cutpaid.com Open in urlscan Pro
2606:4700:3035::6812:38a7 Public Scan

URL:
https://cutpaid.com/4mndFaBi
Submission: On July 04 via manual (July 4th 2020, 12:52:30 am UTC)

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 9 countries across 19 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3035::6812:38a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is cutpaid.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 7th 2019. Valid for: a year.

This is the only time cutpaid.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:303... 2606:4700:3035::6812:38a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.89.113 13.224.89.113	16509 (AMAZON-02) (AMAZON-02)
2	139.45.195.114 139.45.195.114	9002 (RETN-AS) (RETN-AS)
5	139.45.195.147 139.45.195.147	9002 (RETN-AS) (RETN-AS)
3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	54.237.125.12 54.237.125.12	14618 (AMAZON-AES) (AMAZON-AES)
2	52.222.158.164 52.222.158.164	16509 (AMAZON-02) (AMAZON-02)
2	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
1	195.181.175.46 195.181.175.46	60068 (CDN77) (CDN77)
1	139.45.195.148 139.45.195.148	9002 (RETN-AS) (RETN-AS)
2	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	158.69.248.123 158.69.248.123	16276 (OVH) (OVH)
1	148.69.64.109 148.69.64.109	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
4	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.196.87 139.45.196.87	9002 (RETN-AS) (RETN-AS)
3	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	143.204.202.6 143.204.202.6	16509 (AMAZON-02) (AMAZON-02)
4	139.45.197.162 139.45.197.162	9002 (RETN-AS) (RETN-AS)
1	104.153.197.251 104.153.197.251	53334 (TUT-AS) (TUT-AS)
2	52.208.186.41 52.208.186.41	16509 (AMAZON-02) (AMAZON-02)
1	185.49.145.157 185.49.145.157	35415 (WEBZILLA) (WEBZILLA)
55	26

8 2606:4700:3035::6812:38a7 (United States)

ASN13335 (CLOUDFLARENET, US)

cutpaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
filez.cutpaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.113 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-113.zrh50.r.cloudfront.net

d3v3bqdndm4erx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.114 (Ascension Island)

ASN9002 (RETN-AS, EU)

ofgogoatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.195.147 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.125.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

practthreat.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.158.164 (Seattle, United States)

ASN16509 (AMAZON-02, US)

breatmentbr.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)

clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.175.46 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)

www.xadsmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.148 (Ascension Island)

ASN9002 (RETN-AS, EU)

abdurantom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.248.123 (Montreal, Canada)

ASN16276 (OVH, FR)

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)

ui.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.196.87 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)

qhb01zsoiarm.l.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)

fictimruffles.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.162 (Ascension Island)

ASN9002 (RETN-AS, EU)

static.ptoahaistais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.153.197.251 (United States)

ASN53334 (TUT-AS, US)

xadsmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.186.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

e2ertt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.49.145.157 (Netherlands)

ASN35415 (WEBZILLA, NL)

perf.cdnads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	adsco.re c.adsco.re adsco.re 6.adsco.re qhb01zsoiarm.l.adsco.re qhb01zsoiarm.n.adsco.re Failed qhb01zsoiarm.s.adsco.re Failed	16 KB
8	cutpaid.com cutpaid.com filez.cutpaid.com	203 KB
5	inpagepush.com inpagepush.com	27 KB
4	ptoahaistais.com static.ptoahaistais.com	105 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	178 KB
3	histats.com s10.histats.com s4.histats.com	10 KB
3	clevernt.com clevernt.com ui.clevernt.com sender.clevernt.com	44 KB
3	google.com www.google.com	562 B
2	e2ertt.com e2ertt.com	396 B
2	xadsmart.com www.xadsmart.com xadsmart.com	9 KB
2	breatmentbr.top breatmentbr.top	409 B
2	ofgogoatan.com ofgogoatan.com	20 KB
1	cdnads.com perf.cdnads.com	323 B
1	fictimruffles.space fictimruffles.space	369 B
1	rtmark.net my.rtmark.net	769 B
1	abdurantom.com abdurantom.com	1 KB
1	practthreat.club practthreat.club	15 KB
1	cloudfront.net d3v3bqdndm4erx.cloudfront.net	53 KB
1	googleapis.com fonts.googleapis.com	876 B
55	19

	Domain	Requested by
7	cutpaid.com	cutpaid.com
5	inpagepush.com	cutpaid.com inpagepush.com
4	static.ptoahaistais.com	inpagepush.com
3	adsco.re	cutpaid.com c.adsco.re
3	fonts.gstatic.com	cutpaid.com d3v3bqdndm4erx.cloudfront.net
3	www.google.com	cutpaid.com www.gstatic.com
2	e2ertt.com
2	6.adsco.re	cutpaid.com c.adsco.re
2	c.adsco.re	www.xadsmart.com c.adsco.re
2	s10.histats.com	cutpaid.com s10.histats.com
2	breatmentbr.top	d3v3bqdndm4erx.cloudfront.net
2	ofgogoatan.com	cutpaid.com ofgogoatan.com
1	perf.cdnads.com
1	xadsmart.com	www.xadsmart.com
1	fictimruffles.space
1	qhb01zsoiarm.l.adsco.re	c.adsco.re
1	my.rtmark.net	inpagepush.com
1	sender.clevernt.com	cutpaid.com
1	ui.clevernt.com	cutpaid.com
1	s4.histats.com	s10.histats.com
1	www.gstatic.com	www.google.com
1	abdurantom.com	inpagepush.com
1	www.xadsmart.com	cutpaid.com
1	clevernt.com	cutpaid.com
1	practthreat.club	cutpaid.com
1	d3v3bqdndm4erx.cloudfront.net	cutpaid.com
1	filez.cutpaid.com	cutpaid.com
1	fonts.googleapis.com	cutpaid.com
0	qhb01zsoiarm.s.adsco.re Failed	c.adsco.re
0	qhb01zsoiarm.n.adsco.re Failed	c.adsco.re
55	30

