Report - cuthub.net/8hLDI9?token=eyJpdiI6ImNXaVd6VlY1bjZFNlNoeEZQUnB6WVE9PSIsInZhbHVlIjoiTVBta0dLQ2IzcTQ1MUIvaDlaaHVLUT09IiwibWFjIjoiZDA1MzZjOTJkNjJmOGVlYmM3NGI3MWM4YzdjMmI4MzFhMWY0NDQ4NTJlNTYzMzdhNDNjNTU5ZTg1MTJjNjIzNCIsInRhZyI6IiJ9

Report Overview

Submitted URL
cuthub.net/8hLDI9?token=eyJpdiI6ImNXaVd6VlY1bjZFNlNoeEZQUnB6WVE9PSIsInZhbHVlIjoiTVBta0dLQ2IzcTQ1MUIvaDlaaHVLUT09IiwibWFjIjoiZDA1MzZjOTJkNjJmOGVlYmM3NGI3MWM4YzdjMmI4MzFhMWY0NDQ4NTJlNTYzMzdhNDNjNTU5ZTg1MTJjNjIzNCIsInRhZyI6IiJ9
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 17:47:17
Access
public
Website Title
Psychopata-H.S.7z
Final URL
cuthub.net/8hLDI9
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-26	867 B	163 kB	142.250.74.168
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-25	421 B	417 B	18.185.247.192
onservantasr.info	unknown	unknown	No data	No data	1.9 kB	5.5 kB	3.164.230.67
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20	2024-04-26	860 B	1.6 kB	216.58.211.2
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-26	470 B	207 kB	142.250.74.35
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-25	730 B	423 B	192.243.61.225
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-25	407 B	87 kB	172.67.180.87
cuthub.net	unknown	unknown	No data	No data	14 kB	880 kB	188.114.96.1
nachodusking.com	unknown	2024-02-05	2024-02-08	2024-04-21	397 B	1.2 kB	23.109.170.75
quitesousefulhe.info	unknown	2024-03-31	2024-03-31	2024-04-25	1.6 kB	1.8 kB	104.21.13.159
d16sobzswqonxq.cloudfront.net	unknown	2008-04-25	2024-04-25	2024-04-25	1.4 kB	1.9 kB	3.164.247.179
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29	2024-04-21	500 B	1.2 kB	172.67.74.218
live.demand.supply	31265	2014-06-22	2018-03-13	2024-04-25	395 B	644 B	104.17.39.115
absentcleannewspapers.com	unknown	2024-01-25	2024-01-25	2024-03-23	439 B	17 kB	192.243.61.225
pogothere.xyz	unknown	2022-08-22	2022-09-04	2024-04-25	1.2 kB	207 kB	188.114.97.1
accounts.google.com	81	1997-09-15	2016-03-20	2024-04-26	3.7 kB	11 kB	74.125.131.84
likescenesfocused.com	unknown	unknown	No data	No data	7.7 kB	95 kB	172.240.108.76
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-26	3.7 kB	209 kB	216.58.207.227
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-04-25	2.0 kB	76 kB	172.67.141.24
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	910 B	27 kB	142.250.74.106
www.recaptcha.net	2060	2007-01-06	2012-07-11	2024-04-25	452 B	1.4 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	cuthub.net/js/frontend.js?id=f7e07cec5812d52a9077	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	nachodusking.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	unseenreport.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed
2024-04-26	medium	likescenesfocused.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	cuthub.net/js/ads.js	1.5 kB	2024-04-25	2024-05-07
Pretty URL cuthub.net/js/ads.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:40:06 Last Seen2024-05-07 09:24:37 Times Seen58 Hash 663675db8bdf037ef8a96ceec4c0eaac 00a32b1173b6c96bf349f6adb7f00e0c6a24faa4 54827120728e3e7d171b392b13b3f5fe2d2ec344d6bdd491c1d44eb2760eecbe Loading...

	cuthub.net/sandbox%20eval%20code	136 B	2023-04-11	2024-05-07
Pretty URL cuthub.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-05-07 23:16:52 Times Seen31807 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	cuthub.net/8hLDI9	119 B	2023-03-08	2024-05-07
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28:47 Last Seen2024-05-07 09:24:36 Times Seen1101 Hash bbdd43a315309ebd811a1e555db11f7f 4f221fbceb33ca51ca52ebe80577f681bc8c17df 212dfa0151b22549ac14757d4e65f3909dd45c9cdb366d8bd00fd6b17b906a09 Loading...

	absentcleannewspapers.com/f3/48/f1/f348f1f4cb32736ea8b01bdf483d02ac.js	44 kB	2024-04-26	2024-04-26
Pretty URL absentcleannewspapers.com/f3/48/f1/f348f1f4cb32736ea8b01bdf483d02ac.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 19:47:24 Last Seen2024-04-26 19:47:25 Times Seen2 Hash 8ffdc88d874d39ada707dbe7553dd54f 4b77c822d9422971d2751b110a1d880ebffaaa64 e0f58a2c12961b433ce05a4135429d5199c8603c0ac8612ebdb04e38eab8f88d Loading...

	cuthub.net/8hLDI9	2.9 kB	2023-03-12	2024-05-07
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 16:23:04 Last Seen2024-05-07 09:24:36 Times Seen1746 Hash b9dd502c04f179299a891e65a107e887 8e02ecbfb34c4371548dd0213076bcbf9a2b1523 fb6d9228943aa1956f95e9e330577772a47470e279ffbf84c2bc4e4ed4885c1a Loading...

	cuthub.net/js/frontend.js?id=f7e07cec5812d52a9077	981 kB	2024-04-13	2024-05-07
Pretty URL cuthub.net/js/frontend.js?id=f7e07cec5812d52a9077 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 19:48:22 Last Seen2024-05-07 09:24:36 Times Seen64 Hash f7e07cec5812d52a9077a4baf1b4348b 669d6cfda9a2b056cebe7f5a31dfa50d7d73405e 24c59cb722ec2564f9f0ea38d57ebd2c6b66a88485aaa9035f3afd68376d4c87 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	13 kB	2023-04-05	2024-05-07
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46:03 Last Seen2024-05-07 23:16:53 Times Seen31239 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	cuthub.net/sandbox%20eval%20code	147 B	2023-04-11	2024-05-08
Pretty URL cuthub.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-08 00:07:32 Times Seen345721 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	nachodusking.com/1clkn/34742	6 B	2023-03-07	2024-05-07
Pretty URL nachodusking.com/1clkn/34742 IP 23.109.170.75 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-07 23:44:37 Times Seen14372 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	cuthub.net/8hLDI9	191 B	2023-03-08	2024-05-07
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28:47 Last Seen2024-05-07 09:24:36 Times Seen1101 Hash da30bb47614694e4cc233b287d20eb05 33483604c226b92b61915d364fd6489029cafe57 c5db272b10d5a0729fecd702bbe86f8447f72e2a10049608007c8e2646c803f8 Loading...

	unknown	601 B	2024-02-22	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-22 23:57:58 Last Seen2024-05-02 20:10:58 Times Seen40 Hash ba3bf4870a08a7ab1e39f33d64b0ab81 129f2f2978d932137b1879cb074fcc20fe69f8c5 08186b0181c419fb12088ab1d22f660761919b63c318da58703ec7b3a73cda65 Loading...

	cuthub.net/8hLDI9	554 kB	2024-04-26	2024-04-27
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 17:27:49 Last Seen2024-04-27 00:24:32 Times Seen4 Hash 50a89821047229c3db2e43718879b00a b34a23130028ee0b6dbb826b9e72a6de83cb965e fd469a937f709e7e7256458bbce217e69ed34dd8a958ad29c139af92b913588f Loading...

	cuthub.net/8hLDI9	327 B	2024-04-26	2024-04-29
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:28:24 Last Seen2024-04-29 09:37:39 Times Seen12 Hash 95a264b4999fb90b74182ae790da2039 982415a938d78bd51d5207898e19020a836d7a32 279701c3e5dbffbfaa16478e52ade8a5781707dba9edf79db24efccc9cae545b Loading...

	cuthub.net/8hLDI9	92 B	2024-04-26	2024-04-29
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:28:24 Last Seen2024-04-29 09:37:39 Times Seen12 Hash 75cadbcedc0e0df9af84f2ead3205496 599881fac19dfc85802f829549180769c1ac8814 a5edb3b23f4cfd42197cc8b6bd186cefde95f7fdbb2f94a7f08c3e22939c0e59 Loading...

	www.googletagmanager.com/gtag/js?id=UA-197252557-1	202 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-197252557-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 19:47:25 Last Seen2024-04-26 19:47:25 Times Seen2 Hash 6e8bf70d25c369b72a4bfcbc549996ff 93c3d925b2d5c0d4b89713fadd13aabed90f6012 defbbd1a0800bafbd9c5b951a2e3488b47a9b47bbb235e3249d7727b88e407e7 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-08
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-08 00:07:32 Times Seen345211 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c	250 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 19:47:25 Last Seen2024-04-26 19:47:25 Times Seen2 Hash 7c29e16755378afa6747adda13e31637 3b3f42b3f9da1ded5ebb894ce599fe1fdb7183ab 81a0a348eb5a9e3bda27d89e9d80c5cd9a42a58a56f5b06f40e399f2c444622f Loading...

	www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js	518 kB	2024-04-24	2024-05-08
Pretty URL www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 09:18:30 Last Seen2024-05-08 00:13:34 Times Seen8584 Hash e2e79d6b927169d9e0e57e3baecc0993 1299473950b2999ba0b7f39bd5e4a60eafd1819d 231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b Loading...

	cuthub.net/8hLDI9	327 B	2024-04-26	2024-04-29
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:28:24 Last Seen2024-04-29 09:37:40 Times Seen12 Hash 073c0cc7aa19d06a6627e2e51f788635 bc12a60ab799c820fa50ed14d6556f83484c1d17 a4c0ee8b9c192e09a7668fd122d8d47864873dfc91bb5a707af8235dee8822f8 Loading...

	cuthub.net/8hLDI9	92 B	2024-04-26	2024-04-29
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:28:24 Last Seen2024-04-29 09:37:40 Times Seen12 Hash e0d72f244cbfe5fc4db5d60af1a80c78 4867c646702e25784843ee265fc8f39b32b54599 a0bdf39a483c946443719ca298fa6b20de42f9228eb592123d473bcabeaf43da Loading...

	cuthub.net/8hLDI9	327 B	2024-04-26	2024-04-29
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:28:24 Last Seen2024-04-29 09:37:40 Times Seen12 Hash 400c6bb1cda106530430a604ae253e67 7214e102d0a932abbdf6da2aee67ac644f487239 b6c7db29d29a7c73fe278f32a98b075d50f43c0280b73a651ef06d2853cd467b Loading...

	cuthub.net/8hLDI9	92 B	2024-04-26	2024-04-29
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:28:24 Last Seen2024-04-29 09:37:40 Times Seen12 Hash 8e1ed54b5a7b4772e1e76d490dd1dad9 028d91c6bc5139dd234247bfd8c7ba33d5d73a9d 83ca14a4266af2e6949f3941bf21fcb2f1dc6a62f6bcfc800ebfc560e76b5be8 Loading...

	cuthub.net/8hLDI9	1.0 kB	2024-04-26	2024-04-26
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 19:47:19 Last Seen2024-04-26 19:47:25 Times Seen2 Hash e29df1dcac5a9809e07fad7fb13df9c5 3cce05219c046a11931b743a157146221779c71c 02ea2caf620eac23984259a4c887c4afcb0e1c73b4932317d0e9bce36bb7e815 Loading...

	cuthub.net/8hLDI9	155 B	2023-03-08	2024-05-07
Pretty URL cuthub.net/8hLDI9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:28:47 Last Seen2024-05-07 09:24:36 Times Seen1115 Hash a1e0d623f9e510e759498d67c8281999 65e9e9287fd8060ebb5b624463ff977040e3d154 c66a236b63a0191f0cc1cb5a3c1b675c0fb7bf7d5e56b8c5ed34d70b10059aa7 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-07
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-07 23:05:36 Times Seen2472 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit	921 B	2024-04-24	2024-05-07
Pretty URL www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 19:48:15 Last Seen2024-05-07 09:24:36 Times Seen108 Hash b832740e618479615e7f4ec2d6d18e95 39e2c70fbc1164d6748e0314c36691c42245c53a 66b51ffa06c4662b57b6b492d53318ac5e672cd53f52ce08e2699325eb796414 Loading...

