Report - goddamn-scopes.000webhostapp.com/

Report Overview

Submitted URL
goddamn-scopes.000webhostapp.com/
IP
145.14.144.104
ASN
#204915 Hostinger International Limited
Submitted
2022-09-25 21:07:40
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.paypalobjects.com	1467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	92 kB	151.101.86.133
b.stats.paypal.com	4424	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	540 B	473 B	64.4.245.84
goddamn-scopes.000webhostapp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	53 kB	145.14.144.104
dub.stats.paypal.com	16487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	543 B	297 B	64.4.245.84
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.39.175.179
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.27
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.4 kB	93.184.220.29
c.paypal.com	5656	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.5 kB	24 kB	151.101.129.35
c6.paypal.com	6781	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	630 B	151.101.85.35
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	23.36.76.226
t.paypal.com	3487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	2.3 kB	151.101.193.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-25	medium	goddamn-scopes.000webhostapp.com/	PayPal Inc.
2022-09-25	medium	goddamn-scopes.000webhostapp.com/	PayPal Inc.
2022-09-25	medium	goddamn-scopes.000webhostapp.com/	PayPal Inc.
2022-09-25	medium	goddamn-scopes.000webhostapp.com/	PayPal Inc.
2022-09-25	medium	goddamn-scopes.000webhostapp.com/	PayPal Inc.
2022-09-25	medium	goddamn-scopes.000webhostapp.com/	PayPal Inc.
2022-09-25	medium	goddamn-scopes.000webhostapp.com/	PayPal Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-25	medium	goddamn-scopes.000webhostapp.com/auth/createchallenge/ed2cd00d8cd158aa/recaptchav3.js	Phishing
2022-09-25	medium	goddamn-scopes.000webhostapp.com/	Phishing
2022-09-25	medium	goddamn-scopes.000webhostapp.com/signin/load-resource	Phishing
2022-09-25	medium	goddamn-scopes.000webhostapp.com/signin/client-log	Phishing
2022-09-25	medium	goddamn-scopes.000webhostapp.com/auth/createchallenge/1672bb27d7fbc367/challenge.js	Phishing
2022-09-25	medium	goddamn-scopes.000webhostapp.com/signin/client-log	Phishing
2022-09-25	medium	goddamn-scopes.000webhostapp.com/signin/cookie-banner	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	goddamn-scopes.000webhostapp.com/	3.8 kB	2023-03-07	2024-04-01
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:12:26 Last Seen2024-04-01 18:47:28 Times Seen79 Hash 9387f3267f0c61270981823f47a25e4e 1311939d2940ff54c38d8f0d02ee48466eab2ce9 ce7a722515f18cf49a0725a6492554e80d3c2f01307002067cc346cb6d7745c0 Loading...

	goddamn-scopes.000webhostapp.com/	416 B	2023-03-07	2024-04-21
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:18 Last Seen2024-04-21 19:35:09 Times Seen173 Hash 700c727fa8e19f357a07bb4dcb8a42fd 8c56296b170e30e69d6e99c5547b59b0661e9439 2e47514313cbc9b53436dc971883fe4bbd74b05e2fa5b58423fa853eea174527 Loading...

	goddamn-scopes.000webhostapp.com/	5.1 kB	2023-03-08	2023-12-22
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:38:05 Last Seen2023-12-22 04:34:27 Times Seen35 Hash 42417379e702956f865e1e2f5f4f92fb 14fa398a3b2f03bd1cea8929a43ae668de9445aa 88003aa84a44fe1451cf8b91582e9b4ea3ec52e5e87a39bbffbc9c669ff0bf5c Loading...

	www.paypalobjects.com/pa/js/min/pa.js	57 kB	2023-03-07	2023-03-17
Pretty URL www.paypalobjects.com/pa/js/min/pa.js IP 151.101.86.133 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:57:05 Last Seen2023-03-17 12:32:19 Times Seen1 Hash 3e6a9a781fe5fc8a7125309ed8514416 94f68b2c0782bbb04946240bf25178ee946ecd80 2a4a8dfbe067cb759d312253f775e7f23f835f6974d470f40920f611413c9d3c Loading...

	goddamn-scopes.000webhostapp.com/	985 B	2023-03-08	2023-12-22
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:38:05 Last Seen2023-12-22 04:34:27 Times Seen35 Hash e1e87f94fb006daa02cae8d3eeeda4d8 91e6f885c23681ba0078a37b380399d08b3baf01 92275f613bfcaee68938b91a80a781e76607c47aba182d40ced62a88f5df5fe0 Loading...

