Set-Cookie: u_pl=15222909; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk; expires=Fri, 26 Apr 2024 02:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 486dd6260dea7c23e0118c637e6f472f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| navigateconfuseanonymous.com/watch.1070159500711.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 | 172.240.253.132 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1navigateconfuseanonymous.com/watch.1070159500711.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 IP172.240.253.132:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectnavigateconfuseanonymous.com Fingerprint80:FE:57:06:46:46:51:C4:1F:17:DB:EA:13:34:13:84:F9:F8:34:C8 ValidityWed, 24 Apr 2024 15:00:54 GMT - Tue, 23 Jul 2024 15:00:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1070159500711.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: navigateconfuseanonymous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Location: https://navigateconfuseanonymous.com/watch.1070159500711.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=b6a72453388d0a455a7ae6a7ee1e0f8254a985a07d231f4bcf66115869814f1f5cdf81a67fd60502b8e530fa6f43e067825d9fcaa1ce718ba4e2d459bf0e6c3e49e630a9a38b2450e34aec6cfa8a62854c232e53e1880824d1b1cd9fceef8ef691f056&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Set-Cookie: u_pl=15222909; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk; expires=Fri, 26 Apr 2024 02:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c8f055d1111b8f225466da3bc5556713
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| supervisebradleyrapidly.com/watch.133388985824.js?key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 | 172.240.253.132 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1supervisebradleyrapidly.com/watch.133388985824.js?key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 IP172.240.253.132:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectsupervisebradleyrapidly.com FingerprintB9:18:E3:8A:C9:DC:5E:0A:A3:8F:1C:44:1F:63:28:86:43:4F:A2:E2 ValidityWed, 24 Apr 2024 15:15:52 GMT - Tue, 23 Jul 2024 15:15:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.133388985824.js?key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: supervisebradleyrapidly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Location: https://supervisebradleyrapidly.com/watch.133388985824.js?dev=e&key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=31fe783d34958727af2ebca620e097be2425014ea12fca5ba2ba5a454336771138f317c31817e0aec04ed76b91d90e7292ec08c60d8fd6b6a05037e00f54f851b8896b9bcca7d650e171c7a6db13ec3146f681c36c48de65af8da608b82514&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Set-Cookie: u_pl=17565006; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NTAwNiwiayI6IjA2NzQ5MTk3YmQ4OTBjMjc0OGVlMDgwMjIxNDdhNjQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTYzMTAzLCJwaWQiOjExMTE2MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1cTEyazlpbjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jdXR3aW4ub3JnLzgwOXZkRVIiLCJhciI6W119fQ.GixN140N1JUSEgYhuLY8mrGCMjWim9Bz7cKyA8sBFec; expires=Fri, 26 Apr 2024 02:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 895c5d28aff6faefb96c15f443ee65da
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| jumpedanxious.com/watch.963316278810.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=c3a9a1024d45a00b4cde10aecc3f865978846e24e8baed803a4fa304f154a9edfb52a53afcf58a510afffacf5ee4a3e64f3255997f3206117727b77ce2e2415b6a6df02e59efe6a152921d5381e2071c70e3e1cb6e8fdaaacdafc3658df0356e5f&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 | 172.240.108.68 | 200 OK | 2.0 kB |
URL GET HTTP/1.1jumpedanxious.com/watch.963316278810.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=c3a9a1024d45a00b4cde10aecc3f865978846e24e8baed803a4fa304f154a9edfb52a53afcf58a510afffacf5ee4a3e64f3255997f3206117727b77ce2e2415b6a6df02e59efe6a152921d5381e2071c70e3e1cb6e8fdaaacdafc3658df0356e5f&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 IP172.240.108.68:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectjumpedanxious.com Fingerprint11:0C:D6:84:95:BB:1E:9C:2D:47:45:E1:9F:5B:7B:AB:FA:F9:21:00 ValidityWed, 24 Apr 2024 15:00:10 GMT - Tue, 23 Jul 2024 15:00:09 GMT
File typeJavaScript source, ASCII text, with very long lines (2504) Hash82d0543771f05ee6e3d80c0f5df52bf3 b37c9820bcd9d0a183bb339cb6cfbe8c8becf7f4 2bb35df3ed5813534ceba3a65d6356865060fdf72a332deb7ae2b31f064b91f3