		Size	First Seen	Last Seen
	#1 Write - b4266e242eff23787e7b828376d99726	181 B	2023-03-12	2024-05-07
Pretty Observations First Seen2023-03-12 13:39:50 Last Seen2024-05-07 09:24:37 Times Seen2379 Hash b4266e242eff23787e7b828376d99726 2eabaa39d5f1dfa68dd681d3489db9798b74bd73 b5fdf3f7d7a1047cf080ba3ff3eb2d0a433c1c9e2a08960fe0ba078c21935d6c Loading...

HTTP Transactions (63)

URL IP Response Size

cuthub.net/8hLDI9?token=eyJpdiI6ImNXaVd6VlY1bjZFNlNoeEZQUnB6WVE9PSIsInZhbHVlIjoiTVBta0dLQ2IzcTQ1MUIvaDlaaHVLUT09IiwibWFjIjoiZDA1MzZjOTJkNjJmOGVlYmM3NGI3MWM4YzdjMmI4MzFhMWY0NDQ4NTJlNTYzMzdhNDNjNTU5ZTg1MTJjNjIzNCIsInRhZyI6IiJ9

188.114.96.1

302 Found

12 kB

URL User Request GET HTTP/2
cuthub.net/8hLDI9?token=eyJpdiI6ImNXaVd6VlY1bjZFNlNoeEZQUnB6WVE9PSIsInZhbHVlIjoiTVBta0dLQ2IzcTQ1MUIvaDlaaHVLUT09IiwibWFjIjoiZDA1MzZjOTJkNjJmOGVlYmM3NGI3MWM4YzdjMmI4MzFhMWY0NDQ4NTJlNTYzMzdhNDNjNTU5ZTg1MTJjNjIzNCIsInRhZyI6IiJ9
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
data
Size
12 kB (11460 bytes)
Hash
b293e27292f9bc9c989a507e75e7688f
57168bf447cd6f98cd56ca261c4731aad623d060
e9e7b0767343e427b43d566a9ad87cf2695194fe7eafb790d105ec9058e4892e

HTTP Headers

GET /8hLDI9?token=eyJpdiI6ImNXaVd6VlY1bjZFNlNoeEZQUnB6WVE9PSIsInZhbHVlIjoiTVBta0dLQ2IzcTQ1MUIvaDlaaHVLUT09IiwibWFjIjoiZDA1MzZjOTJkNjJmOGVlYmM3NGI3MWM4YzdjMmI4MzFhMWY0NDQ4NTJlNTYzMzdhNDNjNTU5ZTg1MTJjNjIzNCIsInRhZyI6IiJ9 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 26 Apr 2024 17:46:49 GMT
content-type: text/html; charset=UTF-8
location: https://cuthub.net/8hLDI9
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IldsaFZUWkdyMHJpblNvSlR1STdzRXc9PSIsInZhbHVlIjoicGJTVWpVN1NTMzQwby9LSXJ1bkM0VTZBWkJ4dHF4MUpQaUV5K0h5MHpwUGZzdnZSQjJrcHNpN3JBWFZQMFBCNm91d21MbjJhM2JWZVVJbzBuclZ6Ym4zRmw1YnFINlh0NFc3UFhmU3ZQemszV3d3QmlYUTFlcjREZVliSXN5VmMiLCJtYWMiOiI4MWNhZmI3NDQxMDYyZmE0YmJhMzAxMzE3NmM5NDZjZGEzNzU5YmJlODcyYzBjOTA3ODRkZDdjOGZhZDkwNmQ2IiwidGFnIjoiIn0%3D; expires=Fri, 03-May-2024 17:46:49 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6IjFLSDRlL2RMMFdMVUVESWtrek5Ha3c9PSIsInZhbHVlIjoiRkVUM3BnWGtrQ0xVeXJYK3VEeEVjWVBqTnkrQmFoT1RTaVVjMnVnTWpzeEtFYWVvU2lya0RHdjFNOUJDZ2xUc1hZSVhObGpXTDdHWlFwRXdkQUNKTW0vWXBtY1Z0b0dieE16UGp2ZHhGdG9VWkJrbDBFckZBZzBLNGV5ZGdHbGgiLCJtYWMiOiIwM2FhZDJiZTkyYzgwYWFhMmRkMTI1NmVkZGYxMGEzMzViN2VjN2IwMTIyYjRlNjI0NmIxNDkzY2M2NTdkMWU0IiwidGFnIjoiIn0%3D; expires=Fri, 03-May-2024 17:46:49 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zKQSsd0alEqB%2BvjFan%2BwWWyCS2odmdM3cHIQGjzOykvQn%2B%2BzuoHAcDmWAw6rAZXpVL1ItkS2Z%2B%2FvHBF2jan8wQMGc%2FvqBFjxpjvFydc63NPlKeWUtdDuoBA%2Buuk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a864f8799c0b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cuthub.net/8hLDI9

188.114.96.1

200 OK

139 kB

URL User Request GET HTTP/2
cuthub.net/8hLDI9
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (58204), with CRLF, LF line terminators
Size
139 kB (139141 bytes)
Hash
df4f845d530de266f79b7d9ad7ec8eab
4040b940971ebf634f04303278a00656f6c8e652
6487c7c3dfd8af882bdae1ef34f8136a2e7a4f4ded1e53c9c7eb4b134db2208c

HTTP Headers

GET /8hLDI9 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IldsaFZUWkdyMHJpblNvSlR1STdzRXc9PSIsInZhbHVlIjoicGJTVWpVN1NTMzQwby9LSXJ1bkM0VTZBWkJ4dHF4MUpQaUV5K0h5MHpwUGZzdnZSQjJrcHNpN3JBWFZQMFBCNm91d21MbjJhM2JWZVVJbzBuclZ6Ym4zRmw1YnFINlh0NFc3UFhmU3ZQemszV3d3QmlYUTFlcjREZVliSXN5VmMiLCJtYWMiOiI4MWNhZmI3NDQxMDYyZmE0YmJhMzAxMzE3NmM5NDZjZGEzNzU5YmJlODcyYzBjOTA3ODRkZDdjOGZhZDkwNmQ2IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6IjFLSDRlL2RMMFdMVUVESWtrek5Ha3c9PSIsInZhbHVlIjoiRkVUM3BnWGtrQ0xVeXJYK3VEeEVjWVBqTnkrQmFoT1RTaVVjMnVnTWpzeEtFYWVvU2lya0RHdjFNOUJDZ2xUc1hZSVhObGpXTDdHWlFwRXdkQUNKTW0vWXBtY1Z0b0dieE16UGp2ZHhGdG9VWkJrbDBFckZBZzBLNGV5ZGdHbGgiLCJtYWMiOiIwM2FhZDJiZTkyYzgwYWFhMmRkMTI1NmVkZGYxMGEzMzViN2VjN2IwMTIyYjRlNjI0NmIxNDkzY2M2NTdkMWU0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; expires=Fri, 03-May-2024 17:46:50 GMT; Max-Age=604800; path=/; samesite=lax
upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D; expires=Fri, 03-May-2024 17:46:50 GMT; Max-Age=604800; path=/; httponly; samesite=lax
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYKB2aK%2Bc%2BYm%2F3lrwc6K%2FQoFKDg0YPFtInJ7BbJPxKPSrd3%2FuCmKm5%2B7M9K0XIC9AIPIdRQmzUYIai4ekc36XkaMEhkXzfskExk4E2hagK7XMKb1gHdtryE3XJ9w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a864fc9e600b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

nachodusking.com/1clkn/34742

23.109.170.75

200 OK

26 B

URL GET HTTP/1.1
nachodusking.com/1clkn/34742
IP
23.109.170.75:443
ASN
#7979 SERVERS-COM

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectnachodusking.com
FingerprintB8:6B:3B:CA:97:24:AD:72:AC:B6:E1:60:2E:84:A1:B5:AF:9D:83:FE
ValiditySun, 14 Apr 2024 23:31:38 GMT - Sat, 13 Jul 2024 23:31:37 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/34742 HTTP/1.1
Host: nachodusking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 17:46:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 27-Apr-2024 17:46:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 27-Apr-2024 17:46:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

www.googletagmanager.com/gtag/js?id=UA-197252557-1

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-197252557-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73256 bytes)
Hash
6e8bf70d25c369b72a4bfcbc549996ff
93c3d925b2d5c0d4b89713fadd13aabed90f6012
defbbd1a0800bafbd9c5b951a2e3488b47a9b47bbb235e3249d7727b88e407e7

HTTP Headers

GET /gtag/js?id=UA-197252557-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:51 GMT
expires: Fri, 26 Apr 2024 17:46:51 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cuthub.net/img/menu.svg

188.114.96.1

200 OK

917 B

URL GET HTTP/3
cuthub.net/img/menu.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
SVG Scalable Vector Graphics image
Size
917 B (917 bytes)
Hash
e194fab3eea9f00d5a3814c4df00ac8c
4a9760c8ec110364d025527e26730e78ae0b3ac0
3d3e6705b468cecdd78fb9a1ee6688d60e1d2c1caa0db7baa88db460315dccea

HTTP Headers

GET /img/menu.svg HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: image/svg+xml
last-modified: Tue, 24 Jan 2023 16:39:42 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S3tfFlfIUC8FeaEs5WiU4Z2m7HgapFw2qZlmhxbhlIxwb4zfYZtRKqYQX1ktnBjaRR1bp%2FiS8GvnIhWUzBxKuKhM983tRup16qTZZL4WUSbux5g9ug2Ie3DaDuv%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a865075ae456c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:49 GMT
expires: Sat, 26 Apr 2025 05:55:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 42662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:00:52 GMT
expires: Sat, 26 Apr 2025 06:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 42359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cuthub.net/js/ads.js

188.114.96.1

200 OK

16 kB

URL GET HTTP/3
cuthub.net/js/ads.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
JavaScript source, ASCII text, with very long lines (1491), with no line terminators
Size
16 kB (16385 bytes)
Hash
663675db8bdf037ef8a96ceec4c0eaac
00a32b1173b6c96bf349f6adb7f00e0c6a24faa4
54827120728e3e7d171b392b13b3f5fe2d2ec344d6bdd491c1d44eb2760eecbe