	www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/js/lib/tealeaf-ul-prod_domcap.min.js	113 kB	2023-03-08	2023-12-22
Pretty URL www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/js/lib/tealeaf-ul-prod_domcap.min.js IP 151.101.86.133 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:38:05 Last Seen2023-12-22 04:34:27 Times Seen37 Hash 8d90bd222bf1e146e1f0bfd45f728d03 086b5cb1f81d9acacd4896b3d4ccef1b56538c33 22027bb7a536c4631d05950c052600da4e4e6b697c0ffee2189da38e05857466 Loading...

	www.paypalobjects.com/web/res/c54/359e968cf4b91a2096b1cc7bb621b/js/xhr-ads.min.js	22 kB	2023-03-08	2023-12-22
Pretty URL www.paypalobjects.com/web/res/c54/359e968cf4b91a2096b1cc7bb621b/js/xhr-ads.min.js IP 151.101.86.133 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:38:05 Last Seen2023-12-22 04:34:27 Times Seen69 Hash 102d8a54213cfd241a2b95cd3df33612 4155d08be64bead82132514e37c4a35407f46fbf 3ba795672c78c8f0f52ecd5d1a0a317d1e5c059509a6bead9d26b46fc831d83b Loading...

	goddamn-scopes.000webhostapp.com/	543 B	2023-03-08	2023-12-22
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:38:05 Last Seen2023-12-22 04:34:27 Times Seen35 Hash 92c91e2e9bbdf820e5904feddc31c302 250978bd71dde779eb2d91d7a0fd4fafca333b56 030f98efb324b190e24c024e2ecf85a010901748614e6319076a62555a7f3bc6 Loading...

	goddamn-scopes.000webhostapp.com/	155 B	2023-03-08	2023-12-22
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:38:05 Last Seen2023-12-22 04:34:27 Times Seen35 Hash d40870addacadf345e11312bde54c35f 521422882f6ef7eb170383baa0d70457d200e7ea fdb4a80b1f4c5c69a2c021a571094dfdf05907a80f20af6ce7312525ec380247 Loading...

	goddamn-scopes.000webhostapp.com/	4.9 kB	2023-03-07	2024-01-22
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:12:26 Last Seen2024-01-22 17:52:12 Times Seen49 Hash cb412f745ffb5c74cfd72d632ca0b3df fe13e8f2cb6dc11f1c7a59c2836ef7c7cab8086f 02e9ccbf550308469fc6dfd9cbf12064fd46a55d085ac91e87e86f8676ec41d4 Loading...

	goddamn-scopes.000webhostapp.com/	225 B	2023-03-07	2024-04-21
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:18 Last Seen2024-04-21 19:35:09 Times Seen133 Hash 7dfdd27a2e7dc724699bd919ceaab5bf 41a118ae6c6b786193750c8dd3337a40cb668510 f508bdb8156010e35f4c01bbe071be6e1da6ae6dbf2b947b276b68b6b2245dfb Loading...

	goddamn-scopes.000webhostapp.com/	111 kB	2023-03-08	2023-12-22
Pretty URL goddamn-scopes.000webhostapp.com/ IP 145.14.144.104 ASN #204915 Hostinger International Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:38:05 Last Seen2023-12-22 04:20:05 Times Seen4 Hash 6bac1bc515dc2f2dc698f12da6f3e1b5 ccce470e7aeafa70d2cf78341992bf14bda26c3c 95781901c0b967bf46b1d4aee94360f145cbdc1745ef6d9c4365df784655828f Loading...

HTTP Transactions (46)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 20:15:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KhSVlBEfcJx8iFX_B7CbX2ZdoQqeGTGANBfOiSeVnMstiLsIePECDw==
Age: 3143