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.histats.com

Subject Issuer	Validity	Valid
cutpaid.com CloudFlare Inc ECC CA-2	`2019-08-07` - `2020-08-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
ofgogoatan.com Let's Encrypt Authority X3	`2020-06-12` - `2020-09-10`	3 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-05-20` - `2020-08-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-06-17` - `2020-09-09`	3 months	crt.sh
practthreat.club Let's Encrypt Authority X3	`2020-06-04` - `2020-09-02`	3 months	crt.sh
breatmentbr.top Amazon	`2020-06-25` - `2021-07-25`	a year	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-02` - `2021-03-02`	a year	crt.sh
1376341044.rsc.cdn77.org Let's Encrypt Authority X3	`2020-06-27` - `2020-09-25`	3 months	crt.sh
abdurantom.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-17` - `2021-03-18`	a year	crt.sh
histats.com Let's Encrypt Authority X3	`2020-06-15` - `2020-09-13`	3 months	crt.sh
*.adsco.re COMODO RSA Organization Validation Secure Server CA	`2017-09-26` - `2020-09-25`	3 years	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-06-02` - `2020-08-31`	3 months	crt.sh
*.l.adsco.re COMODO RSA Domain Validation Secure Server CA	`2018-07-14` - `2020-07-13`	2 years	crt.sh
fictimruffles.space Amazon	`2020-06-25` - `2021-07-25`	a year	crt.sh
ptoahaistais.com Let's Encrypt Authority X3	`2020-06-07` - `2020-09-05`	3 months	crt.sh
xadsmart.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh
e2ertt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-02` - `2020-10-14`	a year	crt.sh
*.cdnads.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-06` - `2020-11-21`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://cutpaid.com/4mndFaBi
Frame ID: A0AA76A6F415A3FCA2B78C5B9CD1D2C6
Requests: 49 HTTP requests in this frame

Frame: https://breatmentbr.top/Y2Y5M0kCBFpedgJbWxU8EQoEFnslQwt1LVAQClE4BwhdXn0GFEEdKg8JTFcvEQlXR2cNA00WeyUDbmQ9UTF/WH8hJF4WeyE8UAMKJgtvWygPU3tqDhNDC3UIMjMKfTAPMXxLDAwiaFwgIjIJVh0yL1BjHjE8bHcYVyhOSwUFDE4ACiYSSVUzBDZ/dB8XAEELDi0cc1gIISMAeA0qIH1aDFE2bAMNLDFoAwsiEUF9HTYtbAEmBQR8ZQ4FMU1DGBsVDHwjIiB4WSoSK2wGDyQIQUEeG14Lfx0ULmwBORMoeFwfBTFNQwsiMABSewgybAE5Ewd/QDkCMQl0EQ9LAAooUQ1ycSAEV2lxPjcpU3o+K1d3QgFRHmBiETkXWwN8JgdxdjAiEXACBzseY30RUhRYYioFK0NLcTQzYBZ7JTZ9XAgkPn8LKFIVb34KEFR7WwdaB0EKHTE+Y0MtUl9xUg4TVWFmLVoHC1gQJRwNBwIULG1SIVoVbnYPUQdUCgciVGwKKA8Of3wdWhdsWxsLNm4HAzIcCQsZFF92Yx4LE252AFUHfQMZMSJOCwYUQFNAJg0WBFYAEjJYZxAHIQ
Frame ID: 106A89F2BA7FEBA562C1F54F363C85E5
Requests: 1 HTTP requests in this frame

Frame: https://ofgogoatan.com/fac.php
Frame ID: 9208C6710E6D15FE054C7360EB49D400
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=normal&cb=vkszq3h1vkb7
Frame ID: 229C225ADFF8990E10FA34A37F9AE33F
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 76C2888951867E70D29D8FFF5E36A0BF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&cb=4ujt7reb7jbo
Frame ID: 9DD04EB6CD93F9EC0A361E30E1992183
Requests: 1 HTTP requests in this frame

Frame: https://static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/01493259554841.png
Frame ID: 727B8B42D3100D6F0DBDE75FAE19480D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

55
Requests

96 %
HTTPS

24 %
IPv6

19
Domains

30
Subdomains

26
IPs

9
Countries

686 kB
Transfer

1587 kB
Size

15
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v
Title: Click Here

Search URL Search Domain Scan URL

URL: http://www.histats.com/viewstats/?sid=4137781&ccid=1034

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4mndFaBi Show response
cutpaid.com/ 11 KB
5 KB 114ms
82ms Document
text/html 2606:4700:3035::6812:38a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cutpaid.com/4mndFaBi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6812:38a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6547160566e6f3388ffb19fdfc59a2d33d50cd90f2a858d53faf274f54302a7f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: cutpaid.com
:scheme: https
:path: /4mndFaBi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 04 Jul 2020 00:51:58 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6dce536d12d2e36ebd642b3995d4a8b41593823918; expires=Mon, 03-Aug-20 00:51:58 GMT; path=/; domain=.cutpaid.com; HttpOnly; SameSite=Lax; Secure AppSession=11f6rvnqiengbputhpr6rcc1j6; path=/; HttpOnly csrfToken=0e8ec61ea2cb6fc3e65f6217dd49c52b6fbb1a611b11bf1ec328a48e22a5005589762a440849c434c177e227cdd7a6d9407b1332e98c45ab3d57ad4ae45281ef; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 03b8e812980000074aab01c200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5ad4dc642d32074a-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 7 KB
876 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400

Requested by

Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e644133ebed3a87a3a6fae258b53a7f6bad71247e4e5c3a33674428b7457d039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Jul 2020 00:51:58 GMT
server: ESF
date: Sat, 04 Jul 2020 00:51:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Jul 2020 00:51:58 GMT

GET
H2 200 styles.min.css
cutpaid.com/modern_theme/build/css/ 221 KB
32 KB 12ms
12ms Stylesheet
text/css 2606:4700:3035::6812:38a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutpaid.com/modern_theme/build/css/styles.min.css?ver=5.3.0
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:38a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e0c64a56e1515d05f31b211b2d17863dcf35f0136d07f5d8901275fb9210eaa

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:51:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jun 2018 08:33:52 GMT
server: cloudflare
age: 6422
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=14400
cf-ray: 5ad4dc64bde4074a-FRA
cf-request-id: 03b8e812ef0000074aab023200000001

GET
H2 200 logo.png
filez.cutpaid.com/ 66 KB
66 KB 28ms
14ms Image
image/png 2606:4700:3035::6812:38a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://filez.cutpaid.com/logo.png
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:38a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf4e094aa8c277f5a818fc351d5a1f49366266ccb66d39fec197a82a0391c06

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:51:58 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Sep 2018 17:24:52 GMT
server: cloudflare
age: 679
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ad4dc64fe2a074a-FRA
content-length: 67727
cf-request-id: 03b8e813180000074aab02b200000001

GET
H2 200 sw.js Show response
cutpaid.com/ 78 KB
28 KB 12ms
11ms Script
application/javascript 2606:4700:3035::6812:38a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutpaid.com/sw.js
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:38a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b98b71c1cba66e4d8de3bf0c945b11de3bd0c2503658f81c2becf34ff0f995b

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:51:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 09 Jun 2020 15:26:50 GMT
server: cloudflare
age: 888
cf-polished: origSize=81139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ad4dc64ce04074a-FRA
cf-request-id: 03b8e813000000074aab026200000001
cf-bgj: minify

GET
H2 200 / Show response
d3v3bqdndm4erx.cloudfront.net/ 163 KB
53 KB 313ms
215ms Script
text/plain 13.224.89.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=827506
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.89.113 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-113.zrh50.r.cloudfront.net
Software: /
Resource Hash: f99532679c011127645be515312be1fcce770dd6be0a59c20951b14e353e7ad7