HTTP Headers

GET /js/ads.js HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 08 Apr 2024 13:27:25 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xARnbwpS6unuCafgknGgw8h%2BQkNRd8fPiimdEz4%2FcYN%2BoksBhWAqRfORSlCqX9eMcvdnjyJRVW8aAvKslc6PqoQz477bB2Ju4x8IFWU1Ezz0Ciy9VPJy%2FnDKJ4%2BM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a86507fc3256c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:00:52 GMT
expires: Sat, 26 Apr 2025 06:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 42359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

absentcleannewspapers.com/f3/48/f1/f348f1f4cb32736ea8b01bdf483d02ac.js

192.243.61.225

200 OK

16 kB

URL GET HTTP/1.1
absentcleannewspapers.com/f3/48/f1/f348f1f4cb32736ea8b01bdf483d02ac.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectabsentcleannewspapers.com
FingerprintA6:E7:75:05:4C:FA:FF:D2:F7:67:61:89:73:1B:66:32:AF:19:2F:7D
ValidityTue, 26 Mar 2024 06:03:56 GMT - Mon, 24 Jun 2024 06:03:55 GMT

File type
JavaScript source, ASCII text, with very long lines (44084), with no line terminators
Size
16 kB (15826 bytes)
Hash
8ffdc88d874d39ada707dbe7553dd54f
4b77c822d9422971d2751b110a1d880ebffaaa64
e0f58a2c12961b433ce05a4135429d5199c8603c0ac8612ebdb04e38eab8f88d

HTTP Headers

GET /f3/48/f1/f348f1f4cb32736ea8b01bdf483d02ac.js HTTP/1.1
Host: absentcleannewspapers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1e14372c861051e40d16e7ad5f8b3bb7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.185.247.192

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.247.192:443
ASN
#16509 AMAZON-02

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0136dcf202defb5272a2f0d22d8ce8f1
e9220f39f92b41f3f5f3b96bf876150d4d6796c4
4289f54f15b6dcec01216f5fdcc9e3e09b326396234151e426f9bfd6faa1201e

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cuthub.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ddc35a03-cba5-4bd6-8d3c-95489bb7d436:3:1; expires=Mon, 24 Apr 2034 17:46:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

quitesousefulhe.info/ZFNxNEpLbBJHdzYWP1opPDtIV3s2FiVaCFUGNGYFBxsrYhtUOFdAIwBuQAR4UGJDAGwUOhUJe0IgBVU+ESBMBWwNPRdbd0IlTAVkV2dfB3xKZ1dBd1V1BUQrA25AEjoQJx0Je1NiRQV/V2VABnpRag

104.21.13.159

204 No Content

0 B

URL GET HTTP/2
quitesousefulhe.info/ZFNxNEpLbBJHdzYWP1opPDtIV3s2FiVaCFUGNGYFBxsrYhtUOFdAIwBuQAR4UGJDAGwUOhUJe0IgBVU+ESBMBWwNPRdbd0IlTAVkV2dfB3xKZ1dBd1V1BUQrA25AEjoQJx0Je1NiRQV/V2VABnpRag
IP
104.21.13.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectquitesousefulhe.info
Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7
ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ZFNxNEpLbBJHdzYWP1opPDtIV3s2FiVaCFUGNGYFBxsrYhtUOFdAIwBuQAR4UGJDAGwUOhUJe0IgBVU+ESBMBWwNPRdbd0IlTAVkV2dfB3xKZ1dBd1V1BUQrA25AEjoQJx0Je1NiRQV/V2VABnpRag HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 26 Apr 2024 17:46:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqiKX7oiTfXODpsMKGetn4rw0qGls0h0ABk1sinIskd6GkC4AFmmMp36VYd5bUY1Omp%2BjI6Bg7a96eq4H%2F7F8MOjozPptNLLh8yNGTmzXCute3uiTKgvgKVVwan87ccJQNlR0cjQ8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8650b8f075684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cuthub.net/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6

188.114.96.1

200 OK

208 B

URL GET HTTP/3
cuthub.net/images/arrow-down.png?c98e5283a69cb508d054d30256af43c6
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
PNG image data, 6 x 12, 8-bit/color RGBA, non-interlaced
Size
208 B (208 bytes)
Hash
31f073499665afb237f3294219d2d7c6
c1ada0510e31f661dab66203c15a3d6c8f5468d0
59b7ad6d6f457b624e25d22959edc7c83af2ac52edba32fd6648c97af0d1780c

HTTP Headers

GET /images/arrow-down.png?c98e5283a69cb508d054d30256af43c6 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/css/frontend.css?id=2396ffb76e738e465b53
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D; ab=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: image/png
content-length: 208
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104177
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDDeom1mliOJKhSXOoCx3dosP8ggopYHV7qkUm44wc8V8mIVvIrRtVzmSkYv%2BhT02zf6uhGe4f0lWV6UrZUt1RMxzMUNi%2FnzOSmHPmr8Wjoi2a%2B9h%2FnauqqYg1z3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650c8b1556c9-OSL
alt-svc: h3=":443"; ma=86400

cuthub.net/js/frontend.js?id=f7e07cec5812d52a9077

188.114.96.1

200 OK

270 kB

URL GET HTTP/3
cuthub.net/js/frontend.js?id=f7e07cec5812d52a9077
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
270 kB (270330 bytes)
Hash
f7e07cec5812d52a9077a4baf1b4348b
669d6cfda9a2b056cebe7f5a31dfa50d7d73405e
24c59cb722ec2564f9f0ea38d57ebd2c6b66a88485aaa9035f3afd68376d4c87

Detections

Analyzer	Verdict	Alert
Public Nextron YARA rules	malware	Unique code from Jetriz, Swid & Jeniva of the Tetris framework

HTTP Headers

GET /js/frontend.js?id=f7e07cec5812d52a9077 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 08 Apr 2024 13:27:25 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqRj8E7xPc5CzxzAcQcfLvyoMgk45nm30YS92Usqh3g11vPM4j2q8mFAPlZ5FKkStkPIynPRjsSxTVdIUrkrDtGL7ExuHj5uLQ%2FKmqyP87LHxF7uV6YUXGGcR2%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a86507fc3456c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:00:52 GMT
expires: Sat, 26 Apr 2025 06:00:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 42360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

quitesousefulhe.info/Z2JDMmNIXSBBXikJK2ExCSMEVzQxGBBjKVA7cHggJTozWAUMM2VGCgNfcgJRVlJ2AUUXCycPUkERN1MXEhF+A0UODCVdXkEUfgNNVFZtAVVJVmVHXlZEN0ICAF9yFBMTFi8PUlBTdwNWVFRyAFJXUw

104.21.13.159

204 No Content

0 B

URL GET HTTP/2
quitesousefulhe.info/Z2JDMmNIXSBBXikJK2ExCSMEVzQxGBBjKVA7cHggJTozWAUMM2VGCgNfcgJRVlJ2AUUXCycPUkERN1MXEhF+A0UODCVdXkEUfgNNVFZtAVVJVmVHXlZEN0ICAF9yFBMTFi8PUlBTdwNWVFRyAFJXUw
IP
104.21.13.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectquitesousefulhe.info
Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7
ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /Z2JDMmNIXSBBXikJK2ExCSMEVzQxGBBjKVA7cHggJTozWAUMM2VGCgNfcgJRVlJ2AUUXCycPUkERN1MXEhF+A0UODCVdXkEUfgNNVFZtAVVJVmVHXlZEN0ICAF9yFBMTFi8PUlBTdwNWVFRyAFJXUw HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Fri, 26 Apr 2024 17:46:52 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MHnp02wPNtk9kysdsTIbK2xUNn3o9dHp5kKST1Npo%2FsyPv%2FCxZeK3%2BLlpL8yE8Of5dofSYXtRqZhlL%2B%2BTZjncOIWcMj6OV4vLECfT6b7hhcW32BcL2Y%2B652mYGVloqvh3g7y0vk6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8650bffab5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:04:59 GMT
expires: Sat, 26 Apr 2025 06:04:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 42113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

onservantasr.info/UWk2NFcwC1VZaDBUVBIiIwULEWUXTARyM2BfRVs1KxpBRTg/EUcaND0GQ1AxIwZYQHk/DEIRZRdZV2MBFCdbDBwSAEZlAhNZe30WJQxhYjNgK1pENgATZHEUNlBvfmccC3dmFjwud3EaFD58Vx8QMHp6FiItfEwaJAt3BBoSAGBhHQJZXXEWFABiTBJ0W3RhOxszZ00/CShnAQ4IBXt2FD0BB3EWZSd0BzwSOmQEARpYB2cfKQpEZiAEJHNdLxMrYwwGGzhFdxU5UUJjMBwgZ3wNJj5dUAEIOGRSBgNYB3ZnIQh8BhIUMUFhGhoCe2wDFw0GYDs1D3laehgqZVg4PzBnZjEWEXhcFQJcZ2FlPi5kXy8JDXBxHBIOAkYSYFlAYmQAIW4FOwQNd1AcBlhjXQ8pWXt1LiUmZVgkOw9ndhUGPHtMFGBdEF4kPgdGCTsfH1xuNTQGV1YdFShiAxo

3.164.230.67

200 OK

1.2 kB

URL GET HTTP/2
onservantasr.info/UWk2NFcwC1VZaDBUVBIiIwULEWUXTARyM2BfRVs1KxpBRTg/EUcaND0GQ1AxIwZYQHk/DEIRZRdZV2MBFCdbDBwSAEZlAhNZe30WJQxhYjNgK1pENgATZHEUNlBvfmccC3dmFjwud3EaFD58Vx8QMHp6FiItfEwaJAt3BBoSAGBhHQJZXXEWFABiTBJ0W3RhOxszZ00/CShnAQ4IBXt2FD0BB3EWZSd0BzwSOmQEARpYB2cfKQpEZiAEJHNdLxMrYwwGGzhFdxU5UUJjMBwgZ3wNJj5dUAEIOGRSBgNYB3ZnIQh8BhIUMUFhGhoCe2wDFw0GYDs1D3laehgqZVg4PzBnZjEWEXhcFQJcZ2FlPi5kXy8JDXBxHBIOAkYSYFlAYmQAIW4FOwQNd1AcBlhjXQ8pWXt1LiUmZVgkOw9ndhUGPHtMFGBdEF4kPgdGCTsfH1xuNTQGV1YdFShiAxo
IP
3.164.230.67:443
ASN
#0

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerAmazon
Subjectonservantasr.info
Fingerprint4E:0A:E9:00:74:B8:B3:C9:4F:2A:1E:4E:6D:FA:10:D6:85:BC:6F:CE
ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3050), with no line terminators
Size
1.2 kB (1198 bytes)
Hash
c2548bee5d759bdd94284d1696466b22
79aa986fea0915b976448e3b79e8118554bfca15
9cb09bff162bf17f9794af79f1dafaa53387a6d4c0c728d81ec6a9fe156e4948