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5613
Expires: Sun, 25 Sep 2022 22:41:02 GMT
Date: Sun, 25 Sep 2022 21:07:29 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U7LsxOXHwxHvoVGR459hmRu8T1554S1MmINzCePvZ2_OO5QjwM6iBA==
age: 59535
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e728be090cf6e6ff0935be5d9cca9a87
7a5a674ef2f990d5e6fdc3568c369d3a76f74ff9
20dbdaa3275c45469dd4dfcfad97ee9483e47e4684d676186919716c1660b78a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1930
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:29 GMT
Last-Modified: Sun, 25 Sep 2022 20:35:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e728be090cf6e6ff0935be5d9cca9a87
7a5a674ef2f990d5e6fdc3568c369d3a76f74ff9
20dbdaa3275c45469dd4dfcfad97ee9483e47e4684d676186919716c1660b78a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3110
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:29 GMT
Last-Modified: Sun, 25 Sep 2022 20:15:39 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e728be090cf6e6ff0935be5d9cca9a87
7a5a674ef2f990d5e6fdc3568c369d3a76f74ff9
20dbdaa3275c45469dd4dfcfad97ee9483e47e4684d676186919716c1660b78a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3122
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:29 GMT
Last-Modified: Sun, 25 Sep 2022 20:15:27 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e728be090cf6e6ff0935be5d9cca9a87
7a5a674ef2f990d5e6fdc3568c369d3a76f74ff9
20dbdaa3275c45469dd4dfcfad97ee9483e47e4684d676186919716c1660b78a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1930
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:29 GMT
Last-Modified: Sun, 25 Sep 2022 20:35:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

151.101.86.133

200 OK

1.7 kB

URL HTTP/2
www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
PNG image data, 224 x 200, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1709 bytes)
Hash
01f70242c93a7a45b8fd6ee1a56aba6b
396950270473fe9149c24a251885f7ed7efd6134
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139

HTTP Headers

GET /images/shared/glyph_alert_critical_big-2x.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "e3ulSVTzLS+1hMwG/oqsG+jIfAa7MoSaV806RZTn6+w"
fastly-io-info: ifsz=5828 idim=224x200 ifmt=png ofsz=1709 odim=224x200 ofmt=png
fastly-stats: io=1
paypal-debug-id: b81b460757e6d
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10042-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 15581, 6825
x-timer: S1664140050.645036,VS0,VE0
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1709
X-Firefox-Spdy: h2

www.paypalobjects.com/images/shared/icon-PN-check.png

151.101.86.133

200 OK

1.2 kB

URL HTTP/2
www.paypalobjects.com/images/shared/icon-PN-check.png
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
PNG image data, 121 x 133, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1238 bytes)
Hash
4014dbe27b6642b8539a8220a59a518f
193e344cf36dd9bd88b6b691e32089078b14a4e7
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24

HTTP Headers

GET /images/shared/icon-PN-check.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "49vz/MoiBvXh6ILc659PTN8gH45nwBXy23o3w9v7cpc"
fastly-io-info: ifsz=2236 idim=121x133 ifmt=png ofsz=1238 odim=121x133 ofmt=png
fastly-stats: io=1
paypal-debug-id: a62b3a2ce2f32
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10029-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 26333, 9
x-timer: S1664140050.645010,VS0,VE0
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1238
X-Firefox-Spdy: h2

www.paypalobjects.com/web/res/c54/359e968cf4b91a2096b1cc7bb621b/js/xhr-ads.min.js

151.101.86.133

200 OK

6.4 kB

URL HTTP/2
www.paypalobjects.com/web/res/c54/359e968cf4b91a2096b1cc7bb621b/js/xhr-ads.min.js
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (21544), with no line terminators
Size
6.4 kB (6352 bytes)
Hash
09817f168da47c7e2b200389f31c786b
272adba667fe94a9fc2f38b1a44e6fea99b2a4aa
07f286c6423a24d18e2f699dd6123b2ce75a9fe30adce4cf000bde76b18551a4

HTTP Headers

GET /web/res/c54/359e968cf4b91a2096b1cc7bb621b/js/xhr-ads.min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"5c99e330-5428"
expires: Tue, 19 Sep 2023 11:32:28 GMT
last-modified: Tue, 26 Mar 2019 08:30:40 GMT
paypal-debug-id: f63dcff097bfd
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000f63dcff097bfd-8e802467329e2d2b-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10082-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664140050.645054,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 6352
X-Firefox-Spdy: h2

www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/css/contextualLogin.css

151.101.86.133

200 OK

15 kB

URL HTTP/2
www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/css/contextualLogin.css
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
15 kB (15198 bytes)
Hash
773671e1d0d17f58a076565aecc62843
d4d3f7abfca809d6e0c252e175bdbf0824a34d4e
7b53d70cf4c5db4de8271f73706d3185518121f487e5ff57119bd03486c0c6b0