GET /watch.963316278810.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=c3a9a1024d45a00b4cde10aecc3f865978846e24e8baed803a4fa304f154a9edfb52a53afcf58a510afffacf5ee4a3e64f3255997f3206117727b77ce2e2415b6a6df02e59efe6a152921d5381e2071c70e3e1cb6e8fdaaacdafc3658df0356e5f&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: jumpedanxious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15222909; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1; expires=Fri, 03 May 2024 02:40:54 GMT; secure; SameSite=None
iprc1da453f1d40c0aa2a05889ec423cca13=5191359; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a64100abf56d60206659fac82c05a9d7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| navigateconfuseanonymous.com/watch.1070159500711.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=b6a72453388d0a455a7ae6a7ee1e0f8254a985a07d231f4bcf66115869814f1f5cdf81a67fd60502b8e530fa6f43e067825d9fcaa1ce718ba4e2d459bf0e6c3e49e630a9a38b2450e34aec6cfa8a62854c232e53e1880824d1b1cd9fceef8ef691f056&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 | 172.240.253.132 | 200 OK | 2.0 kB |
URL GET HTTP/1.1navigateconfuseanonymous.com/watch.1070159500711.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=b6a72453388d0a455a7ae6a7ee1e0f8254a985a07d231f4bcf66115869814f1f5cdf81a67fd60502b8e530fa6f43e067825d9fcaa1ce718ba4e2d459bf0e6c3e49e630a9a38b2450e34aec6cfa8a62854c232e53e1880824d1b1cd9fceef8ef691f056&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 IP172.240.253.132:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectnavigateconfuseanonymous.com Fingerprint80:FE:57:06:46:46:51:C4:1F:17:DB:EA:13:34:13:84:F9:F8:34:C8 ValidityWed, 24 Apr 2024 15:00:54 GMT - Tue, 23 Jul 2024 15:00:53 GMT
File typeJavaScript source, ASCII text, with very long lines (2517) Hashe265b7b4015ac36cc44bc27c17de51e8 b9a4026e90fd7a1d8ecc4afb3c8b67c6f42e9b9b 668cd541e82251d261aebeae3f3cdfddee3c78a54b8ace5f010a5aa22b56cc0e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1070159500711.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=b6a72453388d0a455a7ae6a7ee1e0f8254a985a07d231f4bcf66115869814f1f5cdf81a67fd60502b8e530fa6f43e067825d9fcaa1ce718ba4e2d459bf0e6c3e49e630a9a38b2450e34aec6cfa8a62854c232e53e1880824d1b1cd9fceef8ef691f056&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: navigateconfuseanonymous.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15222909; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1; expires=Fri, 03 May 2024 02:40:54 GMT; secure; SameSite=None
iprcf7f3409cb24fbcff9dcfdd1a73073ab3=5191357; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e3f38bf5e4410b13dd23465e4577b8a9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| belongedenemy.com/watch.1119244623998.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 | 192.243.59.13 | 307 Temporary Redirect | 0 B |
URL GET HTTP/1.1belongedenemy.com/watch.1119244623998.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectbelongedenemy.com Fingerprint1D:22:55:32:18:99:69:96:5D:C0:1E:E6:F7:3E:F2:EA:2F:06:72:AA ValidityTue, 23 Apr 2024 10:53:14 GMT - Mon, 22 Jul 2024 10:53:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1119244623998.js?key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&refer=https%3A%2F%2Fcutwin.org%2F809vdER&tz=0&dev=e&res=14.2071&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: belongedenemy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Location: https://belongedenemy.com/watch.1119244623998.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=98dbb259fdea918eb4af05eea757d7b0920363c0a3de83aafda9396fc0f48d11df395ce568c00a8b4a9a4fe80012e685cfaa2b84b85cd30ab87fe999083c5502353a934291ded6d624f41c11a127b2da3f794549dfe89474cd77a87299f9&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1
Set-Cookie: u_pl=15222909; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk; expires=Fri, 26 Apr 2024 02:41:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ccc1e47c05d11fca1080a1a8a3c43952
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| supervisebradleyrapidly.com/watch.133388985824.js?dev=e&key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=31fe783d34958727af2ebca620e097be2425014ea12fca5ba2ba5a454336771138f317c31817e0aec04ed76b91d90e7292ec08c60d8fd6b6a05037e00f54f851b8896b9bcca7d650e171c7a6db13ec3146f681c36c48de65af8da608b82514&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 | 172.240.253.132 | 200 OK | 2.1 kB |
