firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 20:15:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KhSVlBEfcJx8iFX_B7CbX2ZdoQqeGTGANBfOiSeVnMstiLsIePECDw==
Age: 3143
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5613
Expires: Sun, 25 Sep 2022 22:41:02 GMT
Date: Sun, 25 Sep 2022 21:07:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U7LsxOXHwxHvoVGR459hmRu8T1554S1MmINzCePvZ2_OO5QjwM6iBA==
age: 59535
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e728be090cf6e6ff0935be5d9cca9a87
7a5a674ef2f990d5e6fdc3568c369d3a76f74ff9
20dbdaa3275c45469dd4dfcfad97ee9483e47e4684d676186919716c1660b78a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1930
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:29 GMT
Last-Modified: Sun, 25 Sep 2022 20:35:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e728be090cf6e6ff0935be5d9cca9a87
7a5a674ef2f990d5e6fdc3568c369d3a76f74ff9
20dbdaa3275c45469dd4dfcfad97ee9483e47e4684d676186919716c1660b78a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3110
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:29 GMT
Last-Modified: Sun, 25 Sep 2022 20:15:39 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e728be090cf6e6ff0935be5d9cca9a87
7a5a674ef2f990d5e6fdc3568c369d3a76f74ff9
20dbdaa3275c45469dd4dfcfad97ee9483e47e4684d676186919716c1660b78a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3122
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:29 GMT
Last-Modified: Sun, 25 Sep 2022 20:15:27 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e728be090cf6e6ff0935be5d9cca9a87
7a5a674ef2f990d5e6fdc3568c369d3a76f74ff9
20dbdaa3275c45469dd4dfcfad97ee9483e47e4684d676186919716c1660b78a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1930
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:29 GMT
Last-Modified: Sun, 25 Sep 2022 20:35:19 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
151.101.86.133200 OK 1.7 kB URL HTTP/2 www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
IP 151.101.86.133:0
File type PNG image data, 224 x 200, 8-bit colormap, non-interlaced\012- data
Hash 01f70242c93a7a45b8fd6ee1a56aba6b
396950270473fe9149c24a251885f7ed7efd6134
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
GET /images/shared/glyph_alert_critical_big-2x.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "e3ulSVTzLS+1hMwG/oqsG+jIfAa7MoSaV806RZTn6+w"
fastly-io-info: ifsz=5828 idim=224x200 ifmt=png ofsz=1709 odim=224x200 ofmt=png
fastly-stats: io=1
paypal-debug-id: b81b460757e6d
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10042-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 15581, 6825
x-timer: S1664140050.645036,VS0,VE0
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1709
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/icon-PN-check.png
151.101.86.133200 OK 1.2 kB URL HTTP/2 www.paypalobjects.com/images/shared/icon-PN-check.png
IP 151.101.86.133:0
File type PNG image data, 121 x 133, 8-bit colormap, non-interlaced\012- data
Hash 4014dbe27b6642b8539a8220a59a518f
193e344cf36dd9bd88b6b691e32089078b14a4e7
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
GET /images/shared/icon-PN-check.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "49vz/MoiBvXh6ILc659PTN8gH45nwBXy23o3w9v7cpc"
fastly-io-info: ifsz=2236 idim=121x133 ifmt=png ofsz=1238 odim=121x133 ofmt=png
fastly-stats: io=1
paypal-debug-id: a62b3a2ce2f32
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10029-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 26333, 9
x-timer: S1664140050.645010,VS0,VE0
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1238
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/c54/359e968cf4b91a2096b1cc7bb621b/js/xhr-ads.min.js
151.101.86.133200 OK 6.4 kB URL HTTP/2 www.paypalobjects.com/web/res/c54/359e968cf4b91a2096b1cc7bb621b/js/xhr-ads.min.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (21544), with no line terminators
Hash 09817f168da47c7e2b200389f31c786b
272adba667fe94a9fc2f38b1a44e6fea99b2a4aa
07f286c6423a24d18e2f699dd6123b2ce75a9fe30adce4cf000bde76b18551a4
