urlscan.io logo urlscan.io
SecurityTrails logo

crypto030.online Open in urlscan Pro
2a0d:c580:1:3::24b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.us/NqgZ0wTt
Effective URL: https://crypto030.online/
Submission: On May 18 via api from HK — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 20 HTTP transactions. The main IP is 2a0d:c580:1:3::24b, located in Russian Federation and belongs to ASKONTEL, RU. The main domain is crypto030.online.
TLS certificate: Issued by R3 on May 15th 2023. Valid for: 3 months.
This is the only time crypto030.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    69.61.26.123 (Atlanta, United States)

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)
cutt.us
1    2607:f8b0:400c:c36::9c (Charleston, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2607:f8b0:400c:c01::61 (Charleston, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:400c:c06::9c (Charleston, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2607:f8b0:400c:c36::8b (Charleston, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:400c:c38::9c (Charleston, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2607:f8b0:400c:c0a::84 (Charleston, United States)

ASN15169 (GOOGLE, US)
1c7395d7203fec61c0a3690d3f86a6d9.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2607:f8b0:400c:c09::84 (Charleston, United States)

ASN15169 (GOOGLE, US)
hotgrls1654.page.link
1    185.244.43.80 (Russian Federation)

ASN204490 (ASKONTEL, RU)
PTR: 392491.cloud4box.ru
tdsintegrations12.online
2    2a0d:c580:1:3::24b (Russian Federation)

ASN204490 (ASKONTEL, RU)
crypto030.online
4    2607:f8b0:400c:c36::9d (Charleston, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2607:f8b0:400c:c1a::63 (Charleston, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
1c7395d7203fec61c0a3690d3f86a6d9.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
40 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
127 KB
2 crypto030.online
crypto030.online
91 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
1 tdsintegrations12.online
tdsintegrations12.online
799 B
1 page.link
hotgrls1654.page.link
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
46 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
25 KB
1 cutt.us
cutt.us — Cisco Umbrella Rank: 654450
2 KB
20 10
Domain Requested by
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 crypto030.online cutt.us
crypto030.online
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.com tpc.googlesyndication.com
1 tdsintegrations12.online 1 redirects
1 hotgrls1654.page.link 1 redirects
1 1c7395d7203fec61c0a3690d3f86a6d9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 www.googletagmanager.com cutt.us
1 www.googletagservices.com cutt.us
1 cutt.us
20 13

This site contains no links.

Subject Issuer Validity Valid
cutt.us
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
crypto030.online
R3		 2023-05-15 -
2023-08-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-01 -
2023-07-24		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://crypto030.online/
Frame ID: A640E5A5B0590D34F11E2B2537757956
Requests: 14 HTTP requests in this frame

Frame: https://1c7395d7203fec61c0a3690d3f86a6d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2A2143F2DC88E36BC02FD76EEFD1265A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6997AC9FF7068C21EDB34ED0DA6A54BD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2105A972FEBAE5F80A13891252B5AA1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Website crypto025.online is ready. The content is to be added

Page URL History Show full URLs

  1. https://cutt.us/NqgZ0wTt Page URL
  2. https://hotgrls1654.page.link/9CzK HTTP 302
    https://tdsintegrations12.online/pvJ739Lj HTTP 302
    https://crypto030.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

