cnicphonorac.gq Open in urlscan Pro
2606:4700:30::6818:78e3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://cutt.us/nNkTNeWy Page URL
2. http://cnicphonorac.gq/amep Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	nNkTNeWy Show response cutt.us/	3 KB 2 KB	1478ms 121ms	Document text/html	192.111.136.71 Total Server Solu...
General Check archive.org Show headers Download Go to Full URL http://cutt.us/nNkTNeWy Protocol HTTP/1.1 Server 192.111.136.71 Atlanta, United States, ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US), Reverse DNS Software nginx / Resource Hash 0cdfd69f17babb769cc29d018835709685f210a6da1e5952313943f8f3f63b52 Request headers Host cutt.us Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Wed, 26 Jun 2019 12:14:41 GMT Content-Type text/html; Charset=UTF-8;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Cache-Control no-cache, must-revalidate, max-age=0 Pragma no-cache I-AM Beta Content-Encoding gzip
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	34 KB 11 KB	69ms 41ms	Script text/javascript	2a00:1450:4001:824::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: cutt.us URL: http://cutt.us/nNkTNeWy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 3abc7651953ccb4c244a744442658f8fd76f5d66a6c0c295d489dabf16125446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://cutt.us/nNkTNeWy User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 12:14:41 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "204 / 248 of 1000 / last-modified: 1561501021" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 11185 x-xss-protection 0 expires Wed, 26 Jun 2019 12:14:41 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	31ms 16ms	Script application/javascript	2a00:1450:4001:815::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=cutt.us Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://cutt.us/nNkTNeWy User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 12:14:41 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 323 B	18ms 17ms	Script application/javascript	2a00:1450:4001:815::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cutt.us Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://cutt.us/nNkTNeWy User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 12:14:41 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39" content-length 104 x-xss-protection 0
GET H2	200	pubads_impl_2019061701.js Show response securepubads.g.doubleclick.net/gpt/	149 KB 55 KB	68ms 41ms	Script text/javascript	172.217.23.130 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061701.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.130 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s18-in-f2.1e100.net Software sffe / Resource Hash ac33bcd662b21c0fc9e61c2a5c40ed6ff4fb4dbb9a2123ccbdee883a71269e28 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://cutt.us/nNkTNeWy User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 12:14:41 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 17 Jun 2019 13:05:19 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 55859 x-xss-protection 0 expires Wed, 26 Jun 2019 12:14:41 GMT
GET H2	200	ads securepubads.g.doubleclick.net/gampad/	515 B 853 B	57ms 56ms	XHR text/javascript	172.217.23.130 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2560498541897499&correlator=1788012531374264&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062725%2C21063910%2C21063912%2C21064055%2C21064076&vrg=2019061701&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=0&sfv=1-0-33&ecs=20190626&iu=%2F5837603%2FCutt_360&sz=300x360&cookie_enabled=1&bc=23&abxe=1&lmt=1561551281&dt=1561551281848&dlt=1561551281662&idt=170&frm=20&biw=1600&bih=1200&oid=3&adx=0&ady=0&adk=1933368604&uci=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fcutt.us%2FnNkTNeWy&dssz=7&icsg=170&std=0&vis=1&scr_x=0&scr_y=0&psz=300x445&msz=0x0&blev=1&bisch=1&ga_vid=5500401.1561551282&ga_sid=1561551282&ga_hid=939404950&fws=128&ohw=0 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.130 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s18-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://cutt.us/nNkTNeWy Origin http://cutt.us Response headers date Wed, 26 Jun 2019 12:14:41 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 340 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/javascript; charset=UTF-8 access-control-allow-origin http://cutt.us cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl_rendering_2019061701.js Show response securepubads.g.doubleclick.net/gpt/	66 KB 25 KB	40ms 40ms	Script text/javascript	172.217.23.130 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019061701.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019061701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.130 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s18-in-f2.1e100.net Software sffe / Resource Hash 63ff2042e349725f6ffdb6e066a7adf60dae0123c861987a592a9831f9631806 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://cutt.us/nNkTNeWy User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 26 Jun 2019 12:14:41 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 17 Jun 2019 13:05:19 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,44,43,39" content-length 25545 x-xss-protection 0 expires Wed, 26 Jun 2019 12:14:41 GMT
GET		container.html tpc.googlesyndication.com/safeframe/1-0-33/html/	0 0
GET H/1.1	200 OK	Primary Request Cookie set amep Show response cnicphonorac.gq/	1 KB 1 KB	97ms 61ms	Document text/html	2606:4700:30::6818:78e3 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://cnicphonorac.gq/amep? Requested by Host: cutt.us URL: http://cutt.us/nNkTNeWy Protocol HTTP/1.1 Server 2606:4700:30::6818:78e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b1aa073e0c8daa5b5799daded64796a59eb2b6a6d3c3b79f90c6d0016bc1c59b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host cnicphonorac.gq Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://cutt.us/nNkTNeWy Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://cutt.us/nNkTNeWy Response headers Date Wed, 26 Jun 2019 12:14:42 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=df3345eb227051d1f468134be166b71751561551281; expires=Thu, 25-Jun-20 12:14:41 GMT; path=/; domain=.cnicphonorac.gq; HttpOnly Vary Accept-Encoding cache-control max-age=0, private, must-revalidate cross-origin-window-policy deny x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-request-id 13b59f13a4b6b48ba6b235ad7c8e3034 x-xss-protection 1; mode=block set-cookie locale=en; path=/; HttpOnly Server cloudflare CF-RAY 4ecf1a3839fcc2b8-FRA Content-Encoding gzip
GET H/1.1	200 OK	app-28261a266bf1a767951a5be6a8b93d5e.css cnicphonorac.gq/css/	2 KB 1 KB	27ms 27ms	Stylesheet text/css	2606:4700:30::6818:78e3 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://cnicphonorac.gq/css/app-28261a266bf1a767951a5be6a8b93d5e.css?vsn=d Requested by Host: cnicphonorac.gq URL: http://cnicphonorac.gq/amep? Protocol HTTP/1.1 Security , , Server 2606:4700:30::6818:78e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8b5b3e41b02968072e3932f5af6abeaba1b83ea51a5d5ebbe03a653760934840 Request headers Referer http://cnicphonorac.gq/amep? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 26 Jun 2019 12:14:42 GMT Content-Encoding gzip CF-Cache-Status MISS Server cloudflare Vary Accept-Encoding Content-Type text/css cache-control public, max-age=31536000 Transfer-Encoding chunked Connection keep-alive CF-RAY 4ecf1a38abbdc2b8-FRA Expires Thu, 25 Jun 2020 12:14:42 GMT
GET H/1.1	200 OK	redirect-d7bcd6dfa4da5f3173e526f9d8997477.js Show response cnicphonorac.gq/js/	767 B 796 B	32ms 26ms	Script application/javascript	2606:4700:30::6818:78e3 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://cnicphonorac.gq/js/redirect-d7bcd6dfa4da5f3173e526f9d8997477.js?vsn=d Requested by Host: cnicphonorac.gq URL: http://cnicphonorac.gq/amep? Protocol HTTP/1.1 Security , , Server 2606:4700:30::6818:78e3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 2802bae43c273baf912c2adc1bc5f6ad9bc9bfab2a6e472b2ecd378df24e80a9 Request headers Referer http://cnicphonorac.gq/amep? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 26 Jun 2019 12:14:42 GMT Content-Encoding gzip CF-Cache-Status MISS Server cloudflare Vary Accept-Encoding Content-Type application/javascript cache-control public, max-age=31536000 Transfer-Encoding chunked Connection keep-alive CF-RAY 4ecf1a38bb15c29f-FRA Expires Thu, 25 Jun 2020 12:14:42 GMT
GET		9sUeMt vk.cc/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html