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jul 2020 00:51:59 GMT
content-encoding: gzip
x-amz-cf-pop: ZRH50-C1
status: 200
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 53559
via: 1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
x-amz-cf-id: HHbu8JcfzaNAYpnwexrS-0lgbcqJ9tDaJ43XkAmpKMCDADWeyKDKYg==

GET
H/1.1 200
OK apu.php Show response
ofgogoatan.com/ 58 KB
20 KB 62ms
19ms Script
application/javascript 139.45.195.114
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ofgogoatan.com/apu.php?zoneid=2720259

Requested by

Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.114 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

b0673ca7db6528bb7f1142f04d331961bf9516c88e10b3f47a9b809618140e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:51:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 783bed981c51a7e8b0bf4e3bdc61d6c3
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 3047698 Show response
inpagepush.com/400/ 63 KB
23 KB 64ms
19ms Script
application/javascript 139.45.195.147
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3047698

Requested by

Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.147 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

e86552e6735a0602e7c1ad0c00a58359b5dd6cccaf4b0a777f99a7d837c7ed99

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 9b1b623bf84b7c495e61a4e35d23676b
Pragma: no-cache
Date: Sat, 04 Jul 2020 00:51:58 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 ads.js Show response
cutpaid.com/js/ 106 B
173 B 12ms
8ms Script
application/javascript 2606:4700:3035::6812:38a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutpaid.com/js/ads.js
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:38a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:51:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 10 Feb 2018 22:01:22 GMT
server: cloudflare
age: 6389
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ad4dc64ee1c074a-FRA
cf-request-id: 03b8e8130c0000074aab027200000001
cf-bgj: minify

GET
H2 200 script.min.js Show response
cutpaid.com/modern_theme/build/js/ 195 KB
56 KB 17ms
14ms Script
application/javascript 2606:4700:3035::6812:38a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cutpaid.com/modern_theme/build/js/script.min.js?ver=5.3.0
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:38a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62eb8c55e05f53ef96a7daaec19f0b9bf2beee9846b83368ac423fb3297d80b4

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:51:58 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 Jun 2018 09:04:44 GMT
server: cloudflare
age: 6322
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 5ad4dc64ee1d074a-FRA
cf-request-id: 03b8e8130c0000074aab028200000001

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 742 B
562 B 16ms
14ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f0189a4bb81ed16a1ba1378928162079e8e672d770bd377c1c8a387d8a2c953

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:51:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 1; mode=block
expires: Sat, 04 Jul 2020 00:51:58 GMT

GET
H2 200 header.jpg
cutpaid.com/modern_theme/build/img/ 2 KB
3 KB 9ms
9ms Image
image/jpeg 2606:4700:3035::6812:38a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cutpaid.com/modern_theme/build/img/header.jpg
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:38a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bdf430d6fe7b2d7823fa8eaa880b55d8692c82a1aed30a893fc8402f8311f90

Request headers

Referer: https://cutpaid.com/modern_theme/build/css/styles.min.css?ver=5.3.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:51:58 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Sep 2018 18:19:12 GMT
server: cloudflare
age: 6319
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ad4dc64ee1f074a-FRA
content-length: 2524
cf-request-id: 03b8e8130d0000074aab029200000001

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://cutpaid.com

Response headers

date: Fri, 12 Jun 2020 00:14:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 1903035
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:14:43 GMT

GET
H2 200 UUtyYXkqaQEWJiQ5HkNDcyMGFQkicV1OGiQ%2FAgAQNWURDhR%2BOAVPEyJpXkMKPC1QW0h9aQEMD3NxUFNXYGleQw0wLC0IHXNxUFlLZn5CVFt9aQEUGw4iFlNba2lLVU5leURZSXwtQ1lJfH9ABRp8cxRZG3x7FFZLZypFVU9ke0BDVXMiAgxbaz8AFBws Show response
practthreat.club/ 36 KB
15 KB 335ms
109ms Script
application/javascript 54.237.125.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://practthreat.club/UUtyYXkqaQEWJiQ5HkNDcyMGFQkicV1OGiQ%2FAgAQNWURDhR%2BOAVPEyJpXkMKPC1QW0h9aQEMD3NxUFNXYGleQw0wLC0IHXNxUFlLZn5CVFt9aQEUGw4iFlNba2lLVU5leURZSXwtQ1lJfH9ABRp8cxRZG3x7FFZLZypFVU9ke0BDVXMiAgxbaz8AFBws
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/sw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.237.125.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: b1682c9244ff0f2b76cf7d98058ac470dad368fcc27a788da5966b58b95976cd

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
etag: W/"914c-mdiNRAi8wuFvV3GYI223ssxhcaA"
status: 200
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With,content-type

GET
H2 204 utx Show response
breatmentbr.top/ 0
409 B 159ms
110ms XHR
text/plain 52.222.158.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://breatmentbr.top/utx?cb=oZ59ZaV2plvz&top=cutpaid.com&tid=835783
Requested by: Host: d3v3bqdndm4erx.cloudfront.net
URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=827506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.158.164 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Jul 2020 00:52:00 GMT
via: 1.1 b7f7970e9c911e165d4cb9f70deac42a.cloudfront.net (CloudFront)
server: openresty/1.15.8.2
x-amz-cf-pop: FRA53
status: 204
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://cutpaid.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: nuOIPFe7nPEuQpDMxc0y7v5sIwdsyNV3UDdV9NnBwF8g7ljOu-7lDQ==

GET
H2 200 7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v21/ 24 KB
24 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v21/7Auwp_0qiz-afTLGLQjUwkQ.woff2

Requested by

Host: d3v3bqdndm4erx.cloudfront.net
URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=827506

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://cutpaid.com

Response headers

date: Fri, 26 Jun 2020 04:18:08 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Jun 2020 02:19:24 GMT
server: sffe
age: 678832
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24884
x-xss-protection: 0
expires: Sat, 26 Jun 2021 04:18:08 GMT