83 %
IPv6

10
Domains

13
Subdomains

10
IPs

2
Countries

353 kB
Transfer

833 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.us/NqgZ0wTt Page URL
  2. https://hotgrls1654.page.link/9CzK HTTP 302
    https://tdsintegrations12.online/pvJ739Lj HTTP 302
    https://crypto030.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
NqgZ0wTt
cutt.us/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cutt.us/NqgZ0wTt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.123 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software
Hotcores.com /
Resource Hash
e4eba0d36e10ec34af861c9851fce9eec8d9629506d2974c05912019237b22c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Date
Thu, 18 May 2023 03:07:56 GMT
I-AM
Gamma
Pragma
no-cache
Server
Hotcores.com
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex, nofollow
gpt.js
www.googletagservices.com/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cutt.us
URL: https://cutt.us/NqgZ0wTt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c36::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9029faaafed220abdaed51d20d3d1bcf9af62272157829aec09ccc6ecc4cdbba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 03:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25356
x-xss-protection
0
server
cafe
etag
683 / 19495 / m202305110101 / config-hash: 8928202743476736096
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 18 May 2023 03:13:51 GMT
js
www.googletagmanager.com/gtag/ 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Requested by
Host: cutt.us
URL: https://cutt.us/NqgZ0wTt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c01::61 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3cff52711c48f4ffc264f7814428b8703733e23230c3bfe260321d4a4e33568f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 03:13:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
46251
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 May 2023 03:13:51 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/ 		406 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c06::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 02:28:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
2707
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128048
x-xss-protection
0
server
cafe
etag
352811828592807000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 17 May 2024 02:28:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		29 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cutt.us
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c06::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 03:13:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
expires
Thu, 18 May 2023 03:13:51 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c36::8b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 May 2023 01:34:03 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
5988
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Thu, 18 May 2023 03:34:03 GMT
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=627961051&t=pageview&_s=1&dl=https%3A%2F%2Fcutt.us%2FNqgZ0wTt&ul=en-us&de=UTF-8&dt=NqgZ0wTt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1145684634&gjid=1654318087&cid=1821584981.1684379632&tid=UA-31510493-1&_gid=611979015.1684379632&_r=1&gtm=457e35a0&jsscut=1&z=1374495998
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c36::8b Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cutt.us/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 May 2023 03:13:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://cutt.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cutt.us
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c38::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 03:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		655 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1651588444789396&correlator=78757749468640&eid=31074681%2C31074684&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fif&iu_parts=5837603%2CCutt_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=1933368604&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1684379632104&lmt=1684379632&dlt=1684379631489&idt=585&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcutt.us%2FNqgZ0wTt&frm=20&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1821584981.1684379632&ga_sid=1684379632&ga_hid=627961051&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c06::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
073ccb3efbcb2192fb1232ab1ee86d7ce186eb68c182e33882229fa7979afe81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 03:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
333
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cutt.us
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1c7395d7203fec61c0a3690d3f86a6d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A21 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1c7395d7203fec61c0a3690d3f86a6d9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 18 May 2023 03:13:52 GMT
expires
Fri, 17 May 2024 03:13:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Primary Request /
crypto030.online/
Redirect Chain
  • https://hotgrls1654.page.link/9CzK
  • https://tdsintegrations12.online/pvJ739Lj
  • https://crypto030.online/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crypto030.online/
Requested by
Host: cutt.us
URL: https://cutt.us/NqgZ0wTt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3::24b , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
3df6d669f069173fe711f75b2ce45ab4c5a0ad8f9473bc87fe4506168365646b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://cutt.us/NqgZ0wTt
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=43200
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 May 2023 03:13:54 GMT
Expires
Thu, 18 May 2023 15:13:54 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=31536000;
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 18 May 2023 03:13:53 GMT
Expires
0
Last-Modified
Thu, 18 May 2023 03:13:53 GMT
Location
https://crypto030.online
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c36::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 03:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11210
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 03:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 18 May 2023 03:13:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6997 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c0a::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cutt.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
453094
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 12 May 2023 21:22:18 GMT
expires
Sat, 11 May 2024 21:22:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C210 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c1a::63 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QjvHb9IB94cfDnwJM5A1pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cutt.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-QjvHb9IB94cfDnwJM5A1pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 18 May 2023 03:13:52 GMT
expires
Thu, 18 May 2023 03:13:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
pagead2.googlesyndication.com/bg/ Frame 6997 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c36::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 16 May 2023 05:28:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
164727
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14779
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 May 2024 05:28:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C210 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305110101&jk=1651588444789396&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c36::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6997 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yBAHgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c0a::84 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 03:13:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305110101&jk=1651588444789396&bg=!paalpvLNAAYldGN0BXQ7ADkAdvg8WnNUhqfvYI7ETo-xaVcXWZNfH9WL2G1NC3pj2a4D28N6CplJYsGcv-tI4-gWnGQdJejOcW4CAAAAUlIAAAADaAEHmQKVUhpw4m1jTO6YXy75kHMyaouYqhN7mMt9B9jUSoTWj90d3NS0ULKglS3Ye_O4MYO6aTNq6ulAovdxfKvFuMrHvIjSiiin8lmnAemrsItl17Wa1td-ruoc6ia_T-vr8-Hz_2n5aWWZ57LMhUUA05qNVi5SaPEah38h4arvs8U142bdIWsqOyRjjd4Uw4W-YaVy8FUUATPMl_KnAPwb4R9qZo0k3FW4IjDIRHKhU4HOtDoMZFuLcqZfqJ07cUHcn6GOZzJuEaP2Io4AMlIVYb7alVxecB1hDaa3aZUL6B38FLMPUb8lIbKHNhj7mwMPlrhftvj1lcYj8Eg6OPkCLsRqQ44xiOZo3lrLk_nHpLSk-L2E54_W6yLNT8JZ2BcrbKYdZTwa6QydfQZRME6O11X6qN0_LtLAJCOHZpTZvKzj4V5v07eGyHoFU4dDVmUdJLeh4RnL5GjlT1baQMpiiaVxKX0dqo8Dwarp3g6JWpOLpUMK6c7890W4pMlsxsLt--BpwUvGeUAfmZGWjICpZADQMlB3HpMs6cqp-cJXpHqw_rt53x2v9bcTo9zVb083H01n6mvIFjdA3FdatPySSKYAHmwav53rAYIk_PJpBFL-3S3LxzhJpb77iM70hYHCfvZsArOwS213NAQJcHodKYeDvPBivpTxVJkNwUCLnyDcToiK_MtEu-hHPfH0KP1tHzOHPVIecOfl1NwFVizZ-kv8ZfRjUGlK-56IvgRSPe9YkhVwYkif5h2PW7HzbytB76AMLSZ6bN8n7Y9mA9JsimUgHD1ifLZVAmJHewYcOBcPKvgp1SKNul7u0_JjdisuwqHSjWeKTEYDZ2FJ9EOq9yWFAcO7YWXTtBVhrB7s6nTuKL70n4sF7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400c:c36::9d Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cutt.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
captcha.jpeg
crypto030.online/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crypto030.online/captcha.jpeg
Requested by
Host: crypto030.online
URL: https://crypto030.online/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a0d:c580:1:3::24b , Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx/1.20.2 /
Resource Hash
936b48d7083971caa68bb71a078c13730b7a4ef4637437966956c013db7527fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://crypto030.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Thu, 18 May 2023 03:13:54 GMT
Strict-Transport-Security
max-age=31536000;
Last-Modified
Fri, 17 Mar 2023 12:19:30 GMT
Server
nginx/1.20.2
ETag
"64145ad2-16590"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91536