Domain

vk.cc

URL

https://vk.cc/9sUeMt?1yOlw

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cnicphonorac.gq/	1969-12-31 23:59:59	Name: locale Value: en
			.cnicphonorac.gq/	1970-01-19 10:31:27	Name: __cfduid Value: df3345eb227051d1f468134be166b71751561551281

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cnicphonorac.gq
cutt.us
securepubads.g.doubleclick.net
tpc.googlesyndication.com
vk.cc
www.googletagservices.com
tpc.googlesyndication.com
vk.cc
172.217.23.130
192.111.136.71
2606:4700:30::6818:78e3
2a00:1450:4001:815::2002
2a00:1450:4001:824::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0cdfd69f17babb769cc29d018835709685f210a6da1e5952313943f8f3f63b52
2802bae43c273baf912c2adc1bc5f6ad9bc9bfab2a6e472b2ecd378df24e80a9
3abc7651953ccb4c244a744442658f8fd76f5d66a6c0c295d489dabf16125446
63ff2042e349725f6ffdb6e066a7adf60dae0123c861987a592a9831f9631806
8b5b3e41b02968072e3932f5af6abeaba1b83ea51a5d5ebbe03a653760934840
ac33bcd662b21c0fc9e61c2a5c40ed6ff4fb4dbb9a2123ccbdee883a71269e28
b1aa073e0c8daa5b5799daded64796a59eb2b6a6d3c3b79f90c6d0016bc1c59b