GET
H2 200 QDkCMQl0EQ9LAAooUQ1ycSAEV2lxPjcpU3o+K1d3QgFRHmBiETkXWwN8JgdxdjAiEXACBzseY30RUhRYYioFK0NLcTQzYBZ7JTZ9XAgkPn8LKFIVb34KEFR7WwdaB0EKHTE+Y0MtUl9xUg4TVWFmLVoHC1gQJRwNBwIULG1SIVoVbnYPUQdUCgciVGwKKA8Of3wdW...
breatmentbr.top/Y2Y5M0kCBFpedgJbWxU8EQoEFnslQwt1LVAQClE4BwhdXn0GFEEdKg8JTFcvEQlXR2cNA00WeyUDbmQ9UTF/WH8hJF4WeyE8UAMKJgtvWygPU3tqDhNDC3UIMjMKfTAPMXxLDAwiaFwgIjIJVh0yL1BjHjE8bHcYVyhOSwUFDE4ACiYSSVUzB... Frame 106A 0
0 218ms
194ms Document
text/html 52.222.158.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://breatmentbr.top/Y2Y5M0kCBFpedgJbWxU8EQoEFnslQwt1LVAQClE4BwhdXn0GFEEdKg8JTFcvEQlXR2cNA00WeyUDbmQ9UTF/WH8hJF4WeyE8UAMKJgtvWygPU3tqDhNDC3UIMjMKfTAPMXxLDAwiaFwgIjIJVh0yL1BjHjE8bHcYVyhOSwUFDE4ACiYSSVUzBDZ/dB8XAEELDi0cc1gIISMAeA0qIH1aDFE2bAMNLDFoAwsiEUF9HTYtbAEmBQR8ZQ4FMU1DGBsVDHwjIiB4WSoSK2wGDyQIQUEeG14Lfx0ULmwBORMoeFwfBTFNQwsiMABSewgybAE5Ewd/QDkCMQl0EQ9LAAooUQ1ycSAEV2lxPjcpU3o+K1d3QgFRHmBiETkXWwN8JgdxdjAiEXACBzseY30RUhRYYioFK0NLcTQzYBZ7JTZ9XAgkPn8LKFIVb34KEFR7WwdaB0EKHTE+Y0MtUl9xUg4TVWFmLVoHC1gQJRwNBwIULG1SIVoVbnYPUQdUCgciVGwKKA8Of3wdWhdsWxsLNm4HAzIcCQsZFF92Yx4LE252AFUHfQMZMSJOCwYUQFNAJg0WBFYAEjJYZxAHIQ
Requested by: Host: d3v3bqdndm4erx.cloudfront.net
URL: https://d3v3bqdndm4erx.cloudfront.net/?dqbvd=827506
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.158.164 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.15.8.2 /
Resource Hash

Request headers

:method: GET
:authority: breatmentbr.top
:scheme: https
:path: /Y2Y5M0kCBFpedgJbWxU8EQoEFnslQwt1LVAQClE4BwhdXn0GFEEdKg8JTFcvEQlXR2cNA00WeyUDbmQ9UTF/WH8hJF4WeyE8UAMKJgtvWygPU3tqDhNDC3UIMjMKfTAPMXxLDAwiaFwgIjIJVh0yL1BjHjE8bHcYVyhOSwUFDE4ACiYSSVUzBDZ/dB8XAEELDi0cc1gIISMAeA0qIH1aDFE2bAMNLDFoAwsiEUF9HTYtbAEmBQR8ZQ4FMU1DGBsVDHwjIiB4WSoSK2wGDyQIQUEeG14Lfx0ULmwBORMoeFwfBTFNQwsiMABSewgybAE5Ewd/QDkCMQl0EQ9LAAooUQ1ycSAEV2lxPjcpU3o+K1d3QgFRHmBiETkXWwN8JgdxdjAiEXACBzseY30RUhRYYioFK0NLcTQzYBZ7JTZ9XAgkPn8LKFIVb34KEFR7WwdaB0EKHTE+Y0MtUl9xUg4TVWFmLVoHC1gQJRwNBwIULG1SIVoVbnYPUQdUCgciVGwKKA8Of3wdWhdsWxsLNm4HAzIcCQsZFF92Yx4LE252AFUHfQMZMSJOCwYUQFNAJg0WBFYAEjJYZxAHIQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cutpaid.com/4mndFaBi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cutpaid.com/4mndFaBi

Response headers

status: 200
content-type: text/html
content-length: 1261
date: Sat, 04 Jul 2020 00:52:00 GMT
server: openresty/1.15.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b7f7970e9c911e165d4cb9f70deac42a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53
x-amz-cf-id: x8S67KFhMo0vnoOE4Ud6ARw0-zMBF7W3BSAltIpigCoZnvPWzaN-vw==

GET
H2 200 c804ebd66836c29ff0c9c4d843e60f31.min.js Show response
clevernt.com/scripts/ 100 KB
43 KB 154ms
50ms Script
application/javascript 148.69.64.76
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL: https://clevernt.com/scripts/c804ebd66836c29ff0c9c4d843e60f31.min.js?20200630=1593823920561
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.76 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
Software: nginx /
Resource Hash: b8a7b8665625d104719540c35de760ed5b1ae8795c4629502d61eec5fc4cd8ff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:52:00 GMT
content-encoding: gzip
last-modified: Fri, 03 Jul 2020 10:42:43 GMT
server: nginx
etag: W/"5eff0ba3-191ed"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=86400
expires: Sun, 05 Jul 2020 00:52:00 GMT

GET
H2 200 zuck.min.js Show response
www.xadsmart.com/ 31 KB
9 KB 92ms
23ms Script
application/x-javascript 195.181.175.46
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xadsmart.com/zuck.min.js
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 62bf8216b7173e464833313597513d4c17368d2e357ca33bd6c3f6d27d6fec20

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cutpaid.com/4mndFaBi
Origin: https://cutpaid.com

Response headers

date: Sat, 04 Jul 2020 00:52:00 GMT
content-encoding: br
server: CDN77-Turbo
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
x-edge-location: frankfurtDE
status: 200
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
x-edge-ip: 195.181.175.44
x-age: 262475
alt-svc: quic="195.181.175.44:443"; ma=2592000; v="44,43,39"
expires: Tue, 07 Jul 2020 23:57:25 GMT

GET
H2 200 footer.jpg
cutpaid.com/modern_theme/build/img/ 13 KB
13 KB 9ms
9ms Image
image/jpeg 2606:4700:3035::6812:38a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cutpaid.com/modern_theme/build/img/footer.jpg
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:38a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b

Request headers

Referer: https://cutpaid.com/modern_theme/build/css/styles.min.css?ver=5.3.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:52:00 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Jun 2018 08:33:52 GMT
server: cloudflare
age: 6320
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5ad4dc6f8a03074a-FRA
content-length: 13309
cf-request-id: 03b8e819b80000074aab06b200000001

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,700%7CMuli:300,300i,400
Origin: https://cutpaid.com

Response headers

date: Fri, 12 Jun 2020 00:31:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 1902040
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Sat, 12 Jun 2021 00:31:20 GMT

GET
H/1.1 200
OK fac.php
ofgogoatan.com/ Frame 9208 0
0 21ms
21ms Document
text/html 139.45.195.114
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ofgogoatan.com/fac.php

Requested by

Host: ofgogoatan.com
URL: https://ofgogoatan.com/apu.php?zoneid=2720259

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.114 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: ofgogoatan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cutpaid.com/4mndFaBi
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: OAID=d0bdc7b777e74124be700eb5da5c6aab; oaidts=1593823918
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cutpaid.com/4mndFaBi

Response headers

Server: nginx
Date: Sat, 04 Jul 2020 00:52:00 GMT
Content-Type: text/html; charset=utf8
Content-Length: 203
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
X-Trace-Id: 71bc4240986f0c32e91ffd850a3c294d
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK apu.php Show response
abdurantom.com/ 382 B
1 KB 59ms
15ms Script
application/javascript 139.45.195.148
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://abdurantom.com/apu.php?zoneid=3381394

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3047698

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.148 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

5ee722ecef466d5c5f7eba4adfe21da38570411325b80e33805706d34c8127f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:00 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 382
X-Trace-Id: 2a6036a7a0f632aa2b11d33fc24f9b7f
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 64ms
24ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:48:29 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 51.254.41.192/26
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
status: 200
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 4364
x-request-id: 620626369

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/ 323 KB
127 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 16:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Jun 2020 20:56:25 GMT
server: sffe
age: 893546
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129939
x-xss-protection: 0
expires: Wed, 23 Jun 2021 16:39:34 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 229C 0
0 24ms
23ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=normal&cb=vkszq3h1vkb7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Znxeoi7qgyGzot7wTkQpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&co=aHR0cHM6Ly9jdXRwYWlkLmNvbTo0NDM.&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=normal&cb=vkszq3h1vkb7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cutpaid.com/4mndFaBi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cutpaid.com/4mndFaBi

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Jul 2020 00:52:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-8Znxeoi7qgyGzot7wTkQpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10471
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 4137781.php Show response
s4.histats.com/stats/ 51 B
322 B 302ms
100ms Script
text/html 158.69.248.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/4137781.php?4137781&@f16&@g1&@h1&@i1&@j1593823920784&@k0&@l1&@mCutpaid&@n0&@o1000&@q0&@r0&@s1034&@ten-US&@u1600&@b1:102105788&@b3:1593823921&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fcutpaid.com%2F4mndFaBi&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.248.123 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 12ffb85ad9df765a57baf00ad630450b78dafff683f0047a0af021f3c01d962a

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:01 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2 200 docallbackinfobee7c0331585426d9aa8c6abf40a919a.js Show response
ui.clevernt.com/ 694 B
1020 B 242ms
99ms Script
text/javascript 148.69.64.109
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.clevernt.com/docallbackinfobee7c0331585426d9aa8c6abf40a919a.js

Requested by

Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),

Reverse DNS

Software

nginx /

Resource Hash

75f716cba04c063888086319adc8ae6e762bf5593f1bd1f742c4e29983bf1d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: cache
date: Sat, 04 Jul 2020 00:52:00 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=15768000
expires: Sat, 04 Jul 2020 01:52:00 GMT

GET
H2 200 44894.php
sender.clevernt.com/transporter/ 43 B
355 B 98ms
58ms Image
image/gif 148.69.64.76
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sender.clevernt.com/transporter/44894.php?ppuc=0&ppu=0&id=0&ref=aHR0cHM6Ly9jdXRwYWlkLmNvbS80bW5kRmFCaQ%3D%3D&ruri=&r=687816246&tok=890701030720107098&op=called&wn=admaven_pop_835783&res=1600x1200&ts=0.006&iv=-1
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.76 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 04 Jul 2020 00:52:00 GMT
server: nginx
content-type: image/gif

GET
H2 200 / Show response
c.adsco.re/ 34 KB
13 KB 74ms
11ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.xadsmart.com
URL: https://www.xadsmart.com/zuck.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df5dda5dda04d403a0c1d75898c8e67e74d6a68ea8b6de7d96e266e6cc259be

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:52:00 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 94934
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8e81af200001f41848bd200000001
server: cloudflare
etag: W/"TfDfF8/DBqH7tF/j3/1Icw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
cache-control: max-age=43200,public,immutable,no-transform
cf-ray: 5ad4dc7188d71f41-FRA
link: <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
expires: Fri, 03 Jul 2020 02:28:59 GMT

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
769 B 84ms
14ms XHR
application/json 139.45.196.87
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3047698

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.196.87 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

cdfefdcdc0216d754e5441c5163e330734ebb4d6406a7fc9d9a43b276fa93bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H/1.1 200
OK p
adsco.re/ 0
323 B 165ms
74ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:00 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H2 200 /
6.adsco.re/ 0
266 B 15ms
13ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: cutpaid.com
URL: https://cutpaid.com/4mndFaBi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:52:00 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
access-control-max-age: 2592000
cache-control: max-age=600,public,immutable
cf-ray: 5ad4dc7199091f41-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8e81b0100001f41848be200000001

POST
H/1.1 200
OK p Show response
adsco.re/ 0
413 B 162ms
74ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 04 Jul 2020 00:52:00 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H2 200 / Show response
6.adsco.re/ 53 B
475 B 77ms
16ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:52:00 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://cutpaid.com
access-control-max-age: 2592000
cache-control: max-age=600,public,immutable
cf-ray: 5ad4dc720fd7d6e5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03b8e81b410000d6e548a65200000001

GET
H/1.1 200
OK / Show response
qhb01zsoiarm.l.adsco.re/ 0
464 B 193ms
30ms XHR
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://qhb01zsoiarm.l.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:01 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET /
qhb01zsoiarm.n.adsco.re/ 0
0

GET /
qhb01zsoiarm.s.adsco.re/ 0
0

GET
H2 200 /
c.adsco.re/ Frame 76C2 0
0 12ms
12ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: c.adsco.re
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cutpaid.com/4mndFaBi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cutpaid.com/4mndFaBi

Response headers

status: 200
date: Sat, 04 Jul 2020 00:52:00 GMT
content-type: text/html
cache-control: max-age=43200,public,immutable,no-transform
link: <//adsco.re/p>;rel=prefetch,<//6.adsco.re>;rel=prefetch
expires: Fri, 03 Jul 2020 02:28:59 GMT
etag: W/"TfDfF8/DBqH7tF/j3/1Icw=="
content-encoding: gzip
cf-cache-status: HIT
age: 94934
cf-request-id: 03b8e81b0b00001f41848bf200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5ad4dc71a9201f41-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 3047698 Show response
inpagepush.com/500/ 1 KB
2 KB 195ms
195ms XHR
application/javascript 139.45.195.147
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3047698?excludes=&oaid=61b5ec99776c4675a03042d34a95ca14&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fcutpaid.com%2F4mndFaBi&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3047698

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.147 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

7a29e2dfa24d905d51b8db23cf9cdd6fb64adb187397ca957dc21f9e6d9a024b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 04 Jul 2020 00:52:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 5f76732a3fd159a8c6178b41885095c9
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 cc_1034.js Show response
s10.histats.com/counters/ 15 KB
6 KB 19ms
19ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/counters/cc_1034.js
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6d7d4e25d21c283ccd3c684718d06a4447b90715bea27c8a4edcac43ce5478b7

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:44:57 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:41 GMT
x-cdn-pop-ip: 51.254.41.192/26
etag: W/"-241208617"
x-cacheable: Matched cache
content-type: text/javascript
status: 200
x-cdn-pop: rbx1
accept-ranges: bytes
content-length: 5479
x-request-id: 648446810

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 9DD0 0
0 17ms
17ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&cb=4ujt7reb7jbo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rhftd8LwPDx6YxfeftNF3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&k=6LfiIG8UAAAAACgXPGUoaBKfkA98k4eIVP-U1ugn&cb=4ujt7reb7jbo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cutpaid.com/4mndFaBi
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cutpaid.com/4mndFaBi

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Jul 2020 00:52:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-Rhftd8LwPDx6YxfeftNF3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1175
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 592 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d69f4fea4100a45512fac796e6f37cffe198fc9129431c221d432e459d0e3323

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
840 B 53ms
52ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 5ffb90d8d15a77d84f8bb9a39a51c4e851fff0bab19d94ec5bbd8f7a6a3326a4

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Sat, 04 Jul 2020 00:52:01 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK
Access-Control-Allow-Origin: https://cutpaid.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 popunder.gif
fictimruffles.space/ 35 B
369 B 155ms
109ms Image
image/gif 143.204.202.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fictimruffles.space/popunder.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
date: Sat, 04 Jul 2020 00:52:01 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
status: 200
x-cache: Miss from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
content-length: 58
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
x-amz-cf-id: KZOHHUMyyojD0-UQ4LmnLJa9a5cbXTOq_WlbQEj0EHT3Xya-V5LEhQ==

GET
H/1.1 200
OK 01493259554841.png
static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/ 38 KB
39 KB 59ms
15ms Image
image/png 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/01493259554841.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: d5d82acc41fadbf8ca744c4943c0768cb77029634fa36907b54e0cce89468e0b

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:01 GMT
Last-Modified: Wed, 26 Jun 2019 16:05:24 GMT
Server: nginx
ETag: "5d1397c4-97f9"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 38905

GET
H2 200 wmRbJt.asp Show response
xadsmart.com/ 0
123 B 175ms
126ms Script
application/javascript 104.153.197.251
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xadsmart.com/wmRbJt.asp?_=BAoAXv_SsQFe_9KxgAGBAsAAINtJgOwpODNz7BpLTqfoL55g2ew7muSlRfjxKUDtwOcVwQBHMEUCIQC6rQDSmY43D1aIlNmvkEQ9KMlmxwB7PpxmqGhbcEKrvgIgIdartW3FW7Wg862BleK6VBM171dKSMEjxO4KQTEfbNzCACCrcD1SnGJAlyzDXQB8e6pTOqHxgi1OkDkH1wvAfPQn8cQAECoBBPgBklQUAAAAAAAAAALFABCQGEWWTluC9mh_U4pre8xDwwBHMEUCIFjfglmz2O_r6uj_J4hbxFlC_WTUIOzvWecHdUVXRhvfAiEA-5RUKvEFijw6Un1AvDCkWQwp8b51EUoKZR5umF4-qoQ&v=4&okqrAucn=2860337&minBid=&nVUtjqcs=0,0&EzWFcjgf=&ndxqfCRS=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.xadsmart.com
URL: https://www.xadsmart.com/zuck.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.153.197.251 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 04 Jul 2020 00:52:01 GMT
asf: 9
access-control-allow-origin: *
status: 200
content-type: application/javascript
popads-ec: ASB
cache-control: public, max-age=604800
content-length: 0
expires: Sat, 11 Jul 2020 00:52:01 GMT

GET
H/1.1 200
OK /
e2ertt.com/ 0
198 B 128ms
31ms Image
image/gif 52.208.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e2ertt.com/?jsonKey=%7B%22scriptLoadPerformance%22%3A%7B%22name%22%3A%22https%3A%2F%2Fofgogoatan.com%2Fapu.php%3Fzoneid%3D2720259%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A118.25499963015318%2C%22duration%22%3A99.89000018686056%2C%22initiatorType%22%3A%22script%22%2C%22nextHopProtocol%22%3A%22http%2F1.1%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A118.25499963015318%2C%22domainLookupStart%22%3A146.2399996817112%2C%22domainLookupEnd%22%3A147.30999991297722%2C%22connectStart%22%3A147.30999991297722%2C%22connectEnd%22%3A189.08500019460917%2C%22secureConnectionStart%22%3A159.4599997624755%2C%22requestStart%22%3A189.12999983876944%2C%22responseStart%22%3A207.63500034809113%2C%22responseEnd%22%3A218.14499981701374%2C%22transferSize%22%3A20984%2C%22encodedBodySize%22%3A20119%2C%22decodedBodySize%22%3A58911%2C%22serverTiming%22%3A%5B%5D%2C%22workerTiming%22%3A%5B%5D%7D%2C%22partner%22%3A%22pa%22%2C%22zoneId%22%3A2720259%2C%22type%22%3A%22onclick%22%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.186.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:01 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif

GET
H/1.1 200
OK perf.gif
perf.cdnads.com/ 43 B
323 B 45ms
14ms Image
image/gif 185.49.145.157
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://perf.cdnads.com/perf.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.49.145.157 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:01 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: max-age=86400
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sun, 05 Jul 2020 00:52:01 GMT

GET
H/1.1 200
OK /
e2ertt.com/ 0
198 B 32ms
31ms Image
image/gif 52.208.186.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e2ertt.com/?jsonKey=%7B%22imgLoadPerformance%22%3A%7B%22name%22%3A%22https%3A%2F%2Fperf.cdnads.com%2Fperf.gif%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A3014.5899998024106%2C%22duration%22%3A45.900000259280205%2C%22initiatorType%22%3A%22img%22%2C%22nextHopProtocol%22%3A%22http%2F1.1%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A3014.5899998024106%2C%22domainLookupStart%22%3A3014.999999664724%2C%22domainLookupEnd%22%3A3015.820000320673%2C%22connectStart%22%3A3015.820000320673%2C%22connectEnd%22%3A3045.9700003266335%2C%22secureConnectionStart%22%3A3027.920000255108%2C%22requestStart%22%3A3046.0099996998906%2C%22responseStart%22%3A3059.860000386834%2C%22responseEnd%22%3A3060.490000061691%2C%22transferSize%22%3A323%2C%22encodedBodySize%22%3A43%2C%22decodedBodySize%22%3A43%2C%22serverTiming%22%3A%5B%5D%2C%22workerTiming%22%3A%5B%5D%7D%2C%22partner%22%3A%22pa%22%2C%22zoneId%22%3A2720259%2C%22type%22%3A%22onclick%22%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.186.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:01 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif

GET
H/1.1 200
OK ISafX_lzmvKuxYlTzfaiFpOaKMrDTooTmMhlf-N4bjOsvocX-VGcaskQtgYXMdLJVVwRRCbKS5rsUIcp2WiBUp7y3BN2wfGeEmb7cHyVom0B2m69fqrW7YmvCG6gJrUcldAKU1ZVaoYYBOhkTNQtgSHjqhWWBTTVbcqtTe-ISwK6V1gE6ItmXHqaoBzrQnF43wYVl...
inpagepush.com/impression/ 43 B
482 B 40ms
39ms Image
image/gif 139.45.195.147
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inpagepush.com/impression/ISafX_lzmvKuxYlTzfaiFpOaKMrDTooTmMhlf-N4bjOsvocX-VGcaskQtgYXMdLJVVwRRCbKS5rsUIcp2WiBUp7y3BN2wfGeEmb7cHyVom0B2m69fqrW7YmvCG6gJrUcldAKU1ZVaoYYBOhkTNQtgSHjqhWWBTTVbcqtTe-ISwK6V1gE6ItmXHqaoBzrQnF43wYVlulibDsiGLNcM8l0AGA69kY1FKxkcfd2TemQfiPdGp39p2n5S-fcpeu7fdjfpmZLXvmfkAjZ2SecwDvAAJm20V-GBJG85EnILA8TqXvZdgiBA_Ga88jduKKsJ9fUxuAubRXjrTbK-QYM6zu8JB9dPeRSdQIKr82MX_LEJPQZYreDjH8aH61YgUA=?z=3047698&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fcutpaid.com%2F4mndFaBi&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.147 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 15d245a0af1531ced39d612c5371ec0e
Pragma: no-cache
Date: Sat, 04 Jul 2020 00:52:05 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 01493259554841.png
static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/ Frame 727B 38 KB
39 KB 16ms
16ms Image
image/png 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/2c/8c/40/8c63c8c7eaf679414b65cbddb3/01493259554841.png
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3047698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: d5d82acc41fadbf8ca744c4943c0768cb77029634fa36907b54e0cce89468e0b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:05 GMT
Last-Modified: Wed, 26 Jun 2019 16:05:24 GMT
Server: nginx
ETag: "5d1397c4-97f9"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 38905

GET
H/1.1 200
OK 3047698 Show response
inpagepush.com/500/ 1 KB
2 KB 194ms
194ms XHR
application/javascript 139.45.195.147
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3047698?excludes=6302564&oaid=61b5ec99776c4675a03042d34a95ca14&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fcutpaid.com%2F4mndFaBi&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3047698

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.147 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

bcc431843ac90a21ea9063b642cc8ccc6de89de1ca1debae4d9564d8fe563661

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 04 Jul 2020 00:52:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 5888dd36aed03d059f76c69515b4fcce
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://cutpaid.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0596136822376.jpeg
static.ptoahaistais.com/contents/s/f2/68/aa/838c5e333c0faa54299acb8b5f/ 13 KB
14 KB 16ms
15ms Image
image/jpeg 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/f2/68/aa/838c5e333c0faa54299acb8b5f/0596136822376.jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 8693827f9281720b698b47c0d7af432993ad8821deb24e8e9d64b4cad12abf5e

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:06 GMT
Last-Modified: Fri, 05 Jun 2020 19:46:41 GMT
Server: nginx
ETag: "5edaa121-358c"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 13708

GET
H/1.1 200
OK pHKLSloK1Ihn5frjQ0ESUImO0Qqpmj_zcKLNM61UofmYeBW7L0XXkipT0TthEeFUz4jgxb1i4p98Mjs2EhRMuQSU9WHfIYuTDxU11saiUKOkHmUgOisNuXptyfc-7q5UoNC9TAmvQVyp81lJiosa4m_6RgXbZXLrZ2260pJnmnT3c788XicUh0cwUfpz8N0E7DnDu...
inpagepush.com/impression/ 43 B
482 B 17ms
16ms Image
image/gif 139.45.195.147
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inpagepush.com/impression/pHKLSloK1Ihn5frjQ0ESUImO0Qqpmj_zcKLNM61UofmYeBW7L0XXkipT0TthEeFUz4jgxb1i4p98Mjs2EhRMuQSU9WHfIYuTDxU11saiUKOkHmUgOisNuXptyfc-7q5UoNC9TAmvQVyp81lJiosa4m_6RgXbZXLrZ2260pJnmnT3c788XicUh0cwUfpz8N0E7DnDuJn3k2Jhlu1jGVGPXNadyVy3OV_QA4AurQLv782F8a0VQ7K6ULRCRejpFs89AfYzwowx8Im8pQaZldHFuOEeQRkddvhZXh3rVqrIGsrFgVIB0a4zNZvsDk0spYL1DlmKLGc15n7kDXfGPFH9CsaEo8Q-hQwPD55WJvojo3GYvfYEJljaDSdp2OY=?z=3047698&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fcutpaid.com%2F4mndFaBi&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.147 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutpaid.com/4mndFaBi
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: f5651e9b0f404f39563d66a9d871ed4f
Pragma: no-cache
Date: Sat, 04 Jul 2020 00:52:10 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0596136822376.jpeg
static.ptoahaistais.com/contents/s/f2/68/aa/838c5e333c0faa54299acb8b5f/ Frame 727B 13 KB
14 KB 15ms
15ms Image
image/jpeg 139.45.197.162
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/f2/68/aa/838c5e333c0faa54299acb8b5f/0596136822376.jpeg
Requested by: Host: inpagepush.com
URL: https://inpagepush.com/400/3047698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.162 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software: nginx /
Resource Hash: 8693827f9281720b698b47c0d7af432993ad8821deb24e8e9d64b4cad12abf5e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 00:52:10 GMT
Last-Modified: Fri, 05 Jun 2020 19:46:41 GMT
Server: nginx
ETag: "5edaa121-358c"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 13708

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: qhb01zsoiarm.n.adsco.re
URL: https://qhb01zsoiarm.n.adsco.re/

Domain: qhb01zsoiarm.s.adsco.re
URL: https://qhb01zsoiarm.s.adsco.re/

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ofgogoatan.com/	1970-01-19 19:29:19	Name: oaidts Value: 1593823918
ofgogoatan.com/	1970-01-19 19:29:19	Name: OAID Value: d0bdc7b777e74124be700eb5da5c6aab
cutpaid.com/	1970-01-19 14:22:43	Name: hstpconfig Value: eyJJRCI6IjcxMTA1MTkzdWk1ZWZmZDJiMGYwNWVmIiwiQ1RSIjoiTkwiLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6Ik1hY09TWCIsIk1vYmlsZSI6MCwiQm90IjowLCJyZW1vdGVfYWRkciI6MzExODA1MDA2MCwiTGFzdFVwZGF0ZSI6MTU5MzgyMzkyMCwibm9jYWNoZSI6dHJ1ZX0%3D
cutpaid.com/	1970-01-19 19:29:19	Name: HstPn4137781 Value: 1
cutpaid.com/	1969-12-31 23:59:59	Name: AppSession Value: 11f6rvnqiengbputhpr6rcc1j6
cutpaid.com/	1970-01-19 19:29:19	Name: HstCfa4137781 Value: 1593823920784
cutpaid.com/	1970-01-19 19:29:19	Name: HstCmu4137781 Value: 1593823920784
cutpaid.com/	1969-12-31 23:59:59	Name: csrfToken Value: 0e8ec61ea2cb6fc3e65f6217dd49c52b6fbb1a611b11bf1ec328a48e22a5005589762a440849c434c177e227cdd7a6d9407b1332e98c45ab3d57ad4ae45281ef
cutpaid.com/	1970-01-19 19:29:19	Name: HstCns4137781 Value: 1
cutpaid.com/	1970-01-19 19:29:19	Name: HstCnv4137781 Value: 1
cutpaid.com/	1970-01-19 19:29:19	Name: HstCla4137781 Value: 1593823920784
cutpaid.com/	1969-12-31 23:59:59	Name: ab Value: 2
cutpaid.com/	1970-01-19 10:44:09	Name: a Value: OcRQAbEbVeIrnpEwVAyXxwriqD3EbQif
cutpaid.com/	1970-01-19 19:29:19	Name: HstPt4137781 Value: 1
.cutpaid.com/	1970-01-19 11:26:55	Name: __cfduid Value: d6dce536d12d2e36ebd642b3995d4a8b41593823918

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://abdurantom.com/apu.php?zoneid=3381394(Line 1) Message: 0x50005
console-api	log	URL: https://c.adsco.re/(Line 16) Message:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.adsco.re
abdurantom.com
adsco.re
breatmentbr.top
c.adsco.re
clevernt.com
cutpaid.com
d3v3bqdndm4erx.cloudfront.net
e2ertt.com
fictimruffles.space
filez.cutpaid.com
fonts.googleapis.com
fonts.gstatic.com
inpagepush.com
my.rtmark.net
ofgogoatan.com
perf.cdnads.com
practthreat.club
qhb01zsoiarm.l.adsco.re
qhb01zsoiarm.n.adsco.re
qhb01zsoiarm.s.adsco.re
s10.histats.com
s4.histats.com
sender.clevernt.com
static.ptoahaistais.com
ui.clevernt.com
www.google.com
www.gstatic.com
www.xadsmart.com
xadsmart.com
qhb01zsoiarm.n.adsco.re
qhb01zsoiarm.s.adsco.re
104.153.197.251
13.224.89.113
139.45.195.114
139.45.195.147
139.45.195.148
139.45.196.87
139.45.197.162
143.204.202.6
148.69.64.109
148.69.64.76
158.69.248.123
162.252.214.5
185.200.118.90
185.49.145.157
195.181.175.46
2606:4700:3035::6812:38a7
2606:4700::6811:a6ba
2a00:1450:4001:800::200a
2a00:1450:4001:816::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81f::2003
46.105.201.240
52.208.186.41
52.222.158.164
54.237.125.12
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e0c64a56e1515d05f31b211b2d17863dcf35f0136d07f5d8901275fb9210eaa
12f310d36e9a9d454ad40ff78184fb0418ce74134dda23efe7f4244a5dd651d8
12ffb85ad9df765a57baf00ad630450b78dafff683f0047a0af021f3c01d962a
1bdf430d6fe7b2d7823fa8eaa880b55d8692c82a1aed30a893fc8402f8311f90
1df5dda5dda04d403a0c1d75898c8e67e74d6a68ea8b6de7d96e266e6cc259be
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
42deff51f77c2fad8526f708bf57a4300ecc3fd926c9df055962dc2cdca00cee
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5ee722ecef466d5c5f7eba4adfe21da38570411325b80e33805706d34c8127f3
5f0189a4bb81ed16a1ba1378928162079e8e672d770bd377c1c8a387d8a2c953
5ffb90d8d15a77d84f8bb9a39a51c4e851fff0bab19d94ec5bbd8f7a6a3326a4
62bf8216b7173e464833313597513d4c17368d2e357ca33bd6c3f6d27d6fec20
62eb8c55e05f53ef96a7daaec19f0b9bf2beee9846b83368ac423fb3297d80b4
6547160566e6f3388ffb19fdfc59a2d33d50cd90f2a858d53faf274f54302a7f
6b98b71c1cba66e4d8de3bf0c945b11de3bd0c2503658f81c2becf34ff0f995b
6cf4e094aa8c277f5a818fc351d5a1f49366266ccb66d39fec197a82a0391c06
6d7d4e25d21c283ccd3c684718d06a4447b90715bea27c8a4edcac43ce5478b7
75f716cba04c063888086319adc8ae6e762bf5593f1bd1f742c4e29983bf1d47
7a29e2dfa24d905d51b8db23cf9cdd6fb64adb187397ca957dc21f9e6d9a024b
80c8b789ae1e5ea87c4c39c56405da83433fe91c902932801dfad54e3ecebc3b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8693827f9281720b698b47c0d7af432993ad8821deb24e8e9d64b4cad12abf5e
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b0673ca7db6528bb7f1142f04d331961bf9516c88e10b3f47a9b809618140e69
b1682c9244ff0f2b76cf7d98058ac470dad368fcc27a788da5966b58b95976cd
b8a7b8665625d104719540c35de760ed5b1ae8795c4629502d61eec5fc4cd8ff
bcc431843ac90a21ea9063b642cc8ccc6de89de1ca1debae4d9564d8fe563661
c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a
cdfefdcdc0216d754e5441c5163e330734ebb4d6406a7fc9d9a43b276fa93bf3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5d82acc41fadbf8ca744c4943c0768cb77029634fa36907b54e0cce89468e0b
d69f4fea4100a45512fac796e6f37cffe198fc9129431c221d432e459d0e3323
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e644133ebed3a87a3a6fae258b53a7f6bad71247e4e5c3a33674428b7457d039
e86552e6735a0602e7c1ad0c00a58359b5dd6cccaf4b0a777f99a7d837c7ed99
f99532679c011127645be515312be1fcce770dd6be0a59c20951b14e353e7ad7

cutpaid.com Open in urlscan Pro 2606:4700:3035::6812:38a7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

96 %HTTPS

24 %IPv6

19 Domains

30 Subdomains

26 IPs

9 Countries

686 kBTransfer

1587 kBSize

15 Cookies

2 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cutpaid.com Open in urlscan Pro
2606:4700:3035::6812:38a7 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

96 %
HTTPS

24 %
IPv6

19
Domains

30
Subdomains

26
IPs

9
Countries

686 kB
Transfer

1587 kB
Size

15
Cookies

55 HTTP transactions
1 data transactions