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

8 Cookies

Domain/Path Name / Value
.cutt.us/ Name: _ga
Value: GA1.2.1821584981.1684379632
.cutt.us/ Name: _gid
Value: GA1.2.611979015.1684379632
.cutt.us/ Name: _gat_gtag_UA_31510493_1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.cutt.us/ Name: __gads
Value: ID=2f4fb65868bb6370:T=1684379632:S=ALNI_MY1ia4mGC-5_y7IacRbu7ve8WIuIA
.cutt.us/ Name: __gpi
Value: UID=000009f345abf7b2:T=1684379632:RT=1684379632:S=ALNI_MaV4HAkCJibdbr-dYwgvjbprDNIYA
tdsintegrations12.online/ Name: _subid
Value: 21apt2o114tl1
tdsintegrations12.online/ Name: 9a49b
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEzMVwiOjE2ODQzNzk2MzN9LFwiY2FtcGFpZ25zXCI6e1wiMTdcIjoxNjg0Mzc5NjMzfSxcInRpbWVcIjoxNjg0Mzc5NjMzfSJ9.uu0re7LmEW-OvdIsddHiHIyGEZS2rvQ8eSEGMFvz_84

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1c7395d7203fec61c0a3690d3f86a6d9.safeframe.googlesyndication.com
adservice.google.com
crypto030.online
cutt.us
hotgrls1654.page.link
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tdsintegrations12.online
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
185.244.43.80
2607:f8b0:400c:c01::61
2607:f8b0:400c:c06::9c
2607:f8b0:400c:c09::84
2607:f8b0:400c:c0a::84
2607:f8b0:400c:c1a::63
2607:f8b0:400c:c36::8b
2607:f8b0:400c:c36::9c
2607:f8b0:400c:c36::9d
2607:f8b0:400c:c38::9c
2a0d:c580:1:3::24b
69.61.26.123
073ccb3efbcb2192fb1232ab1ee86d7ce186eb68c182e33882229fa7979afe81
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
3cff52711c48f4ffc264f7814428b8703733e23230c3bfe260321d4a4e33568f
3df6d669f069173fe711f75b2ce45ab4c5a0ad8f9473bc87fe4506168365646b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
9029faaafed220abdaed51d20d3d1bcf9af62272157829aec09ccc6ecc4cdbba
936b48d7083971caa68bb71a078c13730b7a4ef4637437966956c013db7527fe
9485e103a1f890385ba2aeab76aa5b1c5adcb872527ea4ad64492edc137a4814
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
e4eba0d36e10ec34af861c9851fce9eec8d9629506d2974c05912019237b22c3
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44