HTTP Headers

GET /web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/css/contextualLogin.css HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-headers: x-csrf-token
content-encoding: gzip
content-type: text/css
etag: W/"5d5e22f0-15bba"
expires: Wed, 06 Sep 2023 10:07:06 GMT
last-modified: Thu, 22 Aug 2019 05:06:56 GMT
paypal-debug-id: e157078e02828
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000e157078e02828-86f8cf1be653e6d2-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10038-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664140050.651666,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 15198
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/js/min/pa.js

151.101.86.133

200 OK

22 kB

URL HTTP/2
www.paypalobjects.com/pa/js/min/pa.js
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (56537)
Size
22 kB (21560 bytes)
Hash
035c129f0b87fb076d4d70a5116d099e
f300cca8a79314d55c1fad7453acac84a58fca5e
40933a9189556d305d5cbf36fb47170229696a744860a4ee02eeadb4c4929bd9

HTTP Headers

GET /pa/js/min/pa.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"63225d02-dcf5"
last-modified: Wed, 14 Sep 2022 23:00:18 GMT
paypal-debug-id: 774657e948e05
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000774657e948e05-328f6f9d29a43582-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10078-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 8724
x-timer: S1664140050.688395,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 21560
X-Firefox-Spdy: h2

www.paypalobjects.com/images/shared/paypal-logo-129x32.svg

151.101.86.133

200 OK

1.9 kB

URL HTTP/2
www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.9 kB (1932 bytes)
Hash
796be015d691467b94dc2617ed1b009a
cfb268c516c0d6b3d05bdac25a3557eeab59c499
c442af9b78ab4ee99c8a248a98f4ee1cdac6bd841f5daa6950ce9677aac2a506

HTTP Headers

GET /images/shared/paypal-logo-129x32.svg HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/css/contextualLogin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=3600
content-encoding: gzip
content-type: image/svg+xml
etag: W/"544ad849-1351"
last-modified: Fri, 24 Oct 2014 22:52:57 GMT
paypal-debug-id: 1c098630023be
dc: phx-origin-www-2.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10031-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 24, 3
x-timer: S1664140050.728180,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=31557600
content-length: 1932
X-Firefox-Spdy: h2

www.paypalobjects.com/webstatic/icon/pp64.png

151.101.86.133

200 OK

1.7 kB

URL HTTP/2
www.paypalobjects.com/webstatic/icon/pp64.png
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1745 bytes)
Hash
de1ba89339f0a1addf3aaa930cd3e461
d29ffd216b865aa95798758aaccbed3a654139c3
af0887bb94e12e0bfc49f20335693e68b43c993885d6f1cf95d3830ce88565c0

HTTP Headers

GET /webstatic/icon/pp64.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "WxEn9yGH+kBq+xbUh4K1VFdViFyyxkv58VcTdG5vmJA"
fastly-io-info: ifsz=4518 idim=64x64 ifmt=png ofsz=1745 odim=64x64 ofmt=png
fastly-stats: io=1
paypal-debug-id: de0b1f02cd64d
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10059-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 480, 1114
x-timer: S1664140050.811930,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 1745
X-Firefox-Spdy: h2

goddamn-scopes.000webhostapp.com/auth/createchallenge/ed2cd00d8cd158aa/recaptchav3.js

145.14.144.104

404 Not Found

5.2 kB

URL HTTP/2
goddamn-scopes.000webhostapp.com/auth/createchallenge/ed2cd00d8cd158aa/recaptchav3.js
IP
145.14.144.104:0
ASN
#204915 Hostinger International Limited

File type
data
Size
5.2 kB (5213 bytes)
Hash
e8d8af9f20026a423e40e741f9028e27
0810e0535a93dcb29f57c45d513d18a4c76b120f
fd4c178e8a794407b2854d626f5d593d2ff4c24318f4f73ad7700b1b26faa50f

Detections

Analyzer	Verdict	Alert
openphish	PayPal Inc.
fortinet	Phishing

HTTP Headers

GET /auth/createchallenge/ed2cd00d8cd158aa/recaptchav3.js HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: bd038133f6bc86e5e8d9d7a78ad96b24
content-encoding: gzip
X-Firefox-Spdy: h2

www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/js/lib/tealeaf-ul-prod_domcap.min.js