HTTP Headers

GET /UWk2NFcwC1VZaDBUVBIiIwULEWUXTARyM2BfRVs1KxpBRTg/EUcaND0GQ1AxIwZYQHk/DEIRZRdZV2MBFCdbDBwSAEZlAhNZe30WJQxhYjNgK1pENgATZHEUNlBvfmccC3dmFjwud3EaFD58Vx8QMHp6FiItfEwaJAt3BBoSAGBhHQJZXXEWFABiTBJ0W3RhOxszZ00/CShnAQ4IBXt2FD0BB3EWZSd0BzwSOmQEARpYB2cfKQpEZiAEJHNdLxMrYwwGGzhFdxU5UUJjMBwgZ3wNJj5dUAEIOGRSBgNYB3ZnIQh8BhIUMUFhGhoCe2wDFw0GYDs1D3laehgqZVg4PzBnZjEWEXhcFQJcZ2FlPi5kXy8JDXBxHBIOAkYSYFlAYmQAIW4FOwQNd1AcBlhjXQ8pWXt1LiUmZVgkOw9ndhUGPHtMFGBdEF4kPgdGCTsfH1xuNTQGV1YdFShiAxo HTTP/1.1
Host: onservantasr.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 1198
date: Fri, 26 Apr 2024 17:46:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: ITK7an1_4UcXXBcJh04CbF4laYrmHrYy-7j0fnztpPmi5QXUlPNAdg==
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
89 kB (88679 bytes)
Hash
7c29e16755378afa6747adda13e31637
3b3f42b3f9da1ded5ebb894ce599fe1fdb7183ab
81a0a348eb5a9e3bda27d89e9d80c5cd9a42a58a56f5b06f40e399f2c444622f

HTTP Headers

GET /gtag/js?id=G-75C4L64NEB&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:52 GMT
expires: Fri, 26 Apr 2024 17:46:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

d16sobzswqonxq.cloudfront.net/6OXg4NWFaF1ZTXk0RXAhQCUoMBFMNXkhHBF9FW0AVUQ1aGw9cDB5fElYWSAgKej5sbRl7IFETFUMcBQVHVRlWUlwfHVZWXAheWVEDBEweQRFWEwVDE1YJUlAWUQ9SExRYRVVaG1AUVFRECz4NG1EcSggdGQhJHQYjHEoIWQhXDUAQUwkAAAM+D0wdBiMcSg-hHFxxLeQxXF0gREFMJH11WClZdCnNTCUkIBVAJSR0HUV8RSlAHVgAdBycAThYFR0xFCQ

3.164.247.179

598 B

URL
d16sobzswqonxq.cloudfront.net/6OXg4NWFaF1ZTXk0RXAhQCUoMBFMNXkhHBF9FW0AVUQ1aGw9cDB5fElYWSAgKej5sbRl7IFETFUMcBQVHVRlWUlwfHVZWXAheWVEDBEweQRFWEwVDE1YJUlAWUQ9SExRYRVVaG1AUVFRECz4NG1EcSggdGQhJHQYjHEoIWQhXDUAQUwkAAAM+D0wdBiMcSg-hHFxxLeQxXF0gREFMJH11WClZdCnNTCUkIBVAJSR0HUV8RSlAHVgAdBycAThYFR0xFCQ
IP
3.164.247.179:0
ASN
#0

File type
ASCII text, with very long lines (861), with no line terminators
Size
598 B (598 bytes)
Hash
8a8aef20a19982830b1631f6bde4243c
73bf99f1817811f4046226347b373f37e2366be0
83eaa91e29168dd5112192c823237a3777a2ac7eac022a4df553b4450c2938b8

HTTP Headers

GET /6OXg4NWFaF1ZTXk0RXAhQCUoMBFMNXkhHBF9FW0AVUQ1aGw9cDB5fElYWSAgKej5sbRl7IFETFUMcBQVHVRlWUlwfHVZWXAheWVEDBEweQRFWEwVDE1YJUlAWUQ9SExRYRVVaG1AUVFRECz4NG1EcSggdGQhJHQYjHEoIWQhXDUAQUwkAAAM+D0wdBiMcSg-hHFxxLeQxXF0gREFMJH11WClZdCnNTCUkIBVAJSR0HUV8RSlAHVgAdBycAThYFR0xFCQ HTTP/1.1
Host: d16sobzswqonxq.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onservantasr.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 598
date: Fri, 26 Apr 2024 17:46:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a89672c5bed576aaabefe419c0d5bad2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: NA6yO2lZ-qULm-kpejzhYY_FNraakYT3gLDX_T-TqCnmxbFLg9h82g==
X-Firefox-Spdy: h2

d16sobzswqonxq.cloudfront.net/0aWVENm8KCipQUB0MIAteWVd1BlpaQzRECg9YJ0MbARAmGAEMEWJcHAYLNAsDJxMubA0MCiVUJS0kEAEiTxE+UlJZQyhXAQ5YYlMBClh1EA4NB3kCSR0VK11SHxcrRwUMEixBBU8QJQsCBh8tWgMIQHZwWkdVYQRfQR11B0paJ2EEXwUMKkMXTFd0TldfOn-ICSlonYQRfGxNhBS5QU2oGRkxXdFEKCg4rE10vV3QHX1lUdAdKW1UiXx0MAytOSlsjfQBBWUMxC14

3.164.247.179

494 B

URL
d16sobzswqonxq.cloudfront.net/0aWVENm8KCipQUB0MIAteWVd1BlpaQzRECg9YJ0MbARAmGAEMEWJcHAYLNAsDJxMubA0MCiVUJS0kEAEiTxE+UlJZQyhXAQ5YYlMBClh1EA4NB3kCSR0VK11SHxcrRwUMEixBBU8QJQsCBh8tWgMIQHZwWkdVYQRfQR11B0paJ2EEXwUMKkMXTFd0TldfOn-ICSlonYQRfGxNhBS5QU2oGRkxXdFEKCg4rE10vV3QHX1lUdAdKW1UiXx0MAytOSlsjfQBBWUMxC14
IP
3.164.247.179:0
ASN
#0

File type
ASCII text, with very long lines (692), with no line terminators
Size
494 B (494 bytes)
Hash
19a17e3b528623b8ed54a8b96bd60d45
0a8c154807597fc55c9fe7d89cdb7e074f5c1fc9
7059505c9929f36026b222528e39c4853861875de09ce9268f3da6c1ac736c55

HTTP Headers

GET /0aWVENm8KCipQUB0MIAteWVd1BlpaQzRECg9YJ0MbARAmGAEMEWJcHAYLNAsDJxMubA0MCiVUJS0kEAEiTxE+UlJZQyhXAQ5YYlMBClh1EA4NB3kCSR0VK11SHxcrRwUMEixBBU8QJQsCBh8tWgMIQHZwWkdVYQRfQR11B0paJ2EEXwUMKkMXTFd0TldfOn-ICSlonYQRfGxNhBS5QU2oGRkxXdFEKCg4rE10vV3QHX1lUdAdKW1UiXx0MAytOSlsjfQBBWUMxC14 HTTP/1.1
Host: d16sobzswqonxq.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://onservantasr.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 494
date: Fri, 26 Apr 2024 17:46:52 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 a89672c5bed576aaabefe419c0d5bad2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: kbU4vZWeRYepznYT9fb2f7zzs9ntkTGbzC4RavuYPQXShqhH6X6ksQ==
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

216.58.211.2

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
216.58.211.2:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:89:D4:C8:96:C6:D4:7B:F7:49:8D:DB:57:A1:D2:5A:D1:D3:D1:B4
ValidityMon, 08 Apr 2024 06:34:54 GMT - Mon, 01 Jul 2024 06:34:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:52 GMT
expires: Fri, 26 Apr 2024 17:46:52 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 15658604683422972800
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51406
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pogothere.xyz/

188.114.97.1

200 OK

29 B

URL GET HTTP/3
pogothere.xyz/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
ASCII text, with no line terminators
Size
29 B (29 bytes)
Hash
abcd9e01b576deb02983d31d3cfbc91d
678a38f6d22dbb329c16524039e3e0315d4ab9ce
89a08ce23b973e94c240bc828871630c9b3164695f10aabe10ce36ef1ce62775

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: text/plain
set-cookie: csu=889265523548190@1@1714153612; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://cuthub.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OfkJXFn7FMdxH%2BSj8S0HknnzyzeDt78aJOqle7DO4eQDqbzoyQQs9AU8XzC4oHjJvjT6l86O15tHXhtfBtaAxp%2B2QWmDht7Kg5%2FDvHSdjIcgPf8HOueRs7N67vF0GzB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a8650b7f4eb4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14
ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:JHPTjFyRvXod9_7Wa4HNuamtwH8iFA:_xESrdLbISjmckHZ; Expires=Sun, 26-Apr-2026 17:46:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyEiw7wgG5YeOyVZF0k43Ii8V2CKGuO1W7Kiy2GjeeROiZvrFIV2UkqzluxW8beGuFX53ZH
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-Solvudwfng5WkzO3E5zSKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cuthub.net/wp-includes/images/w-logo-blue-white-bg.png

188.114.96.1

200 OK

4.1 kB

URL GET HTTP/3
cuthub.net/wp-includes/images/w-logo-blue-white-bg.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4119 bytes)
Hash
000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

HTTP Headers

GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/8hLDI9
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D; ab=2; sb_page_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_onpage_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_main_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_count_f348f1f4cb32736ea8b01bdf483d02ac=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ddc35a03-cba5-4bd6-8d3c-95489bb7d436%3A3%3A1; _ga_75C4L64NEB=GS1.1.1714153612.1.0.1714153612.0.0.0; _ga=GA1.1.1511377916.1714153613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: image/png
content-length: 4119
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
etag: "1017-5d0dca9a37e40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4586
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R87rdQmFq2vPY5RWjVcFipypx%2BFnspM2neUW9aImamwAPnp%2BisPkmTIWQuInLJP3YDZ1DlTf7uPgeFeMBHSnXPmGGux7QBvv9J9ItDu9Kw5fTBFy9qej5fDbcyCs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86511eb8656c9-OSL
alt-svc: h3=":443"; ma=86400

likescenesfocused.com/sbar.json?key=f348f1f4cb32736ea8b01bdf483d02ac

172.240.108.76

200 OK

7.4 kB

URL GET HTTP/1.1
likescenesfocused.com/sbar.json?key=f348f1f4cb32736ea8b01bdf483d02ac
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type
JSON text data
Size
7.4 kB (7411 bytes)
Hash
4916862628d1258adad48184c198da9c
aab3979a0be6d33ba8c5c1a0991a02c018a1a639
6a729983046da5c799a1c4f3b9ad245af052f875777572046ac38609856976a1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=f348f1f4cb32736ea8b01bdf483d02ac HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:53 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuthub.net
Access-Control-Allow-Origin: https://cuthub.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22256744; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 27 Apr 2024 17:46:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 521eabbadfac8644b941fcaea44b6463
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw5BfsxhNjFjv5L_jgf6ED3pRc8jjbSQ0xPrI-aW1560pacehsYDdnu_yIlnnFYCdXZLeqF