GET /web/res/c54/359e968cf4b91a2096b1cc7bb621b/js/xhr-ads.min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"5c99e330-5428"
expires: Tue, 19 Sep 2023 11:32:28 GMT
last-modified: Tue, 26 Mar 2019 08:30:40 GMT
paypal-debug-id: f63dcff097bfd
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000f63dcff097bfd-8e802467329e2d2b-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10082-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664140050.645054,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 6352
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/css/contextualLogin.css
151.101.86.133200 OK 15 kB URL HTTP/2 www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/css/contextualLogin.css
IP 151.101.86.133:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 773671e1d0d17f58a076565aecc62843
d4d3f7abfca809d6e0c252e175bdbf0824a34d4e
7b53d70cf4c5db4de8271f73706d3185518121f487e5ff57119bd03486c0c6b0
GET /web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/css/contextualLogin.css HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: x-csrf-token
content-encoding: gzip
content-type: text/css
etag: W/"5d5e22f0-15bba"
expires: Wed, 06 Sep 2023 10:07:06 GMT
last-modified: Thu, 22 Aug 2019 05:06:56 GMT
paypal-debug-id: e157078e02828
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000e157078e02828-86f8cf1be653e6d2-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10038-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664140050.651666,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 15198
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/js/min/pa.js
151.101.86.133200 OK 22 kB URL HTTP/2 www.paypalobjects.com/pa/js/min/pa.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (56537)
Hash 035c129f0b87fb076d4d70a5116d099e
f300cca8a79314d55c1fad7453acac84a58fca5e
40933a9189556d305d5cbf36fb47170229696a744860a4ee02eeadb4c4929bd9
GET /pa/js/min/pa.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"63225d02-dcf5"
last-modified: Wed, 14 Sep 2022 23:00:18 GMT
paypal-debug-id: 774657e948e05
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000774657e948e05-328f6f9d29a43582-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10078-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 8724
x-timer: S1664140050.688395,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 21560
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
151.101.86.133200 OK 1.9 kB URL HTTP/2 www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
IP 151.101.86.133:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 796be015d691467b94dc2617ed1b009a
cfb268c516c0d6b3d05bdac25a3557eeab59c499
c442af9b78ab4ee99c8a248a98f4ee1cdac6bd841f5daa6950ce9677aac2a506
GET /images/shared/paypal-logo-129x32.svg HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/css/contextualLogin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=3600
content-encoding: gzip
content-type: image/svg+xml
etag: W/"544ad849-1351"
last-modified: Fri, 24 Oct 2014 22:52:57 GMT
paypal-debug-id: 1c098630023be
dc: phx-origin-www-2.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10031-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 24, 3
x-timer: S1664140050.728180,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=31557600
content-length: 1932
X-Firefox-Spdy: h2
www.paypalobjects.com/webstatic/icon/pp64.png
151.101.86.133200 OK 1.7 kB URL HTTP/2 www.paypalobjects.com/webstatic/icon/pp64.png
IP 151.101.86.133:0
File type PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash de1ba89339f0a1addf3aaa930cd3e461
d29ffd216b865aa95798758aaccbed3a654139c3
af0887bb94e12e0bfc49f20335693e68b43c993885d6f1cf95d3830ce88565c0
GET /webstatic/icon/pp64.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "WxEn9yGH+kBq+xbUh4K1VFdViFyyxkv58VcTdG5vmJA"
fastly-io-info: ifsz=4518 idim=64x64 ifmt=png ofsz=1745 odim=64x64 ofmt=png
fastly-stats: io=1
paypal-debug-id: de0b1f02cd64d
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10059-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 480, 1114
x-timer: S1664140050.811930,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 1745
X-Firefox-Spdy: h2