151.101.86.133

200 OK

36 kB

URL HTTP/2
www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/js/lib/tealeaf-ul-prod_domcap.min.js
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65216), with CRLF, LF line terminators
Size
36 kB (36036 bytes)
Hash
9d07770068dbab3536a1d14f258fcb3c
a5a568da2700f9280564c8deedd75f1400618ae6
bbde326b3394904a38db3222dd172ee93b799373ab9c620d1b2bafa49d0b4ca7

HTTP Headers

GET /web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/js/lib/tealeaf-ul-prod_domcap.min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"5d5e22f0-1b83e"
expires: Tue, 19 Sep 2023 19:30:33 GMT
last-modified: Thu, 22 Aug 2019 05:06:56 GMT
paypal-debug-id: c342c38406948
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000c342c38406948-1eb6ed95e3b5b559-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10073-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664140050.848607,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 36036
X-Firefox-Spdy: h2

c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js

151.101.129.35

200 OK

18 kB

URL HTTP/2
c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
IP
151.101.129.35:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (59357), with no line terminators
Size
18 kB (18320 bytes)
Hash
9d81e444fddbbd28d5bab43ea0334f84
6ce9400e0ed66dd1ab0752713c3339c70fad4a0a
4ade47b59baf164e64671b9ca5380b7b994d8f92c45d005a8e10f795eb637527

HTTP Headers

GET /webstatic/r/fb/fb-all-prod.pp2.min.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
content-type: application/javascript
dc: ccg11-origin-www-1.paypal.com
etag: "60271d89-e7e3+ident+gzip"
last-modified: Sat, 13 Feb 2021 00:30:01 GMT
paypal-debug-id: 550bae946a28f
server: ECAcc (nya/7980)
traceparent: 00-0000000000000000000550bae946a28f-b90bfdd4dde7215c-01
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
via: 1.1 varnish
age: 1024286
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 3
x-timer: S1664140050.918068,VS0,VE1
vary: Accept-Encoding
expires: Mon, 26 Sep 2022 21:07:29 GMT
cache-control: s-maxage=31536000, public,max-age=86400
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 18320
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 21:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 21:14:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: feaFGz7-5gQFi6WbYPtx93oDaZ6SSigm1VoGCxsM6i0aAT9uol7k1w==
Age: 192

c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js

151.101.129.35

200 OK

160 B

URL HTTP/2
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
IP
151.101.129.35:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
160 B (160 bytes)
Hash
9b4c97aea4cb27f9a7138700dd7753cc
2ad017e0e6306738de98232fbc2fe6d2c23c1851
73aef7f199e77cc46dcc04d000973e0605ad8f32d1085110d51f1fcd40471848

HTTP Headers

GET /v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
correlation-id: 384e461988329
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: 384e461988329
traceparent: 00-0000000000000000000384e461988329-7b10286662be2a04-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:30 GMT
age: 77687
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11533-HHN, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 46, 2
x-timer: S1664140050.019847,VS0,VE1
vary: Accept-Encoding
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 160
X-Firefox-Spdy: h2

c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js

151.101.129.35

304 Not Modified

0 B

URL HTTP/2
c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
IP
151.101.129.35:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /webstatic/r/fb/fb-all-prod.pp2.min.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Sat, 13 Feb 2021 00:30:01 GMT
If-None-Match: "60271d89-e7e3+ident+gzip"
TE: trailers

HTTP/2 304 Not Modified
date: Sun, 25 Sep 2022 21:07:30 GMT
via: 1.1 varnish
etag: "60271d89-e7e3+ident+gzip"
age: 1024286
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1664140050.057574,VS0,VE1
vary: Accept-Encoding
expires: Mon, 26 Sep 2022 21:07:30 GMT
cache-control: s-maxage=31536000, public,max-age=86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:30 GMT
Last-Modified: Sun, 25 Sep 2022 20:01:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
88e9a06e309d7cfa39d3fc333e323cb7
ee665e8b5d10d41940f67f231cde211d51a6d233
2dcb8702bcbd3d834fc60d8708ce72d1264d048e967ab3447e9a426e8f343287

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:30 GMT
Last-Modified: Sun, 25 Sep 2022 19:33:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

b.stats.paypal.com/v1/counter.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c

64.4.245.84

302 Found

0 B

URL HTTP/1.1
b.stats.paypal.com/v1/counter.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c
IP
64.4.245.84:0
ASN
#17012 PAYPAL