74.125.131.84

302 Found

426 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw5BfsxhNjFjv5L_jgf6ED3pRc8jjbSQ0xPrI-aW1560pacehsYDdnu_yIlnnFYCdXZLeqF
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type
HTML document, ASCII text, with very long lines (405)
Size
426 B (426 bytes)
Hash
4f6a3140dda2faaf7e7294a351f5435f
279289651fbbdf1fe8a324f2d77dd2d869c0bc43
6e2cafb544961f912c13085311495e3ea29cfa41ed19a65a675aa5f7e7fc2feb

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw5BfsxhNjFjv5L_jgf6ED3pRc8jjbSQ0xPrI-aW1560pacehsYDdnu_yIlnnFYCdXZLeqF HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:2ejwC7xRygEaSMIqgb_823dTGn_w5g:5cmNmXeHh6InObTw;Path=/;Expires=Sun, 26-Apr-2026 17:46:53 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwiqHvyE4tqLJQ6q4RZrZ2kVME4M18OtuY_Kk-jAm5lti3tmHcNBDp-3PlKNtsp4-e388my&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1979777797%3A1714153613146198&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-kJG3iVsfcmEXBtItGTvocw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 426
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyEiw7wgG5YeOyVZF0k43Ii8V2CKGuO1W7Kiy2GjeeROiZvrFIV2UkqzluxW8beGuFX53ZH

74.125.131.84

302 Found

425 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyEiw7wgG5YeOyVZF0k43Ii8V2CKGuO1W7Kiy2GjeeROiZvrFIV2UkqzluxW8beGuFX53ZH
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type
HTML document, ASCII text, with very long lines (400)
Size
425 B (425 bytes)
Hash
30c1e1b7fa81311e87f66fd225a23b70
c4bf548b5ba2dfa6ca841e0416844c0d673c1fc1
b78526aa0bde68f67bb0d886129d133dbd0e5d5dfe718f524134615b85247387

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AaSxoQyEiw7wgG5YeOyVZF0k43Ii8V2CKGuO1W7Kiy2GjeeROiZvrFIV2UkqzluxW8beGuFX53ZH HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:NdWBAx09KT2ywy2yEblf9XNcoUGEWw:wp3iJAh6NJydVVEG;Path=/;Expires=Sun, 26-Apr-2026 17:46:53 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwFyO8XRrI5ycXVbBs03Zz_PpvJTUzJXOZAxO1xkcUpwqZHiXigYeL33pELcmN9X30XtnN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705175589%3A1714153613152557&theme=mn&ddm=0
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-VebhZnDvCdtUeHXMl2O-Ww' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 425
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js

142.250.74.35

200 OK

206 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
JavaScript source, ASCII text, with very long lines (631)
Size
206 kB (205803 bytes)
Hash
e2e79d6b927169d9e0e57e3baecc0993
1299473950b2999ba0b7f39bd5e4a60eafd1819d
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b

HTTP Headers

GET /recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 205803
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 14:46:34 GMT
expires: Sat, 26 Apr 2025 14:46:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 10819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

likescenesfocused.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdPbM9E%2FcgrjESNm7WjaKepLqqelKmuqup6pqe5BRcWPYiDIviRaTzTbJBXfxz8eYinQUPC0LGizmYs3dhzzJjcPRB1Xvf%2B17B996rW%2FvujERw9HTlTb0rlaJLl1qB%2F9x7YXjZX5e5G%2FrDXvxB3Lnsm8HLy3EreN5%2FQ7BtvRQFYRCEQeivSiNSPVyakpDFveWwtRy0OlErvNTB0PwXW%2BfBUg98cEaehOSTxQfeRUjWIM%2B%2BWxF2u9TFS69nTtFSGwz40Tv5dq6rHNk8TI2HND86r4a2J6v3ofPDmVzowT%2BFiZwQ7%2Bf7SPKjc5FIBgcznYmCyJHwx1ENGgjVQNIGTN%2BE5CcEYBzXNpBnd69pU9Gdv1k6ZSdk8dGfkNWELP5%2BEXn2zRUlh%2F6mVq6UOrcYpjXksIHsNyjcMcrdBcjqGKz8CJL%2FQpYerSPPDjas0pC8nvUuZQOZNlBiBGo9uOmRHlzqwRUeMn7qszAMuwFnNOgtM9bmXZHEPAhpNw1pGMQ9ODaVN0JZjMDUCMzsoTB72JYjGPcT7FYNyz3YckK8t%2FYw4DUqQVBZgooSVJKgKgmqQX3IlY1sfZcr65Lw3Efnvl2Pddnfp4e67IucgJoRDK%2F3izNyYTofb%2FPzLWyLUz9td3ppmHZY0o667VjQXhKECU87vTYPIspgZQ1pF2Yt78oJaT37DAo5IYtf3EJCj2HVMZi8AOqeBq1q0K0au%2Fm3rkilEtYZZVtMZ%2BC6RlH%2BH%2BWOt6%2FOyFOzJV397BMI9pCcG5ipUZgaH8oHBH11e3xDV%2BTghq4s%2BX6jKGUmd%2Bl0gZslLcVjX10VO5U2fG3Fjr58lU2JaXjvbWHLdZpzmfct%2BfqK5FyYVW2YID%2Bu2XdFct3ZrSvO5K5Yv%2F7a6lpWGGGt1HkDKk%2FevwMmJ%2BSJH9ZnP%2FMF%2FzdI08C4GpmbK5W6ASv2YIt5zmoCo%2BY4KTxUrh6bKJknlSRQYo5pUsP%2BCyfzeGzo9DWV9b69jb5ZAC1vIs9qDEyNgapB1QjW%2FW9cFubhK7%2B2Z4ZELYwTZRYOEmXUndmQp9ensPLU77bbAY2XL4XdLhXdpBP10jjklEadOIpj2kZpJ%2BmLf3z8FwAAAP%2F%2FAQAA%2F%2F8xbSc8cwQAAA%3D%3D

172.240.108.76

200 OK

7 B

URL GET HTTP/1.1
likescenesfocused.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdPbM9E%2FcgrjESNm7WjaKepLqqelKmuqup6pqe5BRcWPYiDIviRaTzTbJBXfxz8eYinQUPC0LGizmYs3dhzzJjcPRB1Xvf%2B17B996rW%2FvujERw9HTlTb0rlaJLl1qB%2F9x7YXjZX5e5G%2FrDXvxB3Lnsm8HLy3EreN5%2FQ7BtvRQFYRCEQeivSiNSPVyakpDFveWwtRy0OlErvNTB0PwXW%2BfBUg98cEaehOSTxQfeRUjWIM%2B%2BWxF2u9TFS69nTtFSGwz40Tv5dq6rHNk8TI2HND86r4a2J6v3ofPDmVzowT%2BFiZwQ7%2Bf7SPKjc5FIBgcznYmCyJHwx1ENGgjVQNIGTN%2BE5CcEYBzXNpBnd69pU9Gdv1k6ZSdk8dGfkNWELP5%2BEXn2zRUlh%2F6mVq6UOrcYpjXksIHsNyjcMcrdBcjqGKz8CJL%2FQpYerSPPDjas0pC8nvUuZQOZNlBiBGo9uOmRHlzqwRUeMn7qszAMuwFnNOgtM9bmXZHEPAhpNw1pGMQ9ODaVN0JZjMDUCMzsoTB72JYjGPcT7FYNyz3YckK8t%2FYw4DUqQVBZgooSVJKgKgmqQX3IlY1sfZcr65Lw3Efnvl2Pddnfp4e67IucgJoRDK%2F3izNyYTofb%2FPzLWyLUz9td3ppmHZY0o667VjQXhKECU87vTYPIspgZQ1pF2Yt78oJaT37DAo5IYtf3EJCj2HVMZi8AOqeBq1q0K0au%2Fm3rkilEtYZZVtMZ%2BC6RlH%2BH%2BWOt6%2FOyFOzJV397BMI9pCcG5ipUZgaH8oHBH11e3xDV%2BTghq4s%2BX6jKGUmd%2Bl0gZslLcVjX10VO5U2fG3Fjr58lU2JaXjvbWHLdZpzmfct%2BfqK5FyYVW2YID%2Bu2XdFct3ZrSvO5K5Yv%2F7a6lpWGGGt1HkDKk%2FevwMmJ%2BSJH9ZnP%2FMF%2FzdI08C4GpmbK5W6ASv2YIt5zmoCo%2BY4KTxUrh6bKJknlSRQYo5pUsP%2BCyfzeGzo9DWV9b69jb5ZAC1vIs9qDEyNgapB1QjW%2FW9cFubhK7%2B2Z4ZELYwTZRYOEmXUndmQp9ensPLU77bbAY2XL4XdLhXdpBP10jjklEadOIpj2kZpJ%2BmLf3z8FwAAAP%2F%2FAQAA%2F%2F8xbSc8cwQAAA%3D%3D
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdPbM9E%2FcgrjESNm7WjaKepLqqelKmuqup6pqe5BRcWPYiDIviRaTzTbJBXfxz8eYinQUPC0LGizmYs3dhzzJjcPRB1Xvf%2B17B996rW%2FvujERw9HTlTb0rlaJLl1qB%2F9x7YXjZX5e5G%2FrDXvxB3Lnsm8HLy3EreN5%2FQ7BtvRQFYRCEQeivSiNSPVyakpDFveWwtRy0OlErvNTB0PwXW%2BfBUg98cEaehOSTxQfeRUjWIM%2B%2BWxF2u9TFS69nTtFSGwz40Tv5dq6rHNk8TI2HND86r4a2J6v3ofPDmVzowT%2BFiZwQ7%2Bf7SPKjc5FIBgcznYmCyJHwx1ENGgjVQNIGTN%2BE5CcEYBzXNpBnd69pU9Gdv1k6ZSdk8dGfkNWELP5%2BEXn2zRUlh%2F6mVq6UOrcYpjXksIHsNyjcMcrdBcjqGKz8CJL%2FQpYerSPPDjas0pC8nvUuZQOZNlBiBGo9uOmRHlzqwRUeMn7qszAMuwFnNOgtM9bmXZHEPAhpNw1pGMQ9ODaVN0JZjMDUCMzsoTB72JYjGPcT7FYNyz3YckK8t%2FYw4DUqQVBZgooSVJKgKgmqQX3IlY1sfZcr65Lw3Efnvl2Pddnfp4e67IucgJoRDK%2F3izNyYTofb%2FPzLWyLUz9td3ppmHZY0o667VjQXhKECU87vTYPIspgZQ1pF2Yt78oJaT37DAo5IYtf3EJCj2HVMZi8AOqeBq1q0K0au%2Fm3rkilEtYZZVtMZ%2BC6RlH%2BH%2BWOt6%2FOyFOzJV397BMI9pCcG5ipUZgaH8oHBH11e3xDV%2BTghq4s%2BX6jKGUmd%2Bl0gZslLcVjX10VO5U2fG3Fjr58lU2JaXjvbWHLdZpzmfct%2BfqK5FyYVW2YID%2Bu2XdFct3ZrSvO5K5Yv%2F7a6lpWGGGt1HkDKk%2FevwMmJ%2BSJH9ZnP%2FMF%2FzdI08C4GpmbK5W6ASv2YIt5zmoCo%2BY4KTxUrh6bKJknlSRQYo5pUsP%2BCyfzeGzo9DWV9b69jb5ZAC1vIs9qDEyNgapB1QjW%2FW9cFubhK7%2B2Z4ZELYwTZRYOEmXUndmQp9ensPLU77bbAY2XL4XdLhXdpBP10jjklEadOIpj2kZpJ%2BmLf3z8FwAAAP%2F%2FAQAA%2F%2F8xbSc8cwQAAA%3D%3D HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 19b3ca0f774172ab32c7664cae8c96e4
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html