URL GET HTTP/1.1supervisebradleyrapidly.com/watch.133388985824.js?dev=e&key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=31fe783d34958727af2ebca620e097be2425014ea12fca5ba2ba5a454336771138f317c31817e0aec04ed76b91d90e7292ec08c60d8fd6b6a05037e00f54f851b8896b9bcca7d650e171c7a6db13ec3146f681c36c48de65af8da608b82514&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 IP172.240.253.132:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectsupervisebradleyrapidly.com FingerprintB9:18:E3:8A:C9:DC:5E:0A:A3:8F:1C:44:1F:63:28:86:43:4F:A2:E2 ValidityWed, 24 Apr 2024 15:15:52 GMT - Tue, 23 Jul 2024 15:15:51 GMT
File typeJavaScript source, ASCII text, with very long lines (2651) Hash6bd638bfd77c51d5f02f9eb0ac2929b3 5c71877486f0c1a8f32b3bbbca5381ac1ec3325c 38f04d91f07611d39b0be74618c395edd43986f65e9d9992a5895e529812d998
GET /watch.133388985824.js?dev=e&key=06749197bd890c2748ee08022147a644&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=31fe783d34958727af2ebca620e097be2425014ea12fca5ba2ba5a454336771138f317c31817e0aec04ed76b91d90e7292ec08c60d8fd6b6a05037e00f54f851b8896b9bcca7d650e171c7a6db13ec3146f681c36c48de65af8da608b82514&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: supervisebradleyrapidly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17565006; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzU2NTAwNiwiayI6IjA2NzQ5MTk3YmQ4OTBjMjc0OGVlMDgwMjIxNDdhNjQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTYzMTAzLCJwaWQiOjExMTE2MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJ1cTEyazlpbjciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9jdXR3aW4ub3JnLzgwOXZkRVIiLCJhciI6W119fQ.GixN140N1JUSEgYhuLY8mrGCMjWim9Bz7cKyA8sBFec
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1; expires=Fri, 03 May 2024 02:40:54 GMT; secure; SameSite=None
iprc40c1f325b7d208ef8d6a4433fae7d48b=3569806; expires=Fri, 26 Apr 2024 06:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1eee47be697f8d77b6e5823ee3b14b92
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/59/e2/73/59e273b873f0f7092b74f2766d60aebd/1711620525.jpg | 45.133.44.9 | 200 OK | 72 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/59/e2/73/59e273b873f0f7092b74f2766d60aebd/1711620525.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, baseline, precision 8, 300x250, components 3 Hash2d281de4129fb09c0e095c5b9beeb115 bf238757cb5055f99aeb9911d422850a56fe2c39 c8d22cd8ebf01584785595b2ef4f82c1b677742241f562a0aca5c775a4229980
GET /cti/59/e2/73/59e273b873f0f7092b74f2766d60aebd/1711620525.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: image/jpeg
content-length: 71789
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:08:53 GMT
etag: "660541b5-1186d"
expires: Sun, 28 Apr 2024 02:40:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg | 45.133.44.9 | 200 OK | 75 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, baseline, precision 8, 300x250, components 3 Hash156f3383d85fab2d082c4d0e64549de1 0b475fdfafa1cfae8ddd899beb3d2e7120f99d06 ae5f621f49ad4c3cd9b5c19f1e244097c627a02349dc9c50da49455f4c44a107
GET /cti/17/19/34/171934cf2a024c013ac2c2b0805d9eae/1711620479.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: image/jpeg
content-length: 75237
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:08:08 GMT
etag: "66054188-125e5"
expires: Sun, 28 Apr 2024 02:40:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| belongedenemy.com/watch.1119244623998.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=98dbb259fdea918eb4af05eea757d7b0920363c0a3de83aafda9396fc0f48d11df395ce568c00a8b4a9a4fe80012e685cfaa2b84b85cd30ab87fe999083c5502353a934291ded6d624f41c11a127b2da3f794549dfe89474cd77a87299f9&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 | 192.243.59.13 | 200 OK | 2.0 kB |
URL GET HTTP/1.1belongedenemy.com/watch.1119244623998.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=98dbb259fdea918eb4af05eea757d7b0920363c0a3de83aafda9396fc0f48d11df395ce568c00a8b4a9a4fe80012e685cfaa2b84b85cd30ab87fe999083c5502353a934291ded6d624f41c11a127b2da3f794549dfe89474cd77a87299f9&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectbelongedenemy.com Fingerprint1D:22:55:32:18:99:69:96:5D:C0:1E:E6:F7:3E:F2:EA:2F:06:72:AA ValidityTue, 23 Apr 2024 10:53:14 GMT - Mon, 22 Jul 2024 10:53:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2504) Hash0a9135d56002215a4dc08d608ea58095 0a91d559874352ce250cfa9457634b30f3d4f6d5 0b6be34881de3fc080e9d8649c3741f6a51d601c1b7446db226e43d1f63e3785