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/counter.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c HTTP/1.1
Host: b.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Connection: close
Server: PayPal-B.Stats/1.0
Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c
Content-Length: 0
Set-Cookie: c=9d435366257b609a1cb6; Domain=stats.paypal.com; expires=Sat, 20 Sep 2042 21:07:30 GMT; Path=/
Content-Type: application/octet-stream
Date: Sun, 25 Sep 2022 21:07:30 GMT

c.paypal.com/v1/r/d/b/p1

151.101.129.35

200 OK

125 B

URL HTTP/2
c.paypal.com/v1/r/d/b/p1
IP
151.101.129.35:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with no line terminators
Size
125 B (125 bytes)
Hash
0b3f047e3e2f27e3c35642f1f4541ad4
c78e2494e4db0c31eedb9f62c42b54662923fa8d
209512aca37c51c52d24323465e9827e65218b2a074fe7f0b52d7de8eff6621d

HTTP Headers

POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 930
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
correlation-id: 38058b0c5983c
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 38058b0c5983c
set-cookie: sc_f=Ws5UpZas3cU538OTjDIBlkE1laWPRQH9G62cxUFrwiV-np5Yh8ac7FmridHCqXvFWElKsJYCnwXb0bhKQ8tMuI8vPe5rVVe9OjJmUm;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Fri, 24-Sep-2027 14:07:30 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=EhCJN_NCA4Wd3UMyb8e9DH6p9pgs2VKm-k6Ixsg9prQJwBMlC1TIJSma9BKrp8_8hYDxiVfngnmTae9K;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Sat, 20-Sep-2042 14:07:30 GMT; HttpOnly
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Sun, 25 Sep 2022 21:37:30 GMT; HttpOnly; Secure
traceparent: 00-000000000000000000038058b0c5983c-49043827617d7090-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11528-HHN, cache-bma1658-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2

c.paypal.com/v1/r/d/b/p2

151.101.129.35

200 OK

125 B

URL HTTP/2
c.paypal.com/v1/r/d/b/p2
IP
151.101.129.35:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with no line terminators
Size
125 B (125 bytes)
Hash
a2602b946e26a07040eb9ee96d2ca619
e12138d734a52e6cb8b53de56ec00c3b0b4b5bc5
48f622dcd971905f8dae08c51a9281d5ac9bb5b345018e60d5f743ccf82af78a

HTTP Headers

POST /v1/r/d/b/p2 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 291
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
correlation-id: f78a703cb7bbd
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: f78a703cb7bbd
set-cookie: sc_f=Si670yBJ1pI3-Nj7PGm41WzFLA77Orinzpb7A3oiLdwUG5MabM28EC1mTcQ8GxiUqz-uvoI9yr_deAwgLXqbsSP4ZcPBC1Fxsxt4bG;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Fri, 24-Sep-2027 14:07:30 GMT; HttpOnly
traceparent: 00-0000000000000000000f78a703cb7bbd-e53e658c7469f535-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4059-HHN, cache-bma1658-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2

dub.stats.paypal.com/v1/counter2.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c

64.4.245.84

200 OK

42 B

URL HTTP/1.1
dub.stats.paypal.com/v1/counter2.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c
IP
64.4.245.84:0
ASN
#17012 PAYPAL

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

HTTP Headers

GET /v1/counter2.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goddamn-scopes.000webhostapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=1430234634ca0b969701; Domain=stats.paypal.com; expires=Sat, 20 Sep 2042 21:07:30 GMT; Path=/
Date: Sun, 25 Sep 2022 21:07:30 GMT

c6.paypal.com/v1/r/d/b/p3?f=0ece468eaf624fa6864a1005834df333&s=UNIFIED_LOGIN_INPUT_PASSWORD

151.101.85.35

200 OK

0 B

URL HTTP/2
c6.paypal.com/v1/r/d/b/p3?f=0ece468eaf624fa6864a1005834df333&s=UNIFIED_LOGIN_INPUT_PASSWORD
IP
151.101.85.35:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/r/d/b/p3?f=0ece468eaf624fa6864a1005834df333&s=UNIFIED_LOGIN_INPUT_PASSWORD HTTP/1.1
Host: c6.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
correlation-id: f00f87dbd1be1
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f00f87dbd1be1
traceparent: 00-0000000000000000000f00f87dbd1be1-0879267d88055277-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11583-HHN, cache-bma1669-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664140050.239811,VS0,VE215
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 0
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.175.179