172.67.74.218

200 OK

424 B

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html
IP
172.67.74.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
424 B (424 bytes)
Hash
8f7db68a89e1d8dc60358f6519a06a75
4c90d662db90c4961274adadada6df7ba828d684
c1152a95b76a3e03a00d95452e373756eb7863d31379c765673b6081a252d4ce

HTTP Headers

GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:49:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5fpr4QAZdBt%2FexGjwFWp%2F43ndov6hubkIVlSb7rLn599zfzfSPqNOAUk0pmMqBVrxHxz6unvhdvyMsiiLJ5XPUyBQ%2B7raoksdPqD37Pw%2FNNis%2BZ0Qqn544wc8MHv%2BmknsFqXKPI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8651579020b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg

172.67.141.24

200 OK

34 kB

URL GET HTTP/3
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3
Size
34 kB (33452 bytes)
Hash
fe81f0c5bf7decc9141801420933b351
4d0eba9db93c28ee21c2a1d236c8a56fc264a82c
0ab3cc529ab7582dfc32a721a3873345627640298d5507d8ef807b8dece36090

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: image/jpeg
content-length: 33452
last-modified: Thu, 01 Feb 2024 14:50:52 GMT
etag: "65bbafcc-82ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1902479
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PaEzKFevqOBnIY%2Br58a0PN%2B6bebS%2B8AxyDA3rrqMd3FTrgqWYf16N07NIiReYSd1ox0PcbGtS%2BCXOm4Levf%2BLISWQc8jEXlYrv4N5TwlO3KfE6vkwp36t5dg0jqsIeQGJZohmVKSFUz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86516bdb85684-OSL
alt-svc: h3=":443"; ma=86400

cuthub.net/img/plane.svg

188.114.96.1

200 OK

103 kB

URL GET HTTP/3
cuthub.net/img/plane.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
SVG Scalable Vector Graphics image
Size
103 kB (102811 bytes)
Hash
4f25968fc51a5e49dc1ea503d5d60e38
4221937e757eb15329dbc318092c9058044c5f73
d454583aa343d4c8aa4e42c0876b20e60c20c0b89284e4ef0c662d0426c18254

HTTP Headers

GET /img/plane.svg HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnJ2yhIBSe%2F%2BhaJkpMoZBDDYQaBKHsoHnzOk9MXcc1yQtEttOZVCQ4utkkEaGLqCF%2B6SfksJP78%2BzBoPBlpgzpOdOFXHrbYhvdbhDiKoBOf0g%2F9DPqYtO5P3Lr%2Bs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a86507fc3156c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css

172.67.141.24

200 OK

36 kB

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
36 kB (35781 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:51 GMT
etag: W/"65bbaf53-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGhMq5EoMJEsWSxlACU52ehgWkUC0BEH9RfsueCdQW3xS7zkCn3r%2Bgg%2Fss%2BEyp1vVWT1GCpikotD0riSq918m8UWI%2BNxTLDi7ZZiBoxNHV7Pn77cREu14tYir4AMkKQZHJleiLPBSG0Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86515ef19b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:49 GMT
expires: Sat, 26 Apr 2025 05:55:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 42665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:02:10 GMT
expires: Sat, 26 Apr 2025 06:02:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 42284
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=44

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=44
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fanimate.css&l=79245&fd=44 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=42
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fcss%2Fstyle.css&l=3630&fd=42 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

likescenesfocused.com/pixel/sbs?c=1

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
likescenesfocused.com/pixel/sbs?c=1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

likescenesfocused.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdM5OZiXsQ1zUSNm7WjaKepP71pEx1V1PVNT3JKbiw7EUYFsWLSOebZIO6%2BOfizUU6Cx4WhIwXczBn78KeZcbg6IOq9773vYLvvVe39v0ZacLT0ytvml2lNV1abkThc%2B%2FF8aVwXWV%2BGA57nQ867UuhHby80mlEz4dvSL5tlppRHEVxFIerysrEDJemJFR%2BbyVurESNdrMRL7cxtP%2FFzgdwNIAYnJEnocRk8UFwEYrXyNLvrki3XZj8pddTr2lhLAbi6J1sOzNlhnQeJjZAkh2dV8O4k9X7MNnhTC7M4J9CpiYk%2BPk%2BWHZ0LhJscDDTyTRkBiYeRzmoIXUNRWtwcxNKnBCAC1zbQJbevWZsSXf%2BZumUnZDFR39ClROy%2BPtFZOk3l7UahptG%2B0KZzGGYVFDDGqpfI%2FfHKHYXoMpj8OIjKPELWXq0jiw92HDaQIlq1rtSNVRSQ8sRqAvgp0cF8EkAnwdIxWnI4zjuRoLTqLfCeUt0JeuIKKbdJKZx1OnB86m8EYp8BK5H4HYPud3DthrB%2Bp%2Fgtio4EcAVExK8tYeBqFBKgtIRlJSgVARlQVAOqkOhXdNVd4V2nsXnvnnuW9XYFP19emiKvswIqB3Bimo%2FPyMXpvMJNj%2FfwrY8DZNWu5fESZuzVrPb6kjaY1HMRNLutUTUpBxOVVBuYdbyrpqQxrPPIFcTsvjFLTB6DKePwdUFUP80aFmBblXYzb71eaK0dN5q1%2BAmhTAV8uL%2FKHaCfX1Gnpot6epnn0Dyh%2BTcwG2F3Fb4UD0g6Ovb4xumJAc3TOnI9xt5oVK1S6cL3CxoIR%2F76qrcKY0Va1fc6MtX%2BZSYhvfelq5Yp5lQWd%2BRry8rIaRdNZZL8uOae1ey695tXfY28%2Fn69ddW19LcSueUyWpQdfL%2BHXA1IU%2F8sD77mS%2BEv0HZGtZXSP1cqTI1eL4Hl89zzhBYPccsD1D6amybbJ7UikDLOaasgvsXZvN4bOn0NVXVvruNvl0ALW4iSysMbIWBrkD1CM7%2Fb1zk9uErv7ZmBqYXxkzbhQOmrb4zG%2FL0%2BhROnYatSHSZTGSXyfZyO5FcsOVlFvGEs5bo9TgKN0le%2FOPjvwAAAP%2F%2FAQAA%2F%2F%2BxufLUcwQAAA%3D%3D

172.240.108.76

200 OK

7 B

URL GET HTTP/1.1
likescenesfocused.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdM5OZiXsQ1zUSNm7WjaKepP71pEx1V1PVNT3JKbiw7EUYFsWLSOebZIO6%2BOfizUU6Cx4WhIwXczBn78KeZcbg6IOq9773vYLvvVe39v0ZacLT0ytvml2lNV1abkThc%2B%2FF8aVwXWV%2BGA57nQ867UuhHby80mlEz4dvSL5tlppRHEVxFIerysrEDJemJFR%2BbyVurESNdrMRL7cxtP%2FFzgdwNIAYnJEnocRk8UFwEYrXyNLvrki3XZj8pddTr2lhLAbi6J1sOzNlhnQeJjZAkh2dV8O4k9X7MNnhTC7M4J9CpiYk%2BPk%2BWHZ0LhJscDDTyTRkBiYeRzmoIXUNRWtwcxNKnBCAC1zbQJbevWZsSXf%2BZumUnZDFR39ClROy%2BPtFZOk3l7UahptG%2B0KZzGGYVFDDGqpfI%2FfHKHYXoMpj8OIjKPELWXq0jiw92HDaQIlq1rtSNVRSQ8sRqAvgp0cF8EkAnwdIxWnI4zjuRoLTqLfCeUt0JeuIKKbdJKZx1OnB86m8EYp8BK5H4HYPud3DthrB%2Bp%2Fgtio4EcAVExK8tYeBqFBKgtIRlJSgVARlQVAOqkOhXdNVd4V2nsXnvnnuW9XYFP19emiKvswIqB3Bimo%2FPyMXpvMJNj%2FfwrY8DZNWu5fESZuzVrPb6kjaY1HMRNLutUTUpBxOVVBuYdbyrpqQxrPPIFcTsvjFLTB6DKePwdUFUP80aFmBblXYzb71eaK0dN5q1%2BAmhTAV8uL%2FKHaCfX1Gnpot6epnn0Dyh%2BTcwG2F3Fb4UD0g6Ovb4xumJAc3TOnI9xt5oVK1S6cL3CxoIR%2F76qrcKY0Va1fc6MtX%2BZSYhvfelq5Yp5lQWd%2BRry8rIaRdNZZL8uOae1ey695tXfY28%2Fn69ddW19LcSueUyWpQdfL%2BHXA1IU%2F8sD77mS%2BEv0HZGtZXSP1cqTI1eL4Hl89zzhBYPccsD1D6amybbJ7UikDLOaasgvsXZvN4bOn0NVXVvruNvl0ALW4iSysMbIWBrkD1CM7%2Fb1zk9uErv7ZmBqYXxkzbhQOmrb4zG%2FL0%2BhROnYatSHSZTGSXyfZyO5FcsOVlFvGEs5bo9TgKN0le%2FOPjvwAAAP%2F%2FAQAA%2F%2F%2BxufLUcwQAAA%3D%3D
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuzi8%2FL4KwsjcR%2BqDgPybdM5OZiXsQ1zUSNm7WjaKepP71pEx1V1PVNT3JKbiw7EUYFsWLSOebZIO6%2BOfizUU6Cx4WhIwXczBn78KeZcbg6IOq9773vYLvvVe39v0ZacLT0ytvml2lNV1abkThc%2B%2FF8aVwXWV%2BGA57nQ867UuhHby80mlEz4dvSL5tlppRHEVxFIerysrEDJemJFR%2BbyVurESNdrMRL7cxtP%2FFzgdwNIAYnJEnocRk8UFwEYrXyNLvrki3XZj8pddTr2lhLAbi6J1sOzNlhnQeJjZAkh2dV8O4k9X7MNnhTC7M4J9CpiYk%2BPk%2BWHZ0LhJscDDTyTRkBiYeRzmoIXUNRWtwcxNKnBCAC1zbQJbevWZsSXf%2BZumUnZDFR39ClROy%2BPtFZOk3l7UahptG%2B0KZzGGYVFDDGqpfI%2FfHKHYXoMpj8OIjKPELWXq0jiw92HDaQIlq1rtSNVRSQ8sRqAvgp0cF8EkAnwdIxWnI4zjuRoLTqLfCeUt0JeuIKKbdJKZx1OnB86m8EYp8BK5H4HYPud3DthrB%2Bp%2Fgtio4EcAVExK8tYeBqFBKgtIRlJSgVARlQVAOqkOhXdNVd4V2nsXnvnnuW9XYFP19emiKvswIqB3Bimo%2FPyMXpvMJNj%2FfwrY8DZNWu5fESZuzVrPb6kjaY1HMRNLutUTUpBxOVVBuYdbyrpqQxrPPIFcTsvjFLTB6DKePwdUFUP80aFmBblXYzb71eaK0dN5q1%2BAmhTAV8uL%2FKHaCfX1Gnpot6epnn0Dyh%2BTcwG2F3Fb4UD0g6Ovb4xumJAc3TOnI9xt5oVK1S6cL3CxoIR%2F76qrcKY0Va1fc6MtX%2BZSYhvfelq5Yp5lQWd%2BRry8rIaRdNZZL8uOae1ey695tXfY28%2Fn69ddW19LcSueUyWpQdfL%2BHXA1IU%2F8sD77mS%2BEv0HZGtZXSP1cqTI1eL4Hl89zzhBYPccsD1D6amybbJ7UikDLOaasgvsXZvN4bOn0NVXVvruNvl0ALW4iSysMbIWBrkD1CM7%2Fb1zk9uErv7ZmBqYXxkzbhQOmrb4zG%2FL0%2BhROnYatSHSZTGSXyfZyO5FcsOVlFvGEs5bo9TgKN0le%2FOPjvwAAAP%2F%2FAQAA%2F%2F%2BxufLUcwQAAA%3D%3D HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 910ec7dab50e3c21e0c1e75b7fa44b50
Strict-Transport-Security: max-age=0; includeSubdomains