goddamn-scopes.000webhostapp.com/auth/createchallenge/ed2cd00d8cd158aa/recaptchav3.js
145.14.144.104404 Not Found 5.2 kB URL HTTP/2 goddamn-scopes.000webhostapp.com/auth/createchallenge/ed2cd00d8cd158aa/recaptchav3.js
IP 145.14.144.104:0
ASN #204915 Hostinger International Limited
Hash e8d8af9f20026a423e40e741f9028e27
0810e0535a93dcb29f57c45d513d18a4c76b120f
fd4c178e8a794407b2854d626f5d593d2ff4c24318f4f73ad7700b1b26faa50f
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /auth/createchallenge/ed2cd00d8cd158aa/recaptchav3.js HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: bd038133f6bc86e5e8d9d7a78ad96b24
content-encoding: gzip
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/js/lib/tealeaf-ul-prod_domcap.min.js
151.101.86.133200 OK 36 kB URL HTTP/2 www.paypalobjects.com/web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/js/lib/tealeaf-ul-prod_domcap.min.js
IP 151.101.86.133:0
File type Unicode text, UTF-8 text, with very long lines (65216), with CRLF, LF line terminators
Hash 9d07770068dbab3536a1d14f258fcb3c
a5a568da2700f9280564c8deedd75f1400618ae6
bbde326b3394904a38db3222dd172ee93b799373ab9c620d1b2bafa49d0b4ca7
GET /web/res/033/87c4cc9a40a67d338a9fbd7ffc6ab/js/lib/tealeaf-ul-prod_domcap.min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"5d5e22f0-1b83e"
expires: Tue, 19 Sep 2023 19:30:33 GMT
last-modified: Thu, 22 Aug 2019 05:06:56 GMT
paypal-debug-id: c342c38406948
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000c342c38406948-1eb6ed95e3b5b559-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
x-served-by: cache-sjc10073-SJC, cache-bma1633-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1664140050.848607,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 36036
X-Firefox-Spdy: h2
c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
151.101.129.35200 OK 18 kB URL HTTP/2 c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
IP 151.101.129.35:0
File type Unicode text, UTF-8 text, with very long lines (59357), with no line terminators
Hash 9d81e444fddbbd28d5bab43ea0334f84
6ce9400e0ed66dd1ab0752713c3339c70fad4a0a
4ade47b59baf164e64671b9ca5380b7b994d8f92c45d005a8e10f795eb637527
GET /webstatic/r/fb/fb-all-prod.pp2.min.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
content-type: application/javascript
dc: ccg11-origin-www-1.paypal.com
etag: "60271d89-e7e3+ident+gzip"
last-modified: Sat, 13 Feb 2021 00:30:01 GMT
paypal-debug-id: 550bae946a28f
server: ECAcc (nya/7980)
traceparent: 00-0000000000000000000550bae946a28f-b90bfdd4dde7215c-01
x-content-type-options: nosniff
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:29 GMT
via: 1.1 varnish
age: 1024286
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 3
x-timer: S1664140050.918068,VS0,VE1
vary: Accept-Encoding
expires: Mon, 26 Sep 2022 21:07:29 GMT
cache-control: s-maxage=31536000, public,max-age=86400
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 18320
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 21:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 21:14:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: feaFGz7-5gQFi6WbYPtx93oDaZ6SSigm1VoGCxsM6i0aAT9uol7k1w==
Age: 192
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
151.101.129.35200 OK 160 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
IP 151.101.129.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9b4c97aea4cb27f9a7138700dd7753cc
2ad017e0e6306738de98232fbc2fe6d2c23c1851
73aef7f199e77cc46dcc04d000973e0605ad8f32d1085110d51f1fcd40471848
GET /v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
correlation-id: 384e461988329
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: 384e461988329
traceparent: 00-0000000000000000000384e461988329-7b10286662be2a04-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 25 Sep 2022 21:07:30 GMT
age: 77687
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11533-HHN, cache-bma1658-BMA
x-cache: HIT, HIT
x-cache-hits: 46, 2
x-timer: S1664140050.019847,VS0,VE1
vary: Accept-Encoding
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 160
X-Firefox-Spdy: h2
c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
151.101.129.35304 Not Modified 0 B URL HTTP/2 c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
IP 151.101.129.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webstatic/r/fb/fb-all-prod.pp2.min.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Sat, 13 Feb 2021 00:30:01 GMT
If-None-Match: "60271d89-e7e3+ident+gzip"
TE: trailers
HTTP/2 304 Not Modified
date: Sun, 25 Sep 2022 21:07:30 GMT
via: 1.1 varnish
etag: "60271d89-e7e3+ident+gzip"
age: 1024286
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1664140050.057574,VS0,VE1
vary: Accept-Encoding
expires: Mon, 26 Sep 2022 21:07:30 GMT
cache-control: s-maxage=31536000, public,max-age=86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3990
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:30 GMT
Last-Modified: Sun, 25 Sep 2022 20:01:00 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 88e9a06e309d7cfa39d3fc333e323cb7
ee665e8b5d10d41940f67f231cde211d51a6d233
2dcb8702bcbd3d834fc60d8708ce72d1264d048e967ab3447e9a426e8f343287
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5653
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 21:07:30 GMT
Last-Modified: Sun, 25 Sep 2022 19:33:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
b.stats.paypal.com/v1/counter.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c
64.4.245.84302 Found 0 B URL HTTP/1.1 b.stats.paypal.com/v1/counter.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c
IP 64.4.245.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/counter.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c HTTP/1.1
Host: b.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Server: PayPal-B.Stats/1.0
Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c
Content-Length: 0
Set-Cookie: c=9d435366257b609a1cb6; Domain=stats.paypal.com; expires=Sat, 20 Sep 2042 21:07:30 GMT; Path=/
Content-Type: application/octet-stream
Date: Sun, 25 Sep 2022 21:07:30 GMT
c.paypal.com/v1/r/d/b/p1
151.101.129.35200 OK 125 B IP 151.101.129.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0b3f047e3e2f27e3c35642f1f4541ad4
c78e2494e4db0c31eedb9f62c42b54662923fa8d
209512aca37c51c52d24323465e9827e65218b2a074fe7f0b52d7de8eff6621d
POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 930
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: 38058b0c5983c
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 38058b0c5983c
set-cookie: sc_f=Ws5UpZas3cU538OTjDIBlkE1laWPRQH9G62cxUFrwiV-np5Yh8ac7FmridHCqXvFWElKsJYCnwXb0bhKQ8tMuI8vPe5rVVe9OjJmUm;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Fri, 24-Sep-2027 14:07:30 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=EhCJN_NCA4Wd3UMyb8e9DH6p9pgs2VKm-k6Ixsg9prQJwBMlC1TIJSma9BKrp8_8hYDxiVfngnmTae9K;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Sat, 20-Sep-2042 14:07:30 GMT; HttpOnly
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Sun, 25 Sep 2022 21:37:30 GMT; HttpOnly; Secure
traceparent: 00-000000000000000000038058b0c5983c-49043827617d7090-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11528-HHN, cache-bma1658-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p2
151.101.129.35200 OK 125 B IP 151.101.129.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a2602b946e26a07040eb9ee96d2ca619
e12138d734a52e6cb8b53de56ec00c3b0b4b5bc5
48f622dcd971905f8dae08c51a9281d5ac9bb5b345018e60d5f743ccf82af78a
POST /v1/r/d/b/p2 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 291
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/webstatic/r/fb/fb-all-prod.pp2.min.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: f78a703cb7bbd
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: f78a703cb7bbd
set-cookie: sc_f=Si670yBJ1pI3-Nj7PGm41WzFLA77Orinzpb7A3oiLdwUG5MabM28EC1mTcQ8GxiUqz-uvoI9yr_deAwgLXqbsSP4ZcPBC1Fxsxt4bG;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Fri, 24-Sep-2027 14:07:30 GMT; HttpOnly
traceparent: 00-0000000000000000000f78a703cb7bbd-e53e658c7469f535-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4059-HHN, cache-bma1658-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
dub.stats.paypal.com/v1/counter2.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c
64.4.245.84200 OK 42 B URL HTTP/1.1 dub.stats.paypal.com/v1/counter2.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c
IP 64.4.245.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /v1/counter2.cgi?r=cD0wZWNlNDY4ZWFmNjI0ZmE2ODY0YTEwMDU4MzRkZjMzMyZpPTM3LjEzMy4xMTcuMCZ0PTE1NjY5MjU1OTkuNjIyJmE9MjEmcz1VTklGSUVEX0xPR0lOxWK88i5fNbTCNhkLOR5EU-dyq_c HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goddamn-scopes.000webhostapp.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=1430234634ca0b969701; Domain=stats.paypal.com; expires=Sat, 20 Sep 2042 21:07:30 GMT; Path=/
Date: Sun, 25 Sep 2022 21:07:30 GMT
c6.paypal.com/v1/r/d/b/p3?f=0ece468eaf624fa6864a1005834df333&s=UNIFIED_LOGIN_INPUT_PASSWORD
151.101.85.35200 OK 0 B URL HTTP/2 c6.paypal.com/v1/r/d/b/p3?f=0ece468eaf624fa6864a1005834df333&s=UNIFIED_LOGIN_INPUT_PASSWORD
IP 151.101.85.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/r/d/b/p3?f=0ece468eaf624fa6864a1005834df333&s=UNIFIED_LOGIN_INPUT_PASSWORD HTTP/1.1
Host: c6.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
correlation-id: f00f87dbd1be1
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f00f87dbd1be1
traceparent: 00-0000000000000000000f00f87dbd1be1-0879267d88055277-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11583-HHN, cache-bma1669-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664140050.239811,VS0,VE215
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 0
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.175.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.175.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MsSUiE2oJbDdZr+h62uwNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1Svad6zHOidZ+gYwtlzVUEkaqwY=
goddamn-scopes.000webhostapp.com/
145.14.144.104200 OK 46 kB URL HTTP/2 goddamn-scopes.000webhostapp.com/
IP 145.14.144.104:0
ASN #204915 Hostinger International Limited
Hash bad74082526d8fa0d83a50e79ecf79a2
c06a2494e132d56dcc7872edf81d80c55115c822
90ff3050674c019e5ccc8725eb68757d4b128bc1f5fe938f993bcecbbc2f8c29
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET / HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: ac67b80a0f88c0015d00928ce134c6d9
content-encoding: gzip
X-Firefox-Spdy: h2
t.paypal.com/ts?v=1.7.1&t=1664140049648&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=c_paypal_cpl&t1=10&t1c=0&t1d=0&t1s=0&t2=12&t3=1&tt=23&protocol=h2&cenc=gzip&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A10%2C%22t11%22%3A23%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5
151.101.193.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?v=1.7.1&t=1664140049648&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=c_paypal_cpl&t1=10&t1c=0&t1d=0&t1s=0&t2=12&t3=1&tt=23&protocol=h2&cenc=gzip&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A10%2C%22t11%22%3A23%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5
IP 151.101.193.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?v=1.7.1&t=1664140049648&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=c_paypal_cpl&t1=10&t1c=0&t1d=0&t1s=0&t2=12&t3=1&tt=23&protocol=h2&cenc=gzip&cdn=fastly&tmpl=%2F%2Fc.paypal.&view=%7B%22t10%22%3A10%2C%22t11%22%3A23%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sun, 25 Sep 2022 21:07:31 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: c9571fbc2484d
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1758834451%26vteXpYrS%3D1664141851%26vr%3D564be4593a2653d5%26vt%3D63bb465a3aa57e30; Expires=Thu, 25 Sep 2025 21:07:31 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D564be4593a2653d5%26vt%3D63bb465a3aa57e30; Expires=Thu, 25 Sep 2025 21:07:31 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000c9571fbc2484d-774ed12b25c2f885-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11583-HHN, cache-bma1649-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664140051.224718,VS0,VE184
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
t.paypal.com/ts?v=1.7.1&t=1664140049646&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=t_paypal_cpl&t1=72&t1c=72&t1d=40&t1s=17&t2=193&t3=7&tt=272&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A72%2C%22t11%22%3A272%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5
151.101.193.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?v=1.7.1&t=1664140049646&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=t_paypal_cpl&t1=72&t1c=72&t1d=40&t1s=17&t2=193&t3=7&tt=272&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A72%2C%22t11%22%3A272%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5
IP 151.101.193.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?v=1.7.1&t=1664140049646&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1566925599584&calc=994f47aa88353&rsta=es_ES&pgtf=Nodejs&env=live&s=ci&ccpg=ES&csci=aa9fb607fe8f4663b3618a97b0467cfe&comp=unifiedloginnodeweb&tsrce=authchallengenodeweb&cu=1&gacook=567347949.1545505569&ef_policy=gdpr_eu&c_prefs=T%3D1&xe=100885%2C3862%2C100644%2C100644&xt=102543%2C9226%2C101702%2C101702&transition_name=ss_prepare_pwd&ctx_login_ot_content=1&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fmyaccount%2Fmoney%2Fcards%2FCC-Q6G8U6ZGCGX28&event_name=t_paypal_cpl&t1=72&t1c=72&t1d=40&t1s=17&t2=193&t3=7&tt=272&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A72%2C%22t11%22%3A272%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=63bb465a3aa57e30&3p_fpti=564be4593a2653d5 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sun, 25 Sep 2022 21:07:31 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: a263ff9f87fb2
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1758834451%26vteXpYrS%3D1664141851%26vr%3D564be4593a2653d5%26vt%3D63bb465a3aa57e30; Expires=Thu, 25 Sep 2025 21:07:31 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D564be4593a2653d5%26vt%3D63bb465a3aa57e30; Expires=Thu, 25 Sep 2025 21:07:31 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000a263ff9f87fb2-80d737f349c4eb6b-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sun, 25 Sep 2022 21:07:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11525-HHN, cache-bma1649-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1664140051.223024,VS0,VE187
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17078
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 21:07:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17078
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 21:07:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17078
Expires: Mon, 26 Sep 2022 01:52:09 GMT
Date: Sun, 25 Sep 2022 21:07:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dee94ac-dbe6-4b7f-9dd3-c44ea2324676.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dee94ac-dbe6-4b7f-9dd3-c44ea2324676.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 406b4c0acf367858e80b4b81b1c7c0e9
388d4896026347ee0beccd8fa658877a1b6ebc9b
80256190ac2b3b322f9fe6226820df47d680a161e56d3ec2f0f597a86afdd738
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9dee94ac-dbe6-4b7f-9dd3-c44ea2324676.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11045
x-amzn-requestid: 9684f1b7-959f-4a8e-8685-d2744493fc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQvHzFIAMF-WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2737-08b2bef617bdcb2e332774a2;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4kYYEo9zW8XnhrXNfIyjAk-OI98-PRdf7OP4GqZyH_u1vSf7NxzG_Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:33 GMT
age: 83098
etag: "388d4896026347ee0beccd8fa658877a1b6ebc9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75eb09cb0472d311d2deaf4475a2fb29
9e7b0fd5b7c45213e1808361867a254c8e313a30
c18626d0131533976be196823911d5146042e6bd8028389cb4f17a64ee0ec1e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16a0ebb5-2746-43ce-9354-d29ae28778f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7690
x-amzn-requestid: e50abd36-e3d6-4177-ad5a-57ef7f743e1b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv2HqHJqIAMFe9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296a30-7de1ba3633620fed1eb26a04;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:22:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N1964asC-XTl9uXwzmgOj5dqDU1mJPKyDl-ZTqhg6wFcDcZFG5ncNQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 17:44:48 GMT
age: 12163
etag: "9e7b0fd5b7c45213e1808361867a254c8e313a30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:57:02 GMT
age: 83429
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JgS9UxuYxMmnN6Op-LDeWN7tpeQYRosQp5Jo4-2jf8uEMUIHa6j-SQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:04:13 GMT
age: 57798
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe84af5-cb77-4bce-b050-bb28c67f2536.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe84af5-cb77-4bce-b050-bb28c67f2536.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05cc8199d072ccff34e3c0b2ecd65a09
7eda659464993f2945f2c5f4332f96fec9dc0e4c
4fb425a78b4664385741112795978280166b6331baf461aa4ba9440d0ef3826d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febe84af5-cb77-4bce-b050-bb28c67f2536.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3936
x-amzn-requestid: f0dba0d5-752b-4a36-bedd-56e9dd7b508e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shFH_iIAMF28w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-260fa8c121160aa44b30bd5a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: sLH1U82dYcrJhJQNJ8eFcGT3AMa0MITTZwtCwgVMKCRidqmMOMMqTA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:02:30 GMT
age: 83101
etag: "7eda659464993f2945f2c5f4332f96fec9dc0e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 84599
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
goddamn-scopes.000webhostapp.com/signin/load-resource
145.14.144.104404 Not Found 0 B URL HTTP/2 goddamn-scopes.000webhostapp.com/signin/load-resource
IP 145.14.144.104:0
ASN #204915 Hostinger International Limited
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
POST /signin/load-resource HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 91
Origin: https://goddamn-scopes.000webhostapp.com
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 27c3028ccc79678bc70aa9b532b10654
content-encoding: gzip
X-Firefox-Spdy: h2
goddamn-scopes.000webhostapp.com/signin/client-log
145.14.144.104404 Not Found 0 B URL HTTP/2 goddamn-scopes.000webhostapp.com/signin/client-log
IP 145.14.144.104:0
ASN #204915 Hostinger International Limited
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 703
Origin: https://goddamn-scopes.000webhostapp.com
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 0e78266ddd009e190f856486034cdb8b
content-encoding: gzip
X-Firefox-Spdy: h2
goddamn-scopes.000webhostapp.com/auth/createchallenge/1672bb27d7fbc367/challenge.js
145.14.144.104404 Not Found 0 B URL HTTP/2 goddamn-scopes.000webhostapp.com/auth/createchallenge/1672bb27d7fbc367/challenge.js
IP 145.14.144.104:0
ASN #204915 Hostinger International Limited
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /auth/createchallenge/1672bb27d7fbc367/challenge.js HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 53e2246e31ca3499cbd68b36141390fd
content-encoding: gzip
X-Firefox-Spdy: h2
goddamn-scopes.000webhostapp.com/signin/client-log
145.14.144.104404 Not Found 0 B URL HTTP/2 goddamn-scopes.000webhostapp.com/signin/client-log
IP 145.14.144.104:0
ASN #204915 Hostinger International Limited
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 1081
Origin: https://goddamn-scopes.000webhostapp.com
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 0c21109a91cf8d6262dc58ca0048861b
content-encoding: gzip
X-Firefox-Spdy: h2
goddamn-scopes.000webhostapp.com/signin/cookie-banner
145.14.144.104404 Not Found 0 B URL HTTP/2 goddamn-scopes.000webhostapp.com/signin/cookie-banner
IP 145.14.144.104:0
ASN #204915 Hostinger International Limited
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
GET /signin/cookie-banner HTTP/1.1
Host: goddamn-scopes.000webhostapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://goddamn-scopes.000webhostapp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 21:07:29 GMT
content-type: text/html; charset=UTF-8
server: awex
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 7aae0e08488f272b8945f44de4ac7607
content-encoding: gzip
X-Firefox-Spdy: h2