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.175.179:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MsSUiE2oJbDdZr+h62uwNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1Svad6zHOidZ+gYwtlzVUEkaqwY=

goddamn-scopes.000webhostapp.com/

145.14.144.104

200 OK

46 kB

URL HTTP/2
goddamn-scopes.000webhostapp.com/
IP
145.14.144.104:0
ASN
#204915 Hostinger International Limited

File type
data
Size
46 kB (46062 bytes)
Hash
bad74082526d8fa0d83a50e79ecf79a2
c06a2494e132d56dcc7872edf81d80c55115c822
90ff3050674c019e5ccc8725eb68757d4b128bc1f5fe938f993bcecbbc2f8c29

Detections

Analyzer	Verdict	Alert
openphish	PayPal Inc.
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: ac67b80a0f88c0015d00928ce134c6d9
content-encoding: gzip
X-Firefox-Spdy: h2

t.paypal.com/ts?v=1.7.1&t=1664140049648&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=c_paypal_cpl&t1=10&t1c=0&t1d=0&t1s=0&t2=12&t3=1&tt=23&protocol=h2&cenc=gzip&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A10%2C%22t11%22%3A23%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5

151.101.193.35

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?v=1.7.1&t=1664140049648&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=c_paypal_cpl&t1=10&t1c=0&t1d=0&t1s=0&t2=12&t3=1&tt=23&protocol=h2&cenc=gzip&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A10%2C%22t11%22%3A23%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5
IP
151.101.193.35:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?v=1.7.1&t=1664140049648&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=c_paypal_cpl&t1=10&t1c=0&t1d=0&t1s=0&t2=12&t3=1&tt=23&protocol=h2&cenc=gzip&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A10%2C%22t11%22%3A23%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sun, 25 Sep 2022 21:07:31 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: c9571fbc2484d
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1758834451%26vteXpYrS%3D1664141851%26vr%3D564be4593a2653d5%26vt%3D63bb465a3aa57e30; Expires=Thu, 25 Sep 2025 21:07:31 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D564be4593a2653d5%26vt%3D63bb465a3aa57e30; Expires=Thu, 25 Sep 2025 21:07:31 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000c9571fbc2484d-774ed12b25c2f885-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11583-HHN, cache-bma1649-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664140051.224718,VS0,VE184
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2

t.paypal.com/ts?v=1.7.1&t=1664140049646&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=t_paypal_cpl&t1=72&t1c=72&t1d=40&t1s=17&t2=193&t3=7&tt=272&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A72%2C%22t11%22%3A272%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5

151.101.193.35

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?v=1.7.1&t=1664140049646&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=t_paypal_cpl&t1=72&t1c=72&t1d=40&t1s=17&t2=193&t3=7&tt=272&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A72%2C%22t11%22%3A272%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5
IP
151.101.193.35:0
ASN
#54113 FASTLY

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?v=1.7.1&t=1664140049646&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=t_paypal_cpl&t1=72&t1c=72&t1d=40&t1s=17&t2=193&t3=7&tt=272&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A72%2C%22t11%22%3A272%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sun, 25 Sep 2022 21:07:31 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: a263ff9f87fb2
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1758834451%26vteXpYrS%3D1664141851%26vr%3D564be4593a2653d5%26vt%3D63bb465a3aa57e30; Expires=Thu, 25 Sep 2025 21:07:31 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D564be4593a2653d5%26vt%3D63bb465a3aa57e30; Expires=Thu, 25 Sep 2025 21:07:31 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000a263ff9f87fb2-80d737f349c4eb6b-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11525-HHN, cache-bma1649-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664140051.223024,VS0,VE187
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17078
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 21:07:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17078
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 21:07:31 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17078
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 21:07:31 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dee94ac-dbe6-4b7f-9dd3-c44ea2324676.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dee94ac-dbe6-4b7f-9dd3-c44ea2324676.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11045 bytes)
Hash
406b4c0acf367858e80b4b81b1c7c0e9
388d4896026347ee0beccd8fa658877a1b6ebc9b
80256190ac2b3b322f9fe6226820df47d680a161e56d3ec2f0f597a86afdd738