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

216.58.211.2

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
216.58.211.2:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint30:89:D4:C8:96:C6:D4:7B:F7:49:8D:DB:57:A1:D2:5A:D1:D3:D1:B4
ValidityMon, 08 Apr 2024 06:34:54 GMT - Mon, 01 Jul 2024 06:34:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 26 Apr 2024 17:46:54 GMT
expires: Fri, 26 Apr 2024 17:46:54 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6313008392398930854
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51405
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=ddc35a03-cba5-4bd6-8d3c-95489bb7d436&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f348f1f4cb32736ea8b01bdf483d02ac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=ddc35a03-cba5-4bd6-8d3c-95489bb7d436&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f348f1f4cb32736ea8b01bdf483d02ac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=ddc35a03-cba5-4bd6-8d3c-95489bb7d436&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f348f1f4cb32736ea8b01bdf483d02ac&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a33257853e732bcd2bf1cc4e66419e94
Strict-Transport-Security: max-age=0; includeSubdomains

cuthub.net/css/frontend.css?id=2396ffb76e738e465b53

188.114.96.1

200 OK

260 kB

URL GET HTTP/3
cuthub.net/css/frontend.css?id=2396ffb76e738e465b53
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type

Size
260 kB (260376 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /css/frontend.css?id=2396ffb76e738e465b53 HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: text/css
last-modified: Wed, 21 Dec 2022 18:47:00 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 104179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9njrQPQPUTSoZ50j7qW%2FRiKt8D4HeQfY04iFfq6kDhH%2Bh8w0FzjpK1Giw0uMicqSBxe91VfINK4Rmpr4htBvXIiLJzjP6%2BtZbM4S5Nabahrr7TAUkC%2BI92v5b9e4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a865075adf56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cuthub.net/img/logo.svg

188.114.96.1

200 OK

22 kB

URL GET HTTP/3
cuthub.net/img/logo.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
SVG Scalable Vector Graphics image
Size
22 kB (22248 bytes)
Hash
1e28749acbd90e7e99a883c1890327cd
638b4525d3f0ed776db136ca1025a8961f46c9e0
d526da1f4d4af45cefd2a0d140abec2beddc3150d13c47d3de893eaa278a369d

HTTP Headers

GET /img/logo.svg HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: image/svg+xml
last-modified: Fri, 08 Apr 2022 10:55:45 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3PWm1gJMH7JXFmerWVlOncarQobIbin00ZbHn9riiFvncbokvUh%2FfSRzNeMCZb8UYoCG8QGCB%2BeNM%2BbbTE3lBLferPaTaVP5WmSVG8WUR7wxdrVtD7v7MSsMAv4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a865075ae156c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cuthub.net/img/faqs-image.svg

188.114.96.1

200 OK

38 kB

URL GET HTTP/3
cuthub.net/img/faqs-image.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type
SVG Scalable Vector Graphics image
Size
38 kB (38395 bytes)
Hash
a60b7216905928c625ae9592044476cd
e70c5be728c7bd1198100337487aafe126834ca3
9a717285429d468fadc4d25179fc6feb49e6335f3af1675fb6be1cb50e7e8322

HTTP Headers

GET /img/faqs-image.svg HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: image/svg+xml
last-modified: Fri, 13 Jan 2023 13:29:35 GMT
vary: Accept-Encoding
cache-control: max-age=2592000
cf-cache-status: HIT
age: 104178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGCKbaK3DqYjjSAgbRHwq%2F1fUCMfoD%2FVxjnKnSELGzI%2By2uu0X1uVwPqso%2FyELpGZnEVHZiuBB1%2FykMSK6weqHRjTJquColR47FGTpu830w2qkij2lxfIVyuh9ZW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a86507fc2d56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

7.0 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
16b49a99486594c0b42d9bd7821deb2c
2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 17:46:53 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

pogothere.xyz/asd100.bin

188.114.97.1

200 OK

102 kB

URL GET HTTP/3
pogothere.xyz/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cuthub.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1947
last-modified: Fri, 26 Apr 2024 17:14:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VD5qU3Ma6A6%2BeWfHyphnGONAnMyxc%2BljgdM0Fhzj0VAAdlfimyX%2F5BF4Re%2F2cU%2BsmvGYPD9vO1a04B9zrlf6V5ZJ38bHbm%2BhtDDz50yYcOfx1ArbbQLNL1x6oRRcEHmR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650bef86b4ee-OSL
alt-svc: h3=":443"; ma=86400

live.demand.supply/up.js

104.17.39.115

403 Forbidden

0 B

URL GET HTTP/2
live.demand.supply/up.js
IP
104.17.39.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Fri, 26 Apr 2024 17:46:51 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 26 Apr 2024 17:47:06 GMT
set-cookie: __cf_bm=vhdHD.hvx8KTTo7wgnszVOjBMv9h1V.d2wa3q8awKpc-1714153611-1.0.1.1-7BfsgZIOw9VpUIbeCAp4EK5dHPHN2ifh.eGVfYzZq9leN4fy4geSBG7ax6npckWl22IFQbjCf1ivEiIpkD5r0A; path=/; expires=Fri, 26-Apr-24 18:16:51 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a865099d4b1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

188.114.97.1

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectpogothere.xyz
Fingerprint34:D3:33:F8:49:E2:1E:3E:44:A8:5D:74:68:9C:B8:A0:D5:F8:DD:0B
ValidityWed, 27 Mar 2024 02:15:30 GMT - Tue, 25 Jun 2024 02:15:29 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://cuthub.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1947
last-modified: Fri, 26 Apr 2024 17:14:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0KpNPkhn29%2Fu2RxQ5QSEHuRSNIRbugj5%2FtyBY5c%2Fr%2FTy%2FbtQRMrDMVLq8rCI3sIUwTxMOruNEB15zKuF%2BKibSMX%2B6BaLmGjQXBmZLaiw9h3BHzeCb3NtgQ%2Fnz2cBw0JL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650b7f47b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap

142.250.74.106

200 OK

19 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text
Size
19 kB (19004 bytes)
Hash
e9214a1167aa27518bc869450a50706d
b5790e68611559bccd7a422ab3b63d4a9fa50c80
d2c53adf35264dffc9fb93e79e489fb00a10883c98108f57c0413a3c286fb4da

HTTP Headers

GET /css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@400;500;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 17:46:51 GMT
date: Fri, 26 Apr 2024 17:46:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=376

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=376
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Findex.html&l=1572&fd=376 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

quitesousefulhe.info/popunder.gif

104.21.13.159

200 OK

35 B

URL GET HTTP/3
quitesousefulhe.info/popunder.gif
IP
104.21.13.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectquitesousefulhe.info
Fingerprint1E:2F:3F:D7:F4:CF:87:22:89:01:91:57:22:5C:03:AF:53:C8:1D:D7
ValiditySun, 31 Mar 2024 11:30:08 GMT - Sat, 29 Jun 2024 11:30:07 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: quitesousefulhe.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 145144
last-modified: Thu, 25 Apr 2024 01:27:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxSJ3m%2FA%2BVjBZaZhCeSEYZLd4Acai%2B29NEBemQ3PO8S3q7Cc7oRYgtkvVS1N%2BEL2GGOxYilApeOEG3uSXT8ovOjOG6VzNV22WEwvF1nNowudeRJgToH3Aa3n6HeG0xhSf6DyIIo6AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86512384d56a5-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwiqHvyE4tqLJQ6q4RZrZ2kVME4M18OtuY_Kk-jAm5lti3tmHcNBDp-3PlKNtsp4-e388my&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1979777797%3A1714153613146198&theme=mn&ddm=0

74.125.131.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwiqHvyE4tqLJQ6q4RZrZ2kVME4M18OtuY_Kk-jAm5lti3tmHcNBDp-3PlKNtsp4-e388my&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1979777797%3A1714153613146198&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwiqHvyE4tqLJQ6q4RZrZ2kVME4M18OtuY_Kk-jAm5lti3tmHcNBDp-3PlKNtsp4-e388my&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1979777797%3A1714153613146198&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-RGMO-3-gkZrZw3jdd-b8Ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwFyO8XRrI5ycXVbBs03Zz_PpvJTUzJXOZAxO1xkcUpwqZHiXigYeL33pELcmN9X30XtnN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705175589%3A1714153613152557&theme=mn&ddm=0

74.125.131.84

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwFyO8XRrI5ycXVbBs03Zz_PpvJTUzJXOZAxO1xkcUpwqZHiXigYeL33pELcmN9X30XtnN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705175589%3A1714153613152557&theme=mn&ddm=0
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint01:16:A3:AE:CA:C9:AC:ED:3A:C9:AA:75:BE:C2:51:EF:65:CE:23:E1
ValidityMon, 08 Apr 2024 06:34:56 GMT - Mon, 01 Jul 2024 06:34:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AaSxoQwFyO8XRrI5ycXVbBs03Zz_PpvJTUzJXOZAxO1xkcUpwqZHiXigYeL33pELcmN9X30XtnN0&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S705175589%3A1714153613152557&theme=mn&ddm=0 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuthub.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-es7IZdWT_0CXOk8_1uHVcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
likescenesfocused.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=36
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F2%2Fjs%2Fscript.js&l=386&fd=36 HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

onservantasr.info/MUJ6OGZQIBlVWVB/GB4TQy5HHVR3Z0h+AgB0CVcESzENSQlfOgsWBV0tD1wAQy0UTEhfJw4dVHd0NWABBQwtfgd3cyBsPlpyKGAnWRM5bQl8ADx1KGkpEnAkd3s8b1ZwFC9pV1AFDQEFdQBPXiNdGy1rJ1YJH1JTQiAoVFF4BD9sIGQPGXo3ZwosagpmFxZPAHkUIG8+cCofbzB0Bjh9EVQTKH4xdDUsfCMAGzBtCnAVL2lfYgcCaj9jFCxZIQADL24gYwc5QlJ/BUt9BWIlHVwhYCowcDdoKDJ9CXgVK1A+dRc7aTNGKTt5J3xnSHoiATUeeg98ISlfS1kKPEAefScrQD53ch1qI3cPMHBXABU5VDxVARR2MnIXEXEkZwMwazQBCi9uXmMRFnkuZyU7XCRIITtsDmgEKAgedwErHgxCLRRIW1oBPGw+SQAiUQ