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /watch.1119244623998.js?dev=e&key=b00fd22bf5adda5ce1b6b4739264d77a&kw=%5B%22cutwin%22%2C%22custom%22%2C%22url%22%2C%22shortener%22%2C%22link%22%2C%22management%22%2C%22branded%22%2C%22links%22%5D&pst=1714099314&refer=https%3A%2F%2Fcutwin.org%2F809vdER&res=14.2071&rmtc=t&shu=98dbb259fdea918eb4af05eea757d7b0920363c0a3de83aafda9396fc0f48d11df395ce568c00a8b4a9a4fe80012e685cfaa2b84b85cd30ab87fe999083c5502353a934291ded6d624f41c11a127b2da3f794549dfe89474cd77a87299f9&tz=0&uuid=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1 HTTP/1.1
Host: belongedenemy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cutwin.org
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl=15222909; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNTIyMjkwOSwiayI6ImIwMGZkMjJiZjVhZGRhNWNlMWI2YjQ3MzkyNjRkNzdhIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzExMjUsInBpZCI6MTExMTYyLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjUsInB0Ijo0LCJwayI6ImlzZm5kdmppYSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1dHdpbi5vcmcvODA5dmRFUiIsImFyIjpbXX19.Oq7DbKYA7k46g41QWbHSrt-Vf56wKsPjev8aVUod8Zk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 02:40:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cutwin.org
Access-Control-Allow-Origin: https://cutwin.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=0cc207f9-0cee-4464-87ae-0e3186432010:2:1; expires=Fri, 03 May 2024 02:40:54 GMT; secure; SameSite=None
iprcb16ef953ddc4821f293320e5ea32a630=5191360; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
uncs5=1; expires=Sat, 27 Apr 2024 02:40:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7c1dec7f8b8456fba82a82c71494517
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png | 45.133.44.9 | 200 OK | 144 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Size144 kB (144379 bytes) Hash33c304429dc1a4408a96e6a74ffa2feb c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04 dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:54 GMT
content-type: image/png
content-length: 144379
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Sun, 28 Apr 2024 02:40:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.cloudimagesb.com/cti/05/0a/19/050a197ca13c4569fbeb1996bb9a28fa/1711620546.jpg | 45.133.44.9 | 200 OK | 87 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/05/0a/19/050a197ca13c4569fbeb1996bb9a28fa/1711620546.jpg IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://cutwin.org/809vdER CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typeJPEG image data, baseline, precision 8, 300x250, components 3 Hash34b6557a0bdc421b4ee9cdb0cc3c4bea 7400ae77f2911ebe0f3c6a9cce27e972902b0458 00cc7a09bd02fd45f1a79e05dca3486bda60dc04dff064d59d6a569836d3c474
GET /cti/05/0a/19/050a197ca13c4569fbeb1996bb9a28fa/1711620546.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:55 GMT
content-type: image/jpeg
content-length: 86803
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:09:14 GMT
etag: "660541ca-15313"
expires: Sun, 28 Apr 2024 02:40:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube | 108.177.14.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP108.177.14.84:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:Um84UiIfA7_SL-elQqaImf0R5iisew:HwT005hqBvf08oHo; Expires=Sun, 26-Apr-2026 02:40:55 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxcuspqQ-zonL_hRT69ppt_xjhsnaNk98yy0o0f1tl8TxYNQsLCsb704SMPB5cCKbGXst8IHA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-D-xIosf4qSkmnL_tstMU9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail | 108.177.14.84 | 302 Found | 0 B |
URL GET HTTP/2accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP108.177.14.84:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:NT0i74sSKSRK4wJDp4DKWtMMsO8rbw:RZPHbkR3jQBPxnJR; Expires=Sun, 26-Apr-2026 02:40:55 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzb8IXH4VLz9MS0arV-Q-68sacjgFbj-gwt_l7GNNNj8PK8oKIn0RwtL7vpVeLTaSj5YYqXbA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-HFE8RIVW3vzi14YCfe_0ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxcuspqQ-zonL_hRT69ppt_xjhsnaNk98yy0o0f1tl8TxYNQsLCsb704SMPB5cCKbGXst8IHA | 108.177.14.84 | 302 Found | 429 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxcuspqQ-zonL_hRT69ppt_xjhsnaNk98yy0o0f1tl8TxYNQsLCsb704SMPB5cCKbGXst8IHA IP108.177.14.84:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
File typeHTML document, ASCII text, with very long lines (406) Hashd124329cf30d2bcdcc9c067aeb64cf7a a66076eb3bab9596dd352ce94d5c4ab34289bebc 7842c0d239b548eb201776de46c32630959e9b48a1e90368790af31ae6d9bc70