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dee94ac-dbe6-4b7f-9dd3-c44ea2324676.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11045
x-amzn-requestid: 9684f1b7-959f-4a8e-8685-d2744493fc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQvHzFIAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2737-08b2bef617bdcb2e332774a2;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4kYYEo9zW8XnhrXNfIyjAk-OI98-PRdf7OP4GqZyH_u1vSf7NxzG_Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:33 GMT
age: 83098
etag: "388d4896026347ee0beccd8fa658877a1b6ebc9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7690 bytes)
Hash
75eb09cb0472d311d2deaf4475a2fb29
9e7b0fd5b7c45213e1808361867a254c8e313a30
c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N1964asC-XTl9uXwzmgOj5dqDU1mJPKyDl-ZTqhg6wFcDcZFG5ncNQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 17:44:48 GMT
age: 12163
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:57:02 GMT
age: 83429
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5305 bytes)
Hash
9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JgS9UxuYxMmnN6Op-LDeWN7tpeQYRosQp5Jo4-2jf8uEMUIHa6j-SQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:04:13 GMT
age: 57798
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe84af5-cb77-4bce-b050-bb28c67f2536.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.9 kB (3936 bytes)
Hash
05cc8199d072ccff34e3c0b2ecd65a09
7eda659464993f2945f2c5f4332f96fec9dc0e4c
4fb425a78b4664385741112795978280166b6331baf461aa4ba9440d0ef3826d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe84af5-cb77-4bce-b050-bb28c67f2536.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3936
x-amzn-requestid: f0dba0d5-752b-4a36-bedd-56e9dd7b508e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shFH_iIAMF28w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-260fa8c121160aa44b30bd5a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sLH1U82dYcrJhJQNJ8eFcGT3AMa0MITTZwtCwgVMKCRidqmMOMMqTA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:30 GMT
age: 83101
etag: "7eda659464993f2945f2c5f4332f96fec9dc0e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 84599
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

goddamn-scopes.000webhostapp.com/signin/load-resource

145.14.144.104

404 Not Found

0 B

URL HTTP/2
goddamn-scopes.000webhostapp.com/signin/load-resource
IP
145.14.144.104:0
ASN
#204915 Hostinger International Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	PayPal Inc.
fortinet	Phishing

HTTP Headers

POST /signin/load-resource HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://goddamn-scopes.000webhostapp.com
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 27c3028ccc79678bc70aa9b532b10654
content-encoding: gzip
X-Firefox-Spdy: h2

goddamn-scopes.000webhostapp.com/signin/client-log

145.14.144.104

404 Not Found

0 B

URL HTTP/2
goddamn-scopes.000webhostapp.com/signin/client-log
IP
145.14.144.104:0
ASN
#204915 Hostinger International Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	PayPal Inc.
fortinet	Phishing

HTTP Headers

POST /signin/client-log HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 703
Origin: https://goddamn-scopes.000webhostapp.com
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 0e78266ddd009e190f856486034cdb8b
content-encoding: gzip
X-Firefox-Spdy: h2

goddamn-scopes.000webhostapp.com/auth/createchallenge/1672bb27d7fbc367/challenge.js

145.14.144.104

404 Not Found

0 B

URL HTTP/2
goddamn-scopes.000webhostapp.com/auth/createchallenge/1672bb27d7fbc367/challenge.js
IP
145.14.144.104:0
ASN
#204915 Hostinger International Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	PayPal Inc.
fortinet	Phishing

HTTP Headers

GET /auth/createchallenge/1672bb27d7fbc367/challenge.js HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 53e2246e31ca3499cbd68b36141390fd
content-encoding: gzip
X-Firefox-Spdy: h2

goddamn-scopes.000webhostapp.com/signin/client-log

145.14.144.104

404 Not Found

0 B

URL HTTP/2
goddamn-scopes.000webhostapp.com/signin/client-log
IP
145.14.144.104:0
ASN
#204915 Hostinger International Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	PayPal Inc.
fortinet	Phishing

HTTP Headers

POST /signin/client-log HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 1081
Origin: https://goddamn-scopes.000webhostapp.com
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 0c21109a91cf8d6262dc58ca0048861b
content-encoding: gzip
X-Firefox-Spdy: h2

goddamn-scopes.000webhostapp.com/signin/cookie-banner

145.14.144.104

404 Not Found

0 B

URL HTTP/2
goddamn-scopes.000webhostapp.com/signin/cookie-banner
IP
145.14.144.104:0
ASN
#204915 Hostinger International Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	PayPal Inc.
fortinet	Phishing

HTTP Headers

GET /signin/cookie-banner HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 7aae0e08488f272b8945f44de4ac7607
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations