Report - ww7.cutit.org/oxgBR?usid=15&utid=34116901617

Report Overview

Visited public
2025-05-10 05:48:33
Tags
Submit Tags
URL
ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Finishing URL
ww7.cutit.org/oxgBR?usid=15&utid=34116901617
IP / ASN
199.59.243.228
#16509 AMAZON-02
Title
cutit.org

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
parking3.parklogic.com	unknown	2007-02-28	2023-05-10	2025-05-08	1.1 kB	1.9 kB	172.232.7.47
www.google.com	7	1997-09-15	2015-05-10	2025-05-07	440 B	144 kB	142.250.74.68
afs.googleusercontent.com	12123	2008-11-17	2013-05-06	2025-05-07	1.0 kB	2.0 kB	142.250.74.33
syndicatedsearch.goog	unknown	2023-04-14	2023-09-25	2025-05-07	3.2 kB	160 kB	216.58.207.238
ww7.cutit.org	unknown	2018-03-22	2023-01-01	2025-04-24	2.2 kB	46 kB	199.59.243.228

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-10	medium	cutit.org	Sinkholed
2025-05-10	medium	cutit.org	Sinkholed
2025-05-10	medium	cutit.org	Sinkholed
2025-05-10	medium	cutit.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol105%2Cpid-bodis-gcontrol423%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.cutit.org%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D15%26utid%3D34116901617&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1041746856092539&num=0&output=afd_ads&domain_name=ww7.cutit.org&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1746856092541&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=754937097&rurl=https%3A%2F%2Fww7.cutit.org%2FoxgBR%3Fusid%3D15%26utid%3D34116901617	ScriptElement	584 B	2025-05-10	2025-05-10
Pretty URL syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol105%2Cpid-bodis-gcontrol423%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.cutit.org%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D15%26utid%3D34116901617&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1041746856092539&num=0&output=afd_ads&domain_name=ww7.cutit.org&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1746856092541&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=754937097&rurl=https%3A%2F%2Fww7.cutit.org%2FoxgBR%3Fusid%3D15%26utid%3D34116901617 IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 05:48 Last Seen2025-05-10 05:48 Times Seen1 Hash 0efe5430fabd2a70f138d3e308ca49fb 50f6f625cef13dc80251251f43265d9e20a39054 6a1af513d3a89a2b1c148241645be07d0a485fb573818229184eb8c93f67b3f5 Loading...

	ww7.cutit.org/oxgBR?usid=15&utid=34116901617	Eval	411 B	2024-05-02	2025-07-13
Pretty URL ww7.cutit.org/oxgBR?usid=15&utid=34116901617 IP 199.59.243.228 ASN #16509 AMAZON-02 Introduced by eval Embedded in HTML false Observations First Seen2024-05-02 21:46 Last Seen2025-07-13 03:55 Times Seen4135 Hash 6a4435c5df6c8a44e8f871be2d8db6df dd30da12047c2ea2b12e124b6cd43540e358aa79 f79e97fee9b4881f8fa95aa2033819020eca0e597a94dce1976fcae392397b0a Loading...

	syndicatedsearch.goog/adsense/domains/caf.js	ScriptElement	143 kB	2025-05-09	2025-05-13
Pretty URL syndicatedsearch.goog/adsense/domains/caf.js IP 216.58.207.238 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 12:21 Last Seen2025-05-13 14:59 Times Seen555 Hash 33375138d247dcc65bd9f1dd72896252 21ac61cbc62471f36c6780384a00d2429ddd8da0 6eb307bc8ce0c187f08e557a0a663f5fec55362785475232eae543e9b81d12df Loading...

	parking3.parklogic.com/page/enhance.js?pcId=7&&domain=cutit.org	ScriptElement	1.6 kB	2025-04-24	2025-06-07
Pretty URL parking3.parklogic.com/page/enhance.js?pcId=7&&domain=cutit.org IP 172.232.7.47 ASN #63949 Akamai Connected Cloud Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-24 23:57 Last Seen2025-06-07 15:56 Times Seen6 Hash 2a50484448aa79dc21012b0a2f6890f8 be158eddedc95779e8dbcabf7288f307ec0857b4 80033874b38e6f29bd68f331e2972cb714fdeed818dda1689a22d481e076dc4e Loading...

	ww7.cutit.org/oxgBR?usid=15&utid=34116901617	ScriptElement	381 B	2025-05-10	2025-05-10
Pretty URL ww7.cutit.org/oxgBR?usid=15&utid=34116901617 IP 199.59.243.228 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 05:48 Last Seen2025-05-10 05:48 Times Seen1 Hash 472119930cfcfada238734bc5269df1c e333e2c9bfa1c4e4eb83bf9f07c0b431d94ee9fc 73db8888dee60704a0ced564c37d2a75842c569ceb273ac2d692cc405fe14357 Loading...

	ww7.cutit.org/bknKjxiuN.js	ScriptElement	37 kB	2025-05-07	2025-06-12
Pretty URL ww7.cutit.org/bknKjxiuN.js IP 199.59.243.228 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-07 11:37 Last Seen2025-06-12 16:16 Times Seen191 Hash 4d0f0ddc35488fc0517868654dd7790a 47567b484a0c5f135b2d999fccdcb2bacff40d56 bc580d86c4f2715afd0b756001343d22e8a679baba9f0e058eb2b87f9df46d7e Loading...

	www.google.com/adsense/domains/caf.js?abp=1&bodis=true	ScriptElement	143 kB	2025-05-09	2025-05-13
Pretty URL www.google.com/adsense/domains/caf.js?abp=1&bodis=true IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 12:45 Last Seen2025-05-13 14:24 Times Seen293 Hash 0dd79e9d0db22c18bfe0175e086145e4 1b2e2519f4ec49e03d8e924c996a36cc4b892eba a4bfa54968927ce66fc7749f4e6a0886dcd1c670ca165d0db85bf8742259dedf Loading...

		Size	First Seen	Last Seen
	#1 Write - 6d97e450d199482764c4b78d9636bc2b	175 B	2025-03-25 19:44	2025-06-07 15:56
Pretty Observations First Seen2025-03-25 19:44 Last Seen2025-06-07 15:56 Times Seen37 Hash 6d97e450d199482764c4b78d9636bc2b 3e9ef24931506d02d0e4501ef2dcc74dbbdf02d3 e7d3e933561a8240e5d7520cd88cc32b8a7215c38bef169322bd27b89f76fa29 Loading...

HTTP Transactions (13)

URL IP Response Size

GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

142.250.74.33

200 OK

200 B

URL GET
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
142.250.74.33:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol105%2Cpid-bodis-gcontrol423%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.cutit.org%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D15%26utid%3D34116901617&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1041746856092539&num=0&output=afd_ads&domain_name=ww7.cutit.org&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1746856092541&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=754937097&rurl=https%3A%2F%2Fww7.cutit.org%2FoxgBR%3Fusid%3D15%26utid%3D34116901617
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint88:06:54:F9:FF:71:9C:F6:50:7F:58:EA:5C:98:77:FF:88:95:B5:94
ValidityMon, 21 Apr 2025 08:41:44 GMT - Mon, 14 Jul 2025 08:41:43 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
11b3089d616633ca6b73b57aa877eeb4
07632f63e06b30d9b63c97177d3a8122629bda9b
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 May 2025 22:50:43 GMT
expires: Sat, 10 May 2025 21:50:43 GMT
cache-control: public, max-age=82800
age: 25050
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=tdtm07n53zfo&cd_fexp=72717108&aqid=nOgeaMLKLdvIxdwPyN742As&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=754937097&csala=7%7C0%7C383%7C65%7C39&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=tdtm07n53zfo&cd_fexp=72717108&aqid=nOgeaMLKLdvIxdwPyN742As&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=754937097&csala=7%7C0%7C383%7C65%7C39&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
FingerprintDC:F5:98:68:53:E0:CF:EF:0C:D9:7C:BF:2E:FE:35:0F:48:72:BE:F4
ValidityMon, 21 Apr 2025 08:43:52 GMT - Mon, 14 Jul 2025 08:43:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=tdtm07n53zfo&cd_fexp=72717108&aqid=nOgeaMLKLdvIxdwPyN742As&psid=3113057640&pbt=bs&adbx=290&adby=193&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=754937097&csala=7%7C0%7C383%7C65%7C39&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.cutit.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-e4Z8z5zUBLtwhAw5IZQS5Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Sat, 10 May 2025 05:48:14 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET ww7.cutit.org/bknKjxiuN.js

199.59.243.228

200 OK

37 kB

URL GET
ww7.cutit.org/bknKjxiuN.js
IP
199.59.243.228:443
ASN
#16509 AMAZON-02

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerLet's Encrypt
Subjectww7.cutit.org
Fingerprint4B:F9:9E:4E:E1:87:0D:3D:E3:08:E3:99:98:F0:A4:7F:57:40:F0:95
ValidityThu, 01 May 2025 05:26:53 GMT - Wed, 30 Jul 2025 05:26:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (37078)
Size
37 kB (37081 bytes)
Hash
4d0f0ddc35488fc0517868654dd7790a
47567b484a0c5f135b2d999fccdcb2bacff40d56
bc580d86c4f2715afd0b756001343d22e8a679baba9f0e058eb2b87f9df46d7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bknKjxiuN.js HTTP/1.1
Host: ww7.cutit.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Cookie: parking_session=baf767fc-7a7f-4ced-9f65-7a78132e657f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 10 May 2025 05:48:11 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 37081
X-Request-Id: 339753ba-0392-4fe0-b401-35ebb9f99e15
Set-Cookie: parking_session=baf767fc-7a7f-4ced-9f65-7a78132e657f; expires=Sat, 10 May 2025 06:03:11 GMT
Connection: close

POST ww7.cutit.org/_tr

199.59.243.228

200 OK

2 B

URL POST
ww7.cutit.org/_tr
IP
199.59.243.228:443
ASN
#16509 AMAZON-02

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerLet's Encrypt
Subjectww7.cutit.org
Fingerprint4B:F9:9E:4E:E1:87:0D:3D:E3:08:E3:99:98:F0:A4:7F:57:40:F0:95
ValidityThu, 01 May 2025 05:26:53 GMT - Wed, 30 Jul 2025 05:26:52 GMT

File type
ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_tr HTTP/1.1
Host: ww7.cutit.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Content-Type: application/json
Content-Length: 1965
Origin: https://ww7.cutit.org
DNT: 1
Connection: keep-alive
Cookie: parking_session=baf767fc-7a7f-4ced-9f65-7a78132e657f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 10 May 2025 05:48:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
X-Request-Id: b741474a-8f4d-4e30-9ce7-12e8b1788acd
Set-Cookie: parking_session=baf767fc-7a7f-4ced-9f65-7a78132e657f; expires=Sat, 10 May 2025 06:03:13 GMT
Connection: close

GET syndicatedsearch.goog/adsense/domains/caf.js

216.58.207.238

200 OK

143 kB

URL GET
syndicatedsearch.goog/adsense/domains/caf.js
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol105%2Cpid-bodis-gcontrol423%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.cutit.org%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D15%26utid%3D34116901617&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1041746856092539&num=0&output=afd_ads&domain_name=ww7.cutit.org&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1746856092541&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=754937097&rurl=https%3A%2F%2Fww7.cutit.org%2FoxgBR%3Fusid%3D15%26utid%3D34116901617
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
FingerprintDC:F5:98:68:53:E0:CF:EF:0C:D9:7C:BF:2E:FE:35:0F:48:72:BE:F4
ValidityMon, 21 Apr 2025 08:43:52 GMT - Mon, 14 Jul 2025 08:43:51 GMT

File type
JavaScript source, ASCII text, with very long lines (1839)
Size
143 kB (143325 bytes)
Hash
33375138d247dcc65bd9f1dd72896252
21ac61cbc62471f36c6780384a00d2429ddd8da0
6eb307bc8ce0c187f08e557a0a663f5fec55362785475232eae543e9b81d12df

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 10 May 2025 05:48:12 GMT
expires: Sat, 10 May 2025 05:48:12 GMT
cache-control: private, max-age=3600
etag: "13353609585087419965"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol105%2Cpid-bodis-gcontrol423%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.cutit.org%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D15%26utid%3D34116901617&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1041746856092539&num=0&output=afd_ads&domain_name=ww7.cutit.org&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1746856092541&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=754937097&rurl=https%3A%2F%2Fww7.cutit.org%2FoxgBR%3Fusid%3D15%26utid%3D34116901617

216.58.207.238

200 OK

14 kB

URL GET
syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol105%2Cpid-bodis-gcontrol423%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.cutit.org%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D15%26utid%3D34116901617&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1041746856092539&num=0&output=afd_ads&domain_name=ww7.cutit.org&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1746856092541&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=754937097&rurl=https%3A%2F%2Fww7.cutit.org%2FoxgBR%3Fusid%3D15%26utid%3D34116901617
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
FingerprintDC:F5:98:68:53:E0:CF:EF:0C:D9:7C:BF:2E:FE:35:0F:48:72:BE:F4
ValidityMon, 21 Apr 2025 08:43:52 GMT - Mon, 14 Jul 2025 08:43:51 GMT

File type
HTML document, ASCII text, with very long lines (13142)
Size
14 kB (13671 bytes)
Hash
122f23704d0f655465813a6afebd4054
52942bf5c99e1e4ebea9b0570590a403180c0996
6b6398191275ed5c1292a33005dddf0f00d1def5f0d993dad4285a3f83636c8c

HTTP Headers

GET /afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol105%2Cpid-bodis-gcontrol423%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.cutit.org%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D15%26utid%3D34116901617&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1041746856092539&num=0&output=afd_ads&domain_name=ww7.cutit.org&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1746856092541&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=754937097&rurl=https%3A%2F%2Fww7.cutit.org%2FoxgBR%3Fusid%3D15%26utid%3D34116901617 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.cutit.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Sat, 10 May 2025 05:48:12 GMT
expires: Sat, 10 May 2025 05:48:12 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-ZpFgD17v64PKTy4U-HhJRg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2689
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET parking3.parklogic.com/page/enhance.js?pcId=7&&domain=cutit.org

172.232.7.47

200 OK

1.6 kB

URL GET
parking3.parklogic.com/page/enhance.js?pcId=7&&domain=cutit.org
IP
172.232.7.47:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerLet's Encrypt
Subjectenhance-lb01.parklogic.com
FingerprintA9:52:EB:46:72:F6:AB:43:E9:BC:07:14:2E:C8:58:DD:ED:1B:9A:51
ValidityMon, 31 Mar 2025 01:04:57 GMT - Sun, 29 Jun 2025 01:04:56 GMT

File type
JavaScript source, ASCII text
Size
1.6 kB (1557 bytes)
Hash
2a50484448aa79dc21012b0a2f6890f8
be158eddedc95779e8dbcabf7288f307ec0857b4
80033874b38e6f29bd68f331e2972cb714fdeed818dda1689a22d481e076dc4e

HTTP Headers

GET /page/enhance.js?pcId=7&&domain=cutit.org HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.cutit.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 05:48:13 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

GET ww7.cutit.org/oxgBR?usid=15&utid=34116901617

199.59.243.228

200 OK

1.1 kB

URL User Request GET
ww7.cutit.org/oxgBR?usid=15&utid=34116901617
IP
199.59.243.228:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectww7.cutit.org
Fingerprint4B:F9:9E:4E:E1:87:0D:3D:E3:08:E3:99:98:F0:A4:7F:57:40:F0:95
ValidityThu, 01 May 2025 05:26:53 GMT - Wed, 30 Jul 2025 05:26:52 GMT

File type
HTML document, ASCII text, with very long lines (398)
Size
1.1 kB (1130 bytes)
Hash
e82eabbf59cb9fcf4aba383f9e206d38
ff53aa6bf3ada3c610ad1c4924808825b60784da
e7a897c59a1f7e60e1a4abcd173cbd5e05dad266c20d419f5316b7a4bf804f52

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /oxgBR?usid=15&utid=34116901617 HTTP/1.1
Host: ww7.cutit.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 10 May 2025 05:48:11 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1130
X-Request-Id: baf767fc-7a7f-4ced-9f65-7a78132e657f
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_IrXoA9Aybe8dXpBtRkjdOwkKDRXHxdAiGZwy4QylpfTRg071g0uvjCMn5y1nRZ+z1WVI2Ym76Kdft+kYeXczIw==
Set-Cookie: parking_session=baf767fc-7a7f-4ced-9f65-7a78132e657f; expires=Sat, 10 May 2025 06:03:11 GMT; path=/
Connection: close

GET www.google.com/adsense/domains/caf.js?abp=1&bodis=true

142.250.74.68

200 OK

143 kB

URL GET
www.google.com/adsense/domains/caf.js?abp=1&bodis=true
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
FingerprintC0:9B:21:A5:10:36:7E:DC:25:8D:0B:AB:4B:D9:D7:AD:92:06:96:49
ValidityMon, 21 Apr 2025 08:42:35 GMT - Mon, 14 Jul 2025 08:42:34 GMT

File type
JavaScript source, ASCII text, with very long lines (1839)
Size
143 kB (143327 bytes)
Hash
0dd79e9d0db22c18bfe0175e086145e4
1b2e2519f4ec49e03d8e924c996a36cc4b892eba
a4bfa54968927ce66fc7749f4e6a0886dcd1c670ca165d0db85bf8742259dedf

HTTP Headers

GET /adsense/domains/caf.js?abp=1&bodis=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.cutit.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Sat, 10 May 2025 05:48:12 GMT
expires: Sat, 10 May 2025 05:48:12 GMT
cache-control: private, max-age=3600
etag: "9824473465680115817"
x-content-type-options: nosniff
link: <https://syndicatedsearch.goog>; rel="preconnect"
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b

142.250.74.33

200 OK

200 B

URL GET
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b
IP
142.250.74.33:443
ASN
#15169 GOOGLE

Requested by
https://syndicatedsearch.goog/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol47%2Cpid-bodis-gcontrol105%2Cpid-bodis-gcontrol423%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol162&client=dp-bodis31_3ph&r=m&hl=en&ivt=0&rpbu=https%3A%2F%2Fww7.cutit.org%2F%3Fcaf%3D1%26bpt%3D345%26usid%3D15%26utid%3D34116901617&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2390667545585912&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301431%2C17301433%2C17301436%2C17301548%2C17301266%2C72717108&format=r3&nocache=1041746856092539&num=0&output=afd_ads&domain_name=ww7.cutit.org&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1746856092541&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=922&frm=0&uio=-&cont=rs&drt=0&jsid=caf&jsv=754937097&rurl=https%3A%2F%2Fww7.cutit.org%2FoxgBR%3Fusid%3D15%26utid%3D34116901617
Certificate
IssuerGoogle Trust Services
Subject*.googleusercontent.com
Fingerprint88:06:54:F9:FF:71:9C:F6:50:7F:58:EA:5C:98:77:FF:88:95:B5:94
ValidityMon, 21 Apr 2025 08:41:44 GMT - Mon, 14 Jul 2025 08:41:43 GMT

File type
SVG Scalable Vector Graphics image
Size
200 B (200 bytes)
Hash
d47125b2ba92be53dcff07ba322ce1de
e4a70c8a133bacf1699fdfa4c10e24ed5b3e0c28
5a0687ea8c9aa404a7724490f046e30023ec6b5aa81d01ae4f225889a64174f6

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%2302198b HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://syndicatedsearch.goog/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 May 2025 11:52:32 GMT
expires: Sat, 10 May 2025 10:52:32 GMT
cache-control: public, max-age=82800
age: 64541
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET parking3.parklogic.com/page/scribe.php?pcId=7&domain=cutit.org&aId=110&pId=449&usid=15&utid=34116901617&query=null&domainJs=ww7.cutit.org&path=/oxgBR&ss=true&lp=1&tzB=UTC&wd=false&gpu=null

172.232.7.47

200 OK

0 B

URL GET
parking3.parklogic.com/page/scribe.php?pcId=7&domain=cutit.org&aId=110&pId=449&usid=15&utid=34116901617&query=null&domainJs=ww7.cutit.org&path=/oxgBR&ss=true&lp=1&tzB=UTC&wd=false&gpu=null
IP
172.232.7.47:443
ASN
#63949 Akamai Connected Cloud

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerLet's Encrypt
Subjectenhance-lb01.parklogic.com
FingerprintA9:52:EB:46:72:F6:AB:43:E9:BC:07:14:2E:C8:58:DD:ED:1B:9A:51
ValidityMon, 31 Mar 2025 01:04:57 GMT - Sun, 29 Jun 2025 01:04:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /page/scribe.php?pcId=7&domain=cutit.org&aId=110&pId=449&usid=15&utid=34116901617&query=null&domainJs=ww7.cutit.org&path=/oxgBR&ss=true&lp=1&tzB=UTC&wd=false&gpu=null HTTP/1.1
Host: parking3.parklogic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.cutit.org/
Origin: https://ww7.cutit.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 05:48:14 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

GET syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=yhujqbpgaxux&cd_fexp=72717108&aqid=nOgeaMLKLdvIxdwPyN742As&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=754937097&csala=7%7C0%7C383%7C65%7C39&lle=0&ifv=1&hpt=0

216.58.207.238

204 No Content

0 B

URL GET
syndicatedsearch.goog/afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=yhujqbpgaxux&cd_fexp=72717108&aqid=nOgeaMLKLdvIxdwPyN742As&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=754937097&csala=7%7C0%7C383%7C65%7C39&lle=0&ifv=1&hpt=0
IP
216.58.207.238:443
ASN
#15169 GOOGLE

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerGoogle Trust Services
Subjectsyndicatedsearch.goog
FingerprintDC:F5:98:68:53:E0:CF:EF:0C:D9:7C:BF:2E:FE:35:0F:48:72:BE:F4
ValidityMon, 21 Apr 2025 08:43:52 GMT - Mon, 14 Jul 2025 08:43:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /afs/gen_204?client=dp-bodis31_3ph&output=uds_ads_only&zx=yhujqbpgaxux&cd_fexp=72717108&aqid=nOgeaMLKLdvIxdwPyN742As&psid=3113057640&pbt=bv&adbx=290&adby=193&adbh=364&adbw=700&adbah=114%2C114%2C114&adbn=master-1&eawp=partner-dp-bodis31_3ph&errv=754937097&csala=7%7C0%7C383%7C65%7C39&lle=0&ifv=1&hpt=0 HTTP/1.1
Host: syndicatedsearch.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww7.cutit.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-fhrJQ4lOUTJSIc2at9p5_Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
date: Sat, 10 May 2025 05:48:14 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST ww7.cutit.org/_fd?usid=15&utid=34116901617

199.59.243.228

200 OK

6.3 kB

URL POST
ww7.cutit.org/_fd?usid=15&utid=34116901617
IP
199.59.243.228:443
ASN
#16509 AMAZON-02

Requested by
https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Certificate
IssuerLet's Encrypt
Subjectww7.cutit.org
Fingerprint4B:F9:9E:4E:E1:87:0D:3D:E3:08:E3:99:98:F0:A4:7F:57:40:F0:95
ValidityThu, 01 May 2025 05:26:53 GMT - Wed, 30 Jul 2025 05:26:52 GMT

File type
ASCII text, with very long lines (6257), with no line terminators
Size
6.3 kB (6257 bytes)
Hash
b061b65da5c3a8f6c05aeb4cbb0e13ac
f3ea6704f88913221108f1eb85731d2f259be861
27cb776d02d58465e5de1e2b4ebff8a9f0537e57af7e70415767fbca2e0e3869

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /_fd?usid=15&utid=34116901617 HTTP/1.1
Host: ww7.cutit.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww7.cutit.org/oxgBR?usid=15&utid=34116901617
Content-Type: application/json
Origin: https://ww7.cutit.org
DNT: 1
Connection: keep-alive
Cookie: parking_session=baf767fc-7a7f-4ced-9f65-7a78132e657f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/1.1 200 OK
Date: Sat, 10 May 2025 05:48:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 6257
X-Request-Id: 49a4cc14-09bd-48bf-ad42-a3ad5e4c080b
Set-Cookie: parking_session=baf767fc-7a7f-4ced-9f65-7a78132e657f; expires=Sat, 10 May 2025 06:03:12 GMT
Connection: close

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (13)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size