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQxcuspqQ-zonL_hRT69ppt_xjhsnaNk98yy0o0f1tl8TxYNQsLCsb704SMPB5cCKbGXst8IHA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:HmVhcYK_aeMKELE7F0UYbe7YBMNV5g:I5wzN_ZwzTGD6R2d;Path=/;Expires=Sun, 26-Apr-2026 02:40:55 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzQPrx4pBZCIkMZKjCyGSIIVAv334GLaZpKAEaqCeCRjaV5hnaFPgAw3ChSvL4HjdqK7NohCQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587342406%3A1714099255361550&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-qqqD-MQcfCeqYHnJwgQdmA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 429
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzb8IXH4VLz9MS0arV-Q-68sacjgFbj-gwt_l7GNNNj8PK8oKIn0RwtL7vpVeLTaSj5YYqXbA | 108.177.14.84 | 302 Found | 426 B |
URL GET HTTP/2accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzb8IXH4VLz9MS0arV-Q-68sacjgFbj-gwt_l7GNNNj8PK8oKIn0RwtL7vpVeLTaSj5YYqXbA IP108.177.14.84:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14 ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT
File typeHTML document, ASCII text, with very long lines (404) Hashea6e57a7d8c114a2717c40314030eace ae7270f03ab99242540d54a19c95c8f11b059295 dbbf7ed37b856b52aa1b58715d55b38f94d7d0c29e81e4bc2ab4f78522db44e6
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQzb8IXH4VLz9MS0arV-Q-68sacjgFbj-gwt_l7GNNNj8PK8oKIn0RwtL7vpVeLTaSj5YYqXbA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:RXnCl2_YY66VG4GDzgyKlaSTn5QKAQ:Lah37KSvKf3ch1ph;Path=/;Expires=Sun, 26-Apr-2026 02:40:55 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx0yIrhEf3kt3WnTg-kfXszPFqJuEnDnp9zFm6Ge3YozvzO_JStIEPio_p5nYsr76ORblfNZA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2029183562%3A1714099255374098&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-chRbccE-jbWc9skOFCqOKg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| pogothere.xyz/ | 104.21.24.208 | 200 OK | 206 kB |
IP104.21.24.208:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
File typeASCII text, with no line terminators Size206 kB (205831 bytes) Hash0336a43024b27192d6c10b25f116518f 1a23fda69e8069e5f3bf938fc72d8a4de24c9800 cb9ca7b318aa80e1ad7a0c86999fca76d6bd061ac8cb45843da2f75d07ce3b14
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:55 GMT
content-type: text/plain
set-cookie: csu=1350162889297264@1@1714099255; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://cutwin.org
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wkm7ma%2Bz8R%2ByYfizi36LqBkwf8oShD1xh0hlS4nBN%2FV%2BnXLcwqYJ6B6PpL0lYtolQ5d8hEe3Bzj6KTOeg7lxuyzm0DiI2ugBxsCeYIqXKxydju2xpqjeOh2apASUk%2Fdf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335f7dda0b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx0yIrhEf3kt3WnTg-kfXszPFqJuEnDnp9zFm6Ge3YozvzO_JStIEPio_p5nYsr76ORblfNZA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2029183562%3A1714099255374098&theme=mn&ddm=0 | 108.177.14.84 | 403 Forbidden | 54 kB |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx0yIrhEf3kt3WnTg-kfXszPFqJuEnDnp9zFm6Ge3YozvzO_JStIEPio_p5nYsr76ORblfNZA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2029183562%3A1714099255374098&theme=mn&ddm=0 IP108.177.14.84:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (37197) Hashda4a7462c188d88e7fd80d529c045d56 7ad3a61ac65aa7c46aa7d2e60c3f1501e383d043 7e5cd9f6b43624229476b0e525381af62febd3f0898313950e394bebfa0befc1
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQx0yIrhEf3kt3WnTg-kfXszPFqJuEnDnp9zFm6Ge3YozvzO_JStIEPio_p5nYsr76ORblfNZA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-2029183562%3A1714099255374098&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-Y9VpO2U2TgsmiUQaJ05VEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js | 142.250.74.35 | 200 OK | 206 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP142.250.74.35:443
Requested byhttps://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205803 bytes) Hashe2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 20:51:00 GMT
expires: Thu, 24 Apr 2025 20:51:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 107395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:43:03 GMT
expires: Fri, 25 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 86273
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/api2/logo_48.png | 142.250.74.35 | 200 OK | 2.2 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/api2/logo_48.png IP142.250.74.35:443
Requested byhttps://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced Hashef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:54:07 GMT
expires: Thu, 02 May 2024 02:54:07 GMT
cache-control: public, max-age=604800
age: 85609
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m | 142.250.74.131 | 200 OK | 206 kB |
URL GET HTTP/3www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m IP142.250.74.131:443
Requested byhttps://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f CertificateIssuerGoogle Trust Services LLC Subjectmisc.google.com FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6 ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT
File typeJavaScript source, ASCII text, with very long lines (631) Size206 kB (205913 bytes) Hashe4eb924eec164dfe5fb43e5d8e6b2a2f 582bad0eac6440aa49632ca1e24d7a52a89d7d92 428ed37cf336160c986f3c470a345bd9790e95d119cfb794767637df59eb3a59
GET /recaptcha/api2/webworker.js?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Apr 2024 02:40:56 GMT
date: Fri, 26 Apr 2024 02:40:56 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js | 142.250.74.164 | 200 OK | 7.4 kB |
URL GET HTTP/2www.google.com/js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js IP142.250.74.164:443
Requested byhttps://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File typeJavaScript source, ASCII text, with very long lines (17602) Hasha881e4c268e13ad20405ae80fca4c36b dee477906e2c92b4c7747029a2409069b9b676ad 63d2e26aa68933bac804050c4e0f0293f1f97e927ad4a79ac9e6a0e8b310fb77
GET /js/bg/Y9LiaqaJM7rIBAUMTg8Ck_H5fpJ61Keayeag6LMQ-3c.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 05:05:57 GMT
expires: Thu, 24 Apr 2025 05:05:57 GMT
cache-control: public, max-age=31536000
age: 164099
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cloudflareinsights.com/cdn-cgi/rum | 104.16.79.73 | 200 OK | 25 kB |
URL OPTIONS HTTP/2cloudflareinsights.com/cdn-cgi/rum IP104.16.79.73:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cutwin.org/
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:56 GMT
content-type: text/plain
access-control-allow-origin: https://cutwin.org
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87a336000a1556a4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cloudflareinsights.com/cdn-cgi/rum | 104.16.79.73 | 200 OK | 206 kB |
URL OPTIONS HTTP/2cloudflareinsights.com/cdn-cgi/rum IP104.16.79.73:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcloudflareinsights.com Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00 ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT
File typegzip compressed data, max compression Size206 kB (205803 bytes) Hasha484f2f3418f65b8214cbcd3e4a31057 5c002c51b67db40f88b6895a5d5caa67608a65ce 79cbe928773386d07f0127f256f383debed5ccea5ff230465bf46ec7c87319d6
POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1022
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:56 GMT
server: cloudflare
cf-ray: 87a336001a2b56a4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| cutwin.org/favicon.ico | 104.21.42.54 | 200 OK | 198 B |
IP104.21.42.54:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 2 colors Hashc6acedaff906029fc5455d9ec52c7f42 92cbd806ca421aa2c9ff5e1ff76bbc20913a2f81 9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
GET /favicon.ico HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0cc207f9-0cee-4464-87ae-0e3186432010%3A2%3A1; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:55 GMT
content-type: image/x-icon
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=31536000
expires: Sat, 26 Apr 2025 02:40:55 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FPpQ2Yog0eJ7JI5nnLlGKWFcrL4srAFiQA%2FkGAHJwiQC5YttlPc1du6W%2BVvUGOY4li1614pkTr8J%2FFsJxsQJc3QStLlvQc2hZ%2F6oOyC7yae%2FPvbRneEARDSpnoX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335f78cb656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css | 142.250.74.35 | 200 OK | 56 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css IP142.250.74.35:443
Requested byhttps://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 15:50:55 GMT
expires: Wed, 23 Apr 2025 15:50:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 211800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| pogothere.xyz/asd100.bin | 104.21.24.208 | 200 OK | 102 kB |
IP104.21.24.208:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectpogothere.xyz Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT
Size102 kB (102400 bytes) Hash4c6426ac7ef186464ecbb0d81cbfcb1e 5a6918eebd9d635e8f632e3ef34e3792b1b5ec13 f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
Origin: https://cutwin.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:40:55 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cutwin.org
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 02:40:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkBrETK4a693FKn%2BpaFopjoYZYRWlLtiUpLas%2B6SNBMDrceRULyUpI7PKmmjOaUKHxePMnWNCZUbxy0ClfukhKGjC7g%2BEtMK4HaS%2BkZZKqcWidqmk%2BZCaOKic2QjvXf4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a335f7dd9fb4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cutwin.org/cloud_theme/build/js/script.min.js?ver=6.6.2 | 104.21.42.54 | 200 OK | 226 kB |
URL GET HTTP/3cutwin.org/cloud_theme/build/js/script.min.js?ver=6.6.2 IP104.21.42.54:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
Size226 kB (225927 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cloud_theme/build/js/script.min.js?ver=6.6.2 HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: text/javascript
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=2592000
expires: Tue, 14 May 2024 21:34:13 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 968798
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HxzwATuhBPwvr4GN3Yk5HIRQXzpeLKdyiNvFvZ1Dftz16Ls%2BvZjOlFFRi0UsbTAuyNbeWjiYtqG8kJrG%2BtlPKZttvtoGTinvTbZFRg5anowKk0goTDhfHmTOMncI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e9986756c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| quitesousefulhe.info/cnVTaXBdSjAaTSMPPzwRJ0RiLTcKFjYhOSIsFVxAFiQVAygqAnUdGRZIalBGR0ZlTwAbEW5YVgEBMh0FAUhiTxkcEzxUVgRIYkdDRltgX15GUyZUQVQBIwgXT0R1GQQGGW5YR0NBY1BJQEBgWkBC | 104.21.13.159 | 204 No Content | 0 B |
URL GET HTTP/2quitesousefulhe.info/cnVTaXBdSjAaTSMPPzwRJ0RiLTcKFjYhOSIsFVxAFiQVAygqAnUdGRZIalBGR0ZlTwAbEW5YVgEBMh0FAUhiTxkcEzxUVgRIYkdDRltgX15GUyZUQVQBIwgXT0R1GQQGGW5YR0NBY1BJQEBgWkBC IP104.21.13.159:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectquitesousefulhe.info Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7 ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cnVTaXBdSjAaTSMPPzwRJ0RiLTcKFjYhOSIsFVxAFiQVAygqAnUdGRZIalBGR0ZlTwAbEW5YVgEBMh0FAUhiTxkcEzxUVgRIYkdDRltgX15GUyZUQVQBIwgXT0R1GQQGGW5YR0NBY1BJQEBgWkBC HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 02:40:53 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vW6EKz0XBFbLaYYWDe9yLh4yCsgoH7%2F4o6GD0lkoj6ZPi29tEfXbc%2FL0Pto7vrVRG50OGXsvmvwxqFKSZ88rDb91edurKHJeUXemVyW3yblQFBhHJ9UAqHitQzOyA4mxmZETiFvS9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335ed3f0656bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit | 142.250.74.131 | 200 OK | 921 B |
URL GET HTTP/2www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP142.250.74.131:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectmisc.google.com FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6 ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT
File typeJavaScript source, ASCII text, with very long lines (921), with no line terminators Hashb832740e618479615e7f4ec2d6d18e95 39e2c70fbc1164d6748e0314c36691c42245c53a 66b51ffa06c4662b57b6b492d53318ac5e672cd53f52ce08e2699325eb796414
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 26 Apr 2024 02:40:55 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9 | 142.250.74.131 | 200 OK | 7.4 kB |
URL GET HTTP/3www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9 IP142.250.74.131:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectmisc.google.com FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6 ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT
File typeHTML document, ASCII text, with very long lines (7678), with no line terminators Hashce0684c92e07ac0bec06a00ea6031675 bb0bdaa051554ebdefda9ed34d2296bd9197e102 b4ac2e89626b68f2bea95d61166b3a973fc814867f1e1ac128004452b0e0c35f
GET /recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9 HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:56 GMT
content-security-policy: script-src 'nonce-sL_QclYzl5yNOfSwQ-1U5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css | 142.250.74.35 | 200 OK | 56 kB |
URL GET HTTP/3www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css IP142.250.74.35:443
Requested byhttps://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeASCII text, with very long lines (56412), with no line terminators Hash2c00b9f417b688224937053cd0c284a5 17b4c18ebc129055dd25f214c3f11e03e9df2d82 1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed
GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 15:50:55 GMT