3.164.230.67

200 OK

3.0 kB

URL GET HTTP/2
onservantasr.info/MUJ6OGZQIBlVWVB/GB4TQy5HHVR3Z0h+AgB0CVcESzENSQlfOgsWBV0tD1wAQy0UTEhfJw4dVHd0NWABBQwtfgd3cyBsPlpyKGAnWRM5bQl8ADx1KGkpEnAkd3s8b1ZwFC9pV1AFDQEFdQBPXiNdGy1rJ1YJH1JTQiAoVFF4BD9sIGQPGXo3ZwosagpmFxZPAHkUIG8+cCofbzB0Bjh9EVQTKH4xdDUsfCMAGzBtCnAVL2lfYgcCaj9jFCxZIQADL24gYwc5QlJ/BUt9BWIlHVwhYCowcDdoKDJ9CXgVK1A+dRc7aTNGKTt5J3xnSHoiATUeeg98ISlfS1kKPEAefScrQD53ch1qI3cPMHBXABU5VDxVARR2MnIXEXEkZwMwazQBCi9uXmMRFnkuZyU7XCRIITtsDmgEKAgedwErHgxCLRRIW1oBPGw+SQAiUQ
IP
3.164.230.67:443
ASN
#0

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerAmazon
Subjectonservantasr.info
Fingerprint4E:0A:E9:00:74:B8:B3:C9:4F:2A:1E:4E:6D:FA:10:D6:85:BC:6F:CE
ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (3060), with no line terminators
Size
3.0 kB (3034 bytes)
Hash
d717827c015a21545262c58053f65d6d
02b2aff5ee6c6dd1e67186dae28b3461a6ed3345
80872c0434904f8b5dfd296f306d0d92c55f5e55e7d722b5e7307aa0aa5fd592

HTTP Headers

GET /MUJ6OGZQIBlVWVB/GB4TQy5HHVR3Z0h+AgB0CVcESzENSQlfOgsWBV0tD1wAQy0UTEhfJw4dVHd0NWABBQwtfgd3cyBsPlpyKGAnWRM5bQl8ADx1KGkpEnAkd3s8b1ZwFC9pV1AFDQEFdQBPXiNdGy1rJ1YJH1JTQiAoVFF4BD9sIGQPGXo3ZwosagpmFxZPAHkUIG8+cCofbzB0Bjh9EVQTKH4xdDUsfCMAGzBtCnAVL2lfYgcCaj9jFCxZIQADL24gYwc5QlJ/BUt9BWIlHVwhYCowcDdoKDJ9CXgVK1A+dRc7aTNGKTt5J3xnSHoiATUeeg98ISlfS1kKPEAefScrQD53ch1qI3cPMHBXABU5VDxVARR2MnIXEXEkZwMwazQBCi9uXmMRFnkuZyU7XCRIITtsDmgEKAgedwErHgxCLRRIW1oBPGw+SQAiUQ HTTP/1.1
Host: onservantasr.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1185
date: Fri, 26 Apr 2024 17:46:52 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 61fafbbf54e5560686b2d414df132838.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P1
x-amz-cf-id: v_dyxioVFFufQ3pHCqndPFFhOlaPL9UivhMII2rRCfU_rK8nv6tTcQ==
X-Firefox-Spdy: h2

likescenesfocused.com/8e/c3/c4/8ec3c46510d6cdfa39d05771966b94c1.js

172.240.108.76

200 OK

82 kB

URL GET HTTP/1.1
likescenesfocused.com/8e/c3/c4/8ec3c46510d6cdfa39d05771966b94c1.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectlikescenesfocused.com
Fingerprint72:A0:54:62:05:83:62:37:5E:DE:D5:B2:E3:9B:DD:AD:EA:C5:EA:0E
ValidityWed, 24 Apr 2024 15:04:39 GMT - Tue, 23 Jul 2024 15:04:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
82 kB (82259 bytes)
Hash
37dcf1a5b4a7d046060a00dd1c91708e
fb7b139c6edf3339f644e5a0092cdf869860e50b
d6db4cc24a86174fefd5393a6365b6faaf3b2e116b2623508ce4aba14f12a34c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /8e/c3/c4/8ec3c46510d6cdfa39d05771966b94c1.js HTTP/1.1
Host: likescenesfocused.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=22256744; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 17:46:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2931_new=1; expires=Sun, 28 Apr 2024 17:46:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0a124614f5f252f57e37ffa7bc45acd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cuthub.net/favicon.ico

188.114.96.1

302 Found

4.1 kB

URL GET HTTP/3
cuthub.net/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectcuthub.net
Fingerprint3A:19:D1:56:80:55:49:6C:9E:69:0D:D4:7F:18:8B:5F:E6:1B:17:1E
ValidityFri, 05 Apr 2024 13:58:24 GMT - Thu, 04 Jul 2024 13:58:23 GMT

File type

Size
4.1 kB (4119 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: cuthub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/8hLDI9
Cookie: XSRF-TOKEN=eyJpdiI6IkdSTmNMSEFvVFZ6KzJPdXJuZ2VGU0E9PSIsInZhbHVlIjoicFd6TVFySS84RzBtWWJkY0JjWUp6WURESEduSlA3MjJ5RndJcXBEbzNjYWNZV2NReXIwUmpCZis1eHVGNVdFaWcxckhKZlJ5M01vanRTUkh4UHBKZmxDQVpWRys3T3l4UXBNUGRNTHYxL3h5b1QzdlA4djZPUUtLbis1dy84Z2QiLCJtYWMiOiIyMDVhMWU1ZmNkOTk3YWVhOTU5NjZhMjUyY2NjN2ZkYjIwNjQ4YTk3NTg5NTlkYmZjZGEyOTYxOWFhNzM4ZTY0IiwidGFnIjoiIn0%3D; upfiles_session=eyJpdiI6InhyaGErd1ZsNWw2b1g3UHluYmMwcEE9PSIsInZhbHVlIjoicGxQZFlBSjhZOUx3aFVma0VqbnVtMzNMZWs4aSs0M0Q4ZSt5ZjR2OHBTdC9SRWJ1K3k1N0t1QlR0d3hZTEo4VnJKSG5lSVJSMmV4YlJ4TTJCZUdsemZ4Z0k4T3hmL25vcGtwcnE2WFBoUDV2aXpuNGtGVW5TeHZsUldoQm1rYlAiLCJtYWMiOiJhNzk5YzQ2YTFjZGVlYmM4ZmEyZGE1Mzk3ZTQ3YjZkMzE3NmJjOGUyNzM4YTJiZTYwOTQ4ZWRkNTAzOTQxOTM2IiwidGFnIjoiIn0%3D; ab=1; sb_page_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_onpage_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_main_f348f1f4cb32736ea8b01bdf483d02ac=1; sb_count_f348f1f4cb32736ea8b01bdf483d02ac=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ddc35a03-cba5-4bd6-8d3c-95489bb7d436%3A3%3A1; _ga_75C4L64NEB=GS1.1.1714153612.1.0.1714153612.0.0.0; _ga=GA1.1.1511377916.1714153613
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: text/html; charset=UTF-8
location: https://cuthub.net/wp-includes/images/w-logo-blue-white-bg.png
x-powered-by: PHP/8.2.15
x-ua-compatible: IE=edge
link: <https://cuthub.net/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8S%2B2m%2F4DrIV%2BzPM33a1xWbicQt8DPhmRzmsTmZtHMNF2vbnyDBfqEA1XWh%2FwaTwVmx2Ts4UEQjctpj5egvnRkQnT2T5jyFzMfHt0zjzLfqGdos5O%2BQj2eLgLsfJM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650f5f5156c9-OSL
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c3b995d2617502b45a947b043bf950d2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 26 Apr 2024 17:46:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgtyjglIOWPWEn%2FCuC8txpkcjEprtu9FYtRXfyHZz37jpWPh7PTRlfro6VD3ZdSQrevxgE7hg0kLa38k9M0onxnFqZQCm8v55RPYoemJaMxyIJnuA8QhyWKNFuPDcwWnZolP9oLXYMsw7zUB8vDCoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a8650b2b6db523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

74.125.131.84

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
74.125.131.84:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint24:73:6B:52:47:71:E2:CB:E3:4E:89:44:4B:29:D9:F4:C2:A0:F1:14
ValidityMon, 08 Apr 2024 07:33:55 GMT - Mon, 01 Jul 2024 07:33:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:LXZvHbh6xGHcaiugGG7nEbPD_M0Htw:IFLT6KTpmkGMIUar; Expires=Sun, 26-Apr-2026 17:46:53 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 26 Apr 2024 17:46:53 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AaSxoQw5BfsxhNjFjv5L_jgf6ED3pRc8jjbSQ0xPrI-aW1560pacehsYDdnu_yIlnnFYCdXZLeqF
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-0Ukj7oX_1ayQ8J-mBZ3Gyw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js

172.67.141.24

200 OK

386 B

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (399), with no line terminators
Size
386 B (386 bytes)
Hash
022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:48:54 GMT
etag: W/"65bbaf56-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBWAVzWQQYmEIYddxlUEz28MF4JsXNJkZzbrpgXfNWZVROX3%2Fv5ZjcA5%2FJe8rJ3ka7IcRjiqxoSu4r3MFaBMU7B79VxlCTArap5NbM9oXzvxzsx9wWAdkGvJUuNWJyRmvm9vS9n4yOQq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86515ef1cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

142.250.74.131

200 OK

921 B

URL GET HTTP/2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectmisc.google.com
Fingerprint25:6F:4D:A3:F9:83:CC:45:3B:9E:3E:C7:4E:40:67:1B:52:29:34:F5
ValidityMon, 08 Apr 2024 06:40:24 GMT - Mon, 01 Jul 2024 06:40:23 GMT

File type
JavaScript source, ASCII text, with very long lines (921), with no line terminators
Size
921 B (921 bytes)
Hash
b832740e618479615e7f4ec2d6d18e95
39e2c70fbc1164d6748e0314c36691c42245c53a
66b51ffa06c4662b57b6b492d53318ac5e672cd53f52ce08e2699325eb796414

HTTP Headers

GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 26 Apr 2024 17:46:52 GMT
date: Fri, 26 Apr 2024 17:46:52 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css

172.67.141.24

200 OK

3.6 kB

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuthub.net/8hLDI9
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (3854), with no line terminators
Size
3.6 kB (3630 bytes)
Hash
1ef6c40dc9237f64e46f930e4b26d112
7e94a725845a7101b17bfc0ff488e27c12060c1d
e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuthub.net
DNT: 1
Connection: keep-alive
Referer: https://cuthub.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 17:46:53 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:48:51 GMT
etag: W/"65bbaf53-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huH0KzgVb%2BsZZDflmUh0tkdJeDavz%2B92avQ0crhRM5llEc2WkG254KJJ%2FWEjrgOmtEjU2HV03P8hbgsHWEYw6Y3qaWf60tQMZWVbDtCEvenxUWN13ok%2BmgMyxWwETQ6J9qQgKk6ofacR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a86515ef21b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML