z-df8799.ingress-haven.ewp.live Open in urlscan Pro
63.250.43.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cutt.us/S0qJP
Effective URL:
https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
Submission: On December 01 via api (December 1st 2023, 3:08:49 pm UTC) from US — Scanned from US

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 22 HTTP transactions. The main IP is 63.250.43.145, located in United States and belongs to NAMECHEAP-NET, US. The main domain is z-df8799.ingress-haven.ewp.live.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 18th 2023. Valid for: a year.

This is the only time z-df8799.ingress-haven.ewp.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	69.61.26.121 69.61.26.121	141518 (SUBHOST-A...) (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd)
1	2607:f8b0:402... 2607:f8b0:4024:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4024:c01::61	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4024:c02::9a	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4024:c01::84	15169 (GOOGLE) (GOOGLE)
1 9	63.250.43.145 63.250.43.145	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2607:f8b0:402... 2607:f8b0:4024:c00::9d	15169 (GOOGLE) (GOOGLE)
22	9

2 69.61.26.121 (Atlanta, United States) 1 redirects

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)

cutt.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c00::9a (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4024:c01::61 (Clarksville, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4024:c02::9a (Clarksville, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c01::84 (Clarksville, United States)

ASN15169 (GOOGLE, US)

daace4bd48406b136a29d78091a42501.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 63.250.43.145 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: ingress-haven.ewp.live

z-df8799.ingress-haven.ewp.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4024:c00::9d (Clarksville, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ewp.live 1 redirects z-df8799.ingress-haven.ewp.live	349 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	137 KB
2	googlesyndication.com daace4bd48406b136a29d78091a42501.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com Failed	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	147 KB
2	cutt.us 1 redirects cutt.us	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	30 KB
22	7

	Domain	Requested by
9	z-df8799.ingress-haven.ewp.live	1 redirects cutt.us z-df8799.ingress-haven.ewp.live
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	www.googletagmanager.com	cutt.us www.googletagmanager.com
2	cutt.us	1 redirects
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	daace4bd48406b136a29d78091a42501.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagservices.com	cutt.us
0	tpc.googlesyndication.com Failed	securepubads.g.doubleclick.net
22	9

This site contains no links.

Subject Issuer	Validity	Valid
cutt.us R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.ingress-haven.ewp.live Sectigo RSA Domain Validation Secure Server CA	`2023-04-18` - `2024-04-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
Frame ID: DBA2361FE5A3B604FE3E2E48B5F51A20
Requests: 21 HTTP requests in this frame

Frame: https://daace4bd48406b136a29d78091a42501.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB814E92BB04C642B7AB688588B538A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Instagram Login

Page URL History Show full URLs

http://cutt.us/S0qJP HTTP 301
https://cutt.us/S0qJP Page URL
https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651 HTTP 301
http://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ HTTP 307
https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

22
Requests

91 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

9
IPs

1
Countries

700 kB
Transfer

1553 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cutt.us/S0qJP HTTP 301
https://cutt.us/S0qJP Page URL
https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651 HTTP 301
http://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ HTTP 307
https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cutt.us/S0qJP HTTP 301
https://cutt.us/S0qJP

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

S0qJP Show response
cutt.us/
Redirect Chain

http://cutt.us/S0qJP
https://cutt.us/S0qJP

3 KB
2 KB

217ms
60ms

Document
text/html

69.61.26.121
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to

Full URL

https://cutt.us/S0qJP

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.61.26.121 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),

Reverse DNS

Software

Hotcores.com /

Resource Hash

1d115b69bba0aef8485c3107f9ebec40cbdfbb69d7710e9fadf812e3d9ce4517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
Date: Fri, 01 Dec 2023 15:00:23 GMT
I-AM: Alpha
Pragma: no-cache
Server: Hotcores.com
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex, nofollow

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 01 Dec 2023 15:00:23 GMT
Location: https://cutt.us/S0qJP
Server: Hotcores.com

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 91 KB
30 KB 255ms
74ms Script
text/javascript 2607:f8b0:4024:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cutt.us
URL: https://cutt.us/S0qJP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::9a Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09bd288c710df4b73d141160bc00ed08afdbabfd72d5db2d14dd26131137e5ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:08:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29827
x-xss-protection: 0
server: cafe
etag: 264 / 19692 / 31079856 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:08:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 260ms
80ms Script
application/javascript 2607:f8b0:4024:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Requested by

Host: cutt.us
URL: https://cutt.us/S0qJP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e58632a77a4e500dcfc7a7ac40ea7b882edd9d5d24b93f3f9f6d8f0c6c82ab96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:08:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 15:08:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/ 432 KB
136 KB 221ms
60ms Script
text/javascript 2607:f8b0:4024:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::9a Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:43:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12297
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138259
x-xss-protection: 0
server: cafe
etag: 16445146976575771301
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 30 Nov 2024 11:43:47 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 67 B
599 B 229ms
69ms XHR
application/json 2607:f8b0:4024:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::9a Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b9170220442e595255a1e36be0b4972238bdfd67e0ab2b794ed66fda2a8424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57
x-xss-protection: 0
expires: Fri, 01 Dec 2023 15:08:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 84ms
84ms Script
application/javascript 2607:f8b0:4024:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZBQ2JYBBZ5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::61 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7842386b277cbac8deccffe6e4f6f60f6316037d853e63bd7325b49e9d0d2e21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:08:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80757
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 15:08:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 85ms
24ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 13:49:04 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4780
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 01 Dec 2023 15:49:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
200 B 38ms
38ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1555739640&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FS0qJP&ul=en-us&de=UTF-8&dt=S0qJP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=938580042&gjid=782248587&cid=1653799362.1701443324&tid=UA-31510493-1&_gid=1114576459.1701443324&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1583076724

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cutt.us/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:08:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cutt.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
47 B 39ms
39ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZBQ2JYBBZ5&gtm=45je3bt0v9124577564&_p=1701443323764&gcd=11l1l1l1l1&dma=0&cid=1653799362.1701443324&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1701443324&sct=1&seg=0&dl=https%3A%2F%2Fcutt.us%2FS0qJP&dt=S0qJP&en=page_view&_fv=1&_ss=1&tfd=917
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZBQ2JYBBZ5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:08:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cutt.us
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 665 B
694 B 97ms
96ms Fetch
text/plain 2607:f8b0:4024:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=428168799948871&correlator=3718282208156476&eid=31078987%2C31079856%2C31079723%2C31079525&output=ldjh&gdfp_req=1&vrg=202311280101&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701443324355&lmt=1701443324&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcutt.us%2FS0qJP&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1653799362.1701443324&ga_sid=1701443324&ga_hid=1555739640&ga_fc=true&dlt=1701443323573&idt=744&adks=1933368604&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c02::9a Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5f7c35a09a020c0374d53c7b35aca01143cb92f5f938599f7a51ef12f632a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:08:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cutt.us
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
daace4bd48406b136a29d78091a42501.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB81 6 KB
3 KB 233ms
76ms Document
text/html 2607:f8b0:4024:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://daace4bd48406b136a29d78091a42501.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c01::84 Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cutt.us/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 15:08:44 GMT
expires: Sat, 30 Nov 2024 15:08:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

Primary Request / Show response
z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
Redirect Chain

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651
http://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

4 KB
1 KB

100ms
100ms

Document
text/html

63.250.43.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

Requested by

Host: cutt.us
URL: https://cutt.us/S0qJP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

2b312f8abcdf227cf484a505ab74191e5fe8fb8e54e5a8916ad3f27f955d286e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cutt.us/S0qJP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2367
cache-control: public
content-encoding: gzip
content-length: 987
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 14:29:18 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: HIT
x-cacheable: YES
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
Non-Authoritative-Reason: HSTS

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 265ms
77ms XHR
application/json 2607:f8b0:4024:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311280101/pubads_impl.js?cb=31079856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4024:c00::9d Clarksville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cutt.us/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:08:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12295
x-xss-protection: 0

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

POST collect
www.google-analytics.com/g/ 0
0

GET
H2 200 bootstrap.min.css
z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ 220 KB
25 KB 211ms
210ms Stylesheet
text/css 63.250.43.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/bootstrap.min.css

Requested by

Host: z-df8799.ingress-haven.ewp.live
URL: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

ba22feb7f9e3cfb87ee563fcecd7d5d39902f2d51e50802be5b997c55085fbb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 2367
x-cache: HIT
content-length: 24651
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Nov 2022 11:20:50 GMT
server: nginx
etag: W/"63679892-37151"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ 2 KB
1 KB 108ms
107ms Stylesheet
text/css 63.250.43.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/style.css

Requested by

Host: z-df8799.ingress-haven.ewp.live
URL: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

d9c3215ee489dc3dbfeeb024e6f6b9a999c914e73b65d3c4420bb6dbf281a969

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 2367
x-cache: HIT
content-length: 618
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Nov 2022 11:20:50 GMT
server: nginx
etag: W/"63679892-7c3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app-feautures.png
z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ 287 KB
288 KB 212ms
211ms Image
image/png 63.250.43.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/app-feautures.png

Requested by

Host: z-df8799.ingress-haven.ewp.live
URL: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

6d34dfed3801add844f361ba2325c9a58e5f857715b4f308160458a9c711b1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:18 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 2367
x-cache: HIT
content-length: 293735
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Nov 2022 11:20:50 GMT
server: nginx
etag: "63679892-47b67"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instagram-logo.png
z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ 12 KB
12 KB 210ms
209ms Image
image/png 63.250.43.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/instagram-logo.png

Requested by

Host: z-df8799.ingress-haven.ewp.live
URL: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

e82f19a88de9d4735949b76fd196fd0d542c464b3d03091dd7ff9fb5a12c72a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:18 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 2367
x-cache: HIT
content-length: 12281
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Nov 2022 11:20:50 GMT
server: nginx
etag: "63679892-2ff9"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook-logo.png
z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ 7 KB
7 KB 519ms
518ms Image
image/png 63.250.43.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/facebook-logo.png

Requested by

Host: z-df8799.ingress-haven.ewp.live
URL: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:19 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 2367
x-cache: HIT
content-length: 6690
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Nov 2022 11:20:50 GMT
server: nginx
etag: "63679892-1a22"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 playstore.png
z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ 10 KB
10 KB 520ms
520ms Image
image/png 63.250.43.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/playstore.png

Requested by

Host: z-df8799.ingress-haven.ewp.live
URL: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

583714033cab0d76045a8d4bbfb2326983f40d5c2cfa239e9527da9617686e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:18 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 2367
x-cache: HIT
content-length: 10071
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Nov 2022 11:20:50 GMT
server: nginx
etag: "63679892-2757"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 appstore.png
z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/ 4 KB
4 KB 519ms
519ms Image
image/png 63.250.43.145
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/appstore.png

Requested by

Host: z-df8799.ingress-haven.ewp.live
URL: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.145 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-haven.ewp.live

Software

nginx /

Resource Hash

14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://z-df8799.ingress-haven.ewp.live/wp-content/plugins/A/insta/5451589651/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 14:29:18 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 2367
x-cache: HIT
content-length: 3754
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Nov 2022 11:20:50 GMT
server: nginx
etag: "63679892-eaa"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-ZBQ2JYBBZ5&gtm=45je3bt0v9124577564&_p=1701443323764&gcd=11l1l1l1l1&dma=0&cid=1653799362.1701443324&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=2&sid=1701443324&sct=1&seg=0&dl=https%3A%2F%2Fcutt.us%2FS0qJP&dt=S0qJP&en=user_engagement&_et=2097&tfd=3016

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture boolean| wasSubmitted function| checkBeforeSubmit

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cutt.us/	1970-01-20 16:38:49	Name: _gid Value: GA1.2.1114576459.1701443324
.cutt.us/	1970-01-20 16:37:23	Name: _gat_gtag_UA_31510493_1 Value: 1
.cutt.us/	1970-01-21 02:13:23	Name: _ga Value: GA1.1.1653799362.1701443324
.doubleclick.net/	1970-01-20 16:37:24	Name: test_cookie Value: CheckForPermission
.cutt.us/	1970-01-21 01:58:59	Name: __gads Value: ID=db482224ba885dea:T=1701443324:RT=1701443324:S=ALNI_Man8Kt4HQzbbj3g0dg3DgFbwatpBA
.cutt.us/	1970-01-21 01:58:59	Name: __gpi Value: UID=00000da5013c9dd0:T=1701443324:RT=1701443324:S=ALNI_Ma-1uGO4zDJMxkDyVbvZ0i60Db1rA
.cutt.us/	1970-01-21 02:13:23	Name: _ga_ZBQ2JYBBZ5 Value: GS1.1.1701443324.1.0.1701443326.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cutt.us
daace4bd48406b136a29d78091a42501.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
z-df8799.ingress-haven.ewp.live
tpc.googlesyndication.com
www.google-analytics.com
2001:4860:4802:32::178
2607:f8b0:4024:c00::9a
2607:f8b0:4024:c00::9d
2607:f8b0:4024:c01::61
2607:f8b0:4024:c01::84
2607:f8b0:4024:c02::9a
63.250.43.145
69.61.26.121
09bd288c710df4b73d141160bc00ed08afdbabfd72d5db2d14dd26131137e5ca
14c09561486ba385a8a62bc0a8b41e03638a6334648113a7f28be47271eccb5e
1d115b69bba0aef8485c3107f9ebec40cbdfbb69d7710e9fadf812e3d9ce4517
2b312f8abcdf227cf484a505ab74191e5fe8fb8e54e5a8916ad3f27f955d286e
3c45ce612f41b1e7936e7cf5b235047344fd3146d1630e342f186d1d1e8e00d5
583714033cab0d76045a8d4bbfb2326983f40d5c2cfa239e9527da9617686e6b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d34dfed3801add844f361ba2325c9a58e5f857715b4f308160458a9c711b1bc
7842386b277cbac8deccffe6e4f6f60f6316037d853e63bd7325b49e9d0d2e21
7e071e5b39d13cef80f7a46d854de133fd73c15d1351ebcf7e1f1b48821e7aeb
b5f7c35a09a020c0374d53c7b35aca01143cb92f5f938599f7a51ef12f632a29
ba22feb7f9e3cfb87ee563fcecd7d5d39902f2d51e50802be5b997c55085fbb8
c3b9170220442e595255a1e36be0b4972238bdfd67e0ab2b794ed66fda2a8424
d9c3215ee489dc3dbfeeb024e6f6b9a999c914e73b65d3c4420bb6dbf281a969
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58632a77a4e500dcfc7a7ac40ea7b882edd9d5d24b93f3f9f6d8f0c6c82ab96
e82f19a88de9d4735949b76fd196fd0d542c464b3d03091dd7ff9fb5a12c72a8

z-df8799.ingress-haven.ewp.live Open in urlscan Pro 63.250.43.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

75 %IPv6

7 Domains

9 Subdomains

9 IPs

1 Countries

700 kBTransfer

1553 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

7 Cookies

Security Headers

Indicators

z-df8799.ingress-haven.ewp.live Open in urlscan Pro
63.250.43.145 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

9
IPs

1
Countries

700 kB
Transfer

1553 kB
Size

7
Cookies

22 HTTP transactions
0 data transactions