expires: Wed, 23 Apr 2025 15:50:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/css
vary: Accept-Encoding
age: 211801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzQPrx4pBZCIkMZKjCyGSIIVAv334GLaZpKAEaqCeCRjaV5hnaFPgAw3ChSvL4HjdqK7NohCQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587342406%3A1714099255361550&theme=mn&ddm=0 | 108.177.14.84 | 403 Forbidden | 0 B |
URL GET HTTP/3accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzQPrx4pBZCIkMZKjCyGSIIVAv334GLaZpKAEaqCeCRjaV5hnaFPgAw3ChSvL4HjdqK7NohCQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587342406%3A1714099255361550&theme=mn&ddm=0 IP108.177.14.84:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1 ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQzQPrx4pBZCIkMZKjCyGSIIVAv334GLaZpKAEaqCeCRjaV5hnaFPgAw3ChSvL4HjdqK7NohCQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S587342406%3A1714099255361550&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cutwin.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-Xw3X8hSkvzazMtAq6YzDNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f | 142.250.74.131 | 200 OK | 46 kB |
URL GET HTTP/3www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f IP142.250.74.131:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectmisc.google.com FingerprintD2:13:30:4E:26:7E:CA:53:A2:34:37:55:7E:91:D6:DB:95:37:A0:C6 ValidityMon, 18 Mar 2024 19:43:06 GMT - Mon, 10 Jun 2024 19:43:05 GMT
File typeHTML document, ASCII text, with very long lines (37197) Hash90e14c7435ee07dcf6573d45dbb8c8b9 c8ae4ec20cb9eca59c381adcea6036705ff89586 52ee527ceb4f1d5c2a2678cada7043dc24234f0ea3151e220fe39a945a93fa75
GET /recaptcha/api2/anchor?ar=1&k=6LcI06QpAAAAAEjka4wDgYJxh7s9AaTKWBh29kv9&co=aHR0cHM6Ly9jdXR3aW4ub3JnOjQ0Mw..&hl=en&v=V6_85qpc2Xf2sbe3xTnRte7m&size=normal&cb=gm93abgk1o7f HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 02:40:55 GMT
content-security-policy: script-src 'nonce-peP51tlgiy-CVK6uSNby3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| quitesousefulhe.info/popunder.gif | 104.21.13.159 | 200 OK | 35 B |
URL GET HTTP/3quitesousefulhe.info/popunder.gif IP104.21.13.159:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectquitesousefulhe.info Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7 ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT
File typeGIF image data, version 89a, 1 x 1 Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:53 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 90784
last-modified: Thu, 25 Apr 2024 01:27:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yzH7DRy0yc2L2NjJjgLhChy4ec2hjgjufmmt5ZvR4TqkO5v8j0MbBausj1Y4XTRSYCHnCqjGMmxynCVyi0EaiZP3lyXLqoxHkc%2BhOtu0lDKsXtH4vVMXJWZq8FbIPPOreRUnJOCZ9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a335f05a25568d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2 | 104.21.42.54 | 200 OK | 202 kB |
URL GET HTTP/3cutwin.org/cloud_theme/build/css/styles.min.css?ver=6.6.2 IP104.21.42.54:443
Requested byhttps://cutwin.org/809vdER CertificateIssuerGoogle Trust Services LLC Subjectcutwin.org Fingerprint0F:98:FD:97:ED:2E:8C:64:BC:83:A7:1A:30:2D:7D:EF:3E:36:DD:D0 ValidityThu, 14 Mar 2024 18:33:40 GMT - Wed, 12 Jun 2024 18:33:39 GMT
File typeASCII text, with very long lines (65369) Size202 kB (201672 bytes) Hash179be71d42df03ea58d6ea2785217085 82001a88284463f8e04172b8395f5a9eced37df6 a0319a0b75558303ee14a9d90af0769cd778b155206a96f14aad796c9454a454
GET /cloud_theme/build/css/styles.min.css?ver=6.6.2 HTTP/1.1
Host: cutwin.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cutwin.org/809vdER
Cookie: AppSession=8ea0099562f8fb0e2db7ea79d06b8f82; ref809vdER=ZGZkYzhlNzYyODk0MWEwM2UwYjZmOThmMTUwNWE2NTRhYTExM2RkOTJmNjNmZDMyMjVhMWViMDY0ODQzOGE3YXXbREopoQE6hSBB97bEIZ1j6YrxkQFDMK5d8YsrZ0Dz; csrfToken=32a4ad018ca33fc605bb6a44af55bbe6c8e4bcfa0129e0989bee1c67f07d391b49fd0daafefb9dc21c2d54a4d9e3561004f75a6bb5128aadd035c9b4c29273f0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:40:52 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Mon, 18 Mar 2024 01:10:53 GMT
cache-control: max-age=2592000
expires: Tue, 14 May 2024 21:34:13 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 968799
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMW8gJAgZDkvCVRvR7E3iPreKKlwOb6EeREg66KMQW4qbrbCD%2F%2FK%2Be%2BLkpdHH9DyWj4WNx5Ex03%2FyZEYt6%2FJJHcHSx6%2BvJf4ewCeYFWx33jGQR9Zmy8oAK70CB0I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a335e9886456c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|