Report - paperelites.com/

Report Overview

Submitted URL
paperelites.com/
IP
69.16.238.78
ASN
#32244 LIQUIDWEB
Submitted
2022-11-18 12:31:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
140

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	1.9 kB	35 kB	216.58.207.195
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	3.1 kB	7.4 kB	142.250.74.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	427 B	1.7 kB	142.250.74.10
static.getbutton.io	31869	2019-10-01T11:11:58Z	2023-03-10T04:48:20Z	685 B	95 kB	176.9.188.20
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-10T05:19:43Z	646 B	543 B	216.239.34.36
paperelites.com	unknown	2022-05-04T16:51:49Z	2023-03-07T16:41:10Z	15 kB	2.0 MB	69.16.238.78
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.7 kB	3.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.203.75.56
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	59 kB	34.120.237.76
vsb58.tawk.to	112397	2020-04-04T05:53:23Z	2023-03-10T07:57:04Z	1.1 kB	45 kB	104.22.25.131
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	348 B	77 kB	142.250.74.168
www.paypalobjects.com	1467	2012-05-30T08:40:21Z	2023-03-10T12:38:02Z	391 B	15 kB	151.101.86.133
embed.tawk.to	8650	2014-03-19T22:03:49Z	2023-03-10T10:36:32Z	1.6 kB	88 kB	104.22.25.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-18	medium	paperelites.com/	Malware
2022-11-18	medium	paperelites.com/	Malware
2022-11-18	medium	paperelites.com/public/assets/js/layout.js	Malware
2022-11-18	medium	paperelites.com/public/assets/libs/simplebar/simplebar.min.js	Malware
2022-11-18	medium	paperelites.com/public/assets/js/pages/landing.init.js	Malware
2022-11-18	medium	paperelites.com/public/assets/libs/node-waves/waves.min.js	Malware
2022-11-18	medium	paperelites.com/public/assets/libs/bootstrap/js/bootstrap.bundle.min.js	Malware
2022-11-18	medium	paperelites.com/public/assets/libs/feather-icons/feather.min.js	Malware
2022-11-18	medium	paperelites.com/public/assets/libs/swiper/swiper-bundle.min.js	Malware
2022-11-18	medium	paperelites.com/public/assets/fonts/remixicon.woff	Malware
2022-11-18	medium	paperelites.com/public/assets/js/pages/plugins/lord-icon-2.1.0.js	Malware
2022-11-18	medium	paperelites.com/public/assets/fonts/materialdesignicons-webfont.woff	Malware
2022-11-18	medium	paperelites.com/public/assets/fonts/hkgrotesk-semibold.woff	Malware
2022-11-18	medium	paperelites.com/public/assets/fonts/hkgrotesk-medium.woff	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed
2022-11-18	medium	paperelites.com	Sinkholed

JavaScript (32)

	URL	Size	First Seen	Last Seen
	paperelites.com/public/assets/libs/simplebar/simplebar.min.js	59 kB	2023-03-07	2024-01-05
Pretty URL paperelites.com/public/assets/libs/simplebar/simplebar.min.js IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-01-05 09:08:32 Times Seen85 Hash 1289f21f5976a07d038835b5137701ef d4d3e045e16d6b55905ad5e3e03a37fc01f29e7d 82a1fa6858fd9a84b39638acc8c7211c82c9652c7809c4dd1ba01b4df5c90a61 Loading...

	paperelites.com/	900 B	2023-03-11	2023-03-11
Pretty URL paperelites.com/ IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:53 Last Seen2023-03-11 14:11:10 Times Seen1 Hash 975a7650b348ba5eb70ea14c51c719db a91183522beb28feef20b52b8be2c6c6b3fc11b6 3aa79258a4ae2596e1e9d57f480056d33cd6cc77526adcd7935e9f16ee8e4d6f Loading...

	embed.tawk.to/62bd3b7f7b967b1179973c26/1g6pj0qv1	2.1 kB	2023-03-11	2023-03-11
Pretty URL embed.tawk.to/62bd3b7f7b967b1179973c26/1g6pj0qv1 IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:53 Last Seen2023-03-11 14:11:10 Times Seen1 Hash 5b3e2d391abd16f694a867ff2f4f091b 0db19555f6f15b27eeb24ea2b30d5dec200489fb 1cb34d227d4edafe806f06e2173cdb693bf69890110086e2288e8d21f627f1e2 Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-common.js	196 kB	2023-03-11	2023-05-19
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:58:30 Last Seen2023-05-19 01:40:06 Times Seen3 Hash 246cda3f43bf9ce566fecbb30f70a544 7ac8d2b4ea649df31c08997594638bcdd5aea3c8 bea27f1a4a09ec35f65ed08f00124c2f66f409b444d350940bcfce770e90bdb9 Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/languages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-2d0b9454.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-48f46bef.js	16 kB	2023-03-11	2023-05-19
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-48f46bef.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:58:20 Last Seen2023-05-19 01:40:06 Times Seen3 Hash 4887f743670ceaecad693ba35e7f22cc 77826be3d33b225d1d88128d9031e38b7d01767d 9b805b1a01a2abe87820396646509cf87a1a23130eda180e357d4c6a0db080eb Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-f1596d96.js	10 kB	2023-03-11	2023-05-19
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-f1596d96.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:10 Last Seen2023-05-19 01:40:06 Times Seen3 Hash 1a4200e574e38de183b2f10e3303b9fe 170acd324434c9122e6c9b4c0506339bf2e97ca0 0f0abfc152effd99e4c1cea6c78813b3701d0e0ad67ee2bdf19bffb20354df0d Loading...

	paperelites.com/public/assets/libs/bootstrap/js/bootstrap.bundle.min.js	78 kB	2023-03-07	2024-04-24
Pretty URL paperelites.com/public/assets/libs/bootstrap/js/bootstrap.bundle.min.js IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:26 Last Seen2024-04-24 14:53:22 Times Seen8919 Hash 7ccd9d390d31af98110f74f842ea9b32 a85e681624c91a106a514c31eacf80de817b2cc3 f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3 Loading...

	paperelites.com/public/assets/libs/node-waves/waves.min.js	6.3 kB	2023-03-08	2024-03-25
Pretty URL paperelites.com/public/assets/libs/node-waves/waves.min.js IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:34:09 Last Seen2024-03-25 22:28:47 Times Seen254 Hash 9a5b3dfca09d9e3005dc697162d4bc65 60f9a65ed27d15a788bf0160ecfc1090c77adf24 47ffc00429342db1b5fd3bd0438fac6f08f398fc499fd485e5fec5276030278a Loading...

	paperelites.com/public/assets/js/layout.js	1.5 kB	2023-03-11	2023-03-11
Pretty URL paperelites.com/public/assets/js/layout.js IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:54 Last Seen2023-03-11 14:11:10 Times Seen1 Hash 3504f6e244f94355640a1df1c6f6b8c3 466731f8d0316b749daef1baeff292d0e6804479 e87afabf742a4de6b92ab4f5b9d1dfe824700e1a9184b2c3597fdfcc3f12ba98 Loading...

	paperelites.com/public/assets/js/pages/landing.init.js	2.7 kB	2023-03-11	2023-03-11
Pretty URL paperelites.com/public/assets/js/pages/landing.init.js IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:54 Last Seen2023-03-11 14:11:10 Times Seen1 Hash 046050e18b7ebf93d6e83a015378a195 e8ed916769f61e4ed96b505ef0d5d0181c47c155 7a17360ba16288b172e5c2d92907b20431bf9b6782be654950437c628e7e05d5 Loading...

	paperelites.com/	1.2 kB	2023-03-11	2023-03-11
Pretty URL paperelites.com/ IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:54 Last Seen2023-03-11 14:11:10 Times Seen1 Hash cda152258e990e1d6daf4df8654c5125 0877604cad8bc0548dc7e6ffae9acd907cef86dc d71b42552e40f00ea25e6f3e359e196a39da84f59f5bcdcd771b59dbd0b42a3b Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-runtime.js	2.3 kB	2023-03-11	2023-05-19
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-runtime.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:58:21 Last Seen2023-05-19 01:40:06 Times Seen3 Hash 4212de7ec61089f6559dc739a21a7f91 52b702365c29b5f18234a698cf966854b0dfb085 3e319e481957851abe7a8493c6f5d4010f9a623f0eecf254c08cbf150f25aed8 Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-696bc286.js	17 kB	2023-03-11	2023-05-19
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:58:20 Last Seen2023-05-19 01:40:06 Times Seen3 Hash 97250a8b612d6c6412d427e831a742ce 174441c606c9add71b1fa09b833598f225a89f06 007ae34561800d68bdc8fd4e9d9db940d8bc7417dce2ea1fcb643480892bf76e Loading...

	paperelites.com/	201 B	2023-03-11	2023-03-11
Pretty URL paperelites.com/ IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:54 Last Seen2023-03-11 14:11:10 Times Seen1 Hash 63cb6bedc11782c5d9e605d0dccb449a 6d4c4163c7151fae742b334f89e3ab5d3be19dd4 de8094b1436ede6b0391fa023fa3c599ab0d902b60a308ef322b26687ba62c81 Loading...

	www.googletagmanager.com/gtag/js?id=G-GLT1JP8FZT	219 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-GLT1JP8FZT IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:54 Last Seen2023-03-11 13:59:54 Times Seen1 Hash 804673c952a14a805830f7e35209c1fb 860fd84e32aa2308bcfb2d17350c445043a69fc1 3f45460f20001422596313d869166d0d737422187624992dffdf0835183d5b02 Loading...

	paperelites.com/	6.2 kB	2023-03-11	2023-03-11
Pretty URL paperelites.com/ IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:54 Last Seen2023-03-11 14:11:10 Times Seen1 Hash 57d595031cbd839b4dbbfc19251de1c3 70d20cdbdc35f8243d7be769bf24c8b6b95a1f7c 70fa1bf9134de20ae324ba504ed9375a64d94a1c8065038c028ebf55ab394d8c Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-f163fcd0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	paperelites.com/public/assets/js/pages/plugins/lord-icon-2.1.0.js	279 kB	2023-03-07	2024-02-05
Pretty URL paperelites.com/public/assets/js/pages/plugins/lord-icon-2.1.0.js IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:42 Last Seen2024-02-05 06:00:32 Times Seen103 Hash 2be9e8022e0f459be54aceb378473dfd f258e6797043c828d3387727d4d6d179cc56481d 1c176f11efed444d17b2af07e378b97bc8c4253d98a85d72ac8e4df095bb9ff7 Loading...

	paperelites.com/	474 B	2023-03-11	2023-03-11
Pretty URL paperelites.com/ IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:54 Last Seen2023-03-11 14:11:10 Times Seen1 Hash 49d8b726facd93c0c7c0b0e0b96b3d4d 1f4bcfdb407341b6bb6d7893b7789708a4af9cd5 9f68e3be8ef6651609217a11ec4ae53f03f9ba3fe65dea39274677e0aa7f9ed0 Loading...

	static.getbutton.io/widget-send-button/js/init.js	304 kB	2023-03-08	2023-03-12
Pretty URL static.getbutton.io/widget-send-button/js/init.js IP 176.9.188.20 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:31 Last Seen2023-03-12 18:59:55 Times Seen1 Hash 2710abc9a7a46f0c8e16d782996da5fe ab0ca08ae4560aa859cf9a21f530e529282bb5d4 b38627bd775364df4faf30a54e7d6038eef316c78e7b89c27ae70244434336e8 Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-app.js	151 B	2023-03-07	2024-04-24
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-app.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-24 05:13:57 Times Seen46602 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-vendors.js	211 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-vendors.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:02:52 Last Seen2024-01-03 04:29:13 Times Seen92 Hash 70dac54eca3bb2143032bc4db3237623 b072b86acccf5e05a52ebfbff58ec2961b200063 299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-32507910.js	74 kB	2023-03-11	2023-05-19
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-32507910.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:58:20 Last Seen2023-05-19 01:40:06 Times Seen3 Hash 9870f1f1dd64674e5f719fea9580eb35 e1bbc6c1bccbe64506d42ff6b76aa5c97f90d123 87d40d4643e8226c0028b1e73f759c0e738f7ccda79194f4e44761905bc4b632 Loading...

	paperelites.com/public/assets/libs/feather-icons/feather.min.js	76 kB	2023-03-07	2024-04-23
Pretty URL paperelites.com/public/assets/libs/feather-icons/feather.min.js IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:48 Last Seen2024-04-23 20:01:34 Times Seen860 Hash 199d840e1af3952233f1756b75a9b1dd 546be62a3e3d88dc2cf232be12879209b465aef1 5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9 Loading...

	paperelites.com/public/assets/libs/swiper/swiper-bundle.min.js	136 kB	2023-03-11	2023-03-11
Pretty URL paperelites.com/public/assets/libs/swiper/swiper-bundle.min.js IP 69.16.238.78 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:59:54 Last Seen2023-03-11 14:11:10 Times Seen1 Hash 1a69fba0d6bed74796793e1c035d5ae2 0cb676e5c39ac435017eb6b449e43a40240c5f59 88c877387a368b63d0ef3df8f7bc2c40bf2808089be6210437002ed37885c111 Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-main.js	121 B	2023-03-07	2024-04-24
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-main.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 05:14:02 Times Seen45920 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-vendor.js IP 104.22.25.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-4fe9d5dd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 23:07:49 Times Seen37049844 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (75)

URL IP Response Size

paperelites.com/

69.16.238.78

301 Moved Permanently

232 B

URL HTTP/1.1
paperelites.com/
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
232 B (232 bytes)
Hash
01e5955eb0b24872cd0f358248a5c5cf
e4463131eee47b1129b842da14f37c1d8fa627e7
971c888c1e59d0c7b51948b5023a1c384d37830eda092dd0847ed0b77f18e767

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 18 Nov 2022 12:31:24 GMT
Server: Apache
Location: https://paperelites.com/
Cache-Control: max-age=600
Expires: Fri, 18 Nov 2022 12:41:24 GMT
Content-Length: 232
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
30c30d01178fc74ac5266ee64c3ee85b
c0c2af8a864c00aa85a8775d55f85ab107150a3b
c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7924
Expires: Fri, 18 Nov 2022 14:43:28 GMT
Date: Fri, 18 Nov 2022 12:31:24 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2312
Cache-Control: max-age=167895
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:24 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 11:09:39 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e84f361a3c81abc5d665a5f441452a8
7aa4b9cb0a7ba1daa514dbb48fe8e74fdf09b60d
04d64920cc8e6b096841938b0c1140889f5d7a04eabd440934a31f1c7ab90352

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04D64920CC8E6B096841938B0C1140889F5D7A04EABD440934A31F1C7AB90352"
Last-Modified: Wed, 16 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8460
Expires: Fri, 18 Nov 2022 14:52:24 GMT
Date: Fri, 18 Nov 2022 12:31:24 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 11:45:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2781
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: r3/T2zO375/QfcBrz/T9Lnqajn+bdx94XS7amclTRpTeXqmFv5FgspNwLehFIXSq7hfGkkU6P7M=
x-amz-request-id: P3SDVN9NRP6MYN0X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 12:15:36 GMT
age: 948
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 12:31:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 12:25:01 GMT
cache-control: public,max-age=3600
age: 383
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

paperelites.com/

69.16.238.78

200 OK

14 kB

URL HTTP/2
paperelites.com/
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (646), with CRLF, LF line terminators
Size
14 kB (14201 bytes)
Hash
9a1ebc6e7e0d3ae7be409a3be8506e24
1afb1309365b1a90f90f2517141530d9f4d77e22
ed0e60c13eedb0b8eb12c3f0c42b185efa2e72b6f15c1c1ad020e7f25fb9d51c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
pragma: no-cache
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
date: Fri, 18 Nov 2022 12:31:24 GMT
set-cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; expires=Fri, 18-Nov-2022 14:31:24 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7; expires=Fri, 18-Nov-2022 14:31:24 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14201
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1122
Cache-Control: max-age=161653
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 09:25:38 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
50e43a539bb515bbfbfabf8a88ab4763
a487e3ebae27017e9aa017c0f50ea91810908c65
69785b8601889db8d94c67afd756e32438ca761ccac2ebb5d49f22e17149cf57

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3847
Cache-Control: max-age=136327
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Etag: "6376dd9d-1d7"
Expires: Sun, 20 Nov 2022 02:23:32 GMT
Last-Modified: Fri, 18 Nov 2022 01:19:25 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtag/js?id=G-GLT1JP8FZT

142.250.74.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-GLT1JP8FZT
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (21484)
Size
77 kB (76626 bytes)
Hash
4412c5c34f4b2a756316b0663f41a8dd
501b5751104fead103531aa5ecc8956ef748cc76
b64fffcb1d8ef57cc37055e8e9b075bc5d5ffb75f8a480f7f90fde54ee137e06

HTTP Headers

GET /gtag/js?id=G-GLT1JP8FZT HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 18 Nov 2022 12:31:25 GMT
expires: Fri, 18 Nov 2022 12:31:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76626
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.paypalobjects.com/webstatic/en_US/i/buttons/cc-badges-ppmcvdam.png

151.101.86.133

200 OK

15 kB

URL HTTP/2
www.paypalobjects.com/webstatic/en_US/i/buttons/cc-badges-ppmcvdam.png
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
PNG image data, 316 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14597 bytes)
Hash
759a0df024c6ebc5a9359ddd5517a0db
614ccde411416b5936363f1f6cf4e463f8d6dcf2
b19a7b8e5abb1c7d72201ef6652a594359d29fe429336f939edd16559ff55805

HTTP Headers

GET /webstatic/en_US/i/buttons/cc-badges-ppmcvdam.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "y7YBC/WzLUozYGhAvZy3buMEniGNu52zvevLgKRSmAw"
fastly-io-info: ifsz=15330 idim=316x40 ifmt=png ofsz=14597 odim=316x40 ofmt=png
fastly-stats: io=1
paypal-debug-id: 19c92130a7d31
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000019c92130a7d31-87f3eb7aaf4a6f55-01
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 18 Nov 2022 12:31:25 GMT
x-served-by: cache-sjc10027-SJC, cache-bma1647-BMA
x-cache: HIT, HIT
x-cache-hits: 18844, 4
x-timer: S1668774685.196799,VS0,VE0
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 14597
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

paperelites.com/public/assets/css/bootstrap.min.css

69.16.238.78

200 OK

27 kB

URL HTTP/2
paperelites.com/public/assets/css/bootstrap.min.css
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
27 kB (26776 bytes)
Hash
217d78bc98e39a30feb0b947a716580e
2c91e376cecbde0be489fa50b0642987b27d160f
7011f93a5c57d89048185347ea87c3ddbb2856c4d5609e1a0c38012048da99c9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/css/bootstrap.min.css HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 26776
content-type: text/css
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.203.75.56

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.203.75.56:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4xinU78fFLcqKG33f8uKnQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S4KcrJxAlwy3J5LvKPfgxAdN/6c=

paperelites.com/public/assets/css/custom.min.css

69.16.238.78

200 OK

44 B

URL HTTP/2
paperelites.com/public/assets/css/custom.min.css
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
ASCII text
Size
44 B (44 bytes)
Hash
0614d60eb2fb290b48b130a9dabe3d82
e633b898b2b963aaa14a202174ecf66a6d745970
3d142b9993a3c0e3c401f34da32e6cc17ba42045732e7995bc49a74c87c9a702

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/css/custom.min.css HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 44
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: User-Agent
content-type: text/css
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/js/layout.js

69.16.238.78

200 OK

448 B

URL HTTP/2
paperelites.com/public/assets/js/layout.js
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with CRLF line terminators
Size
448 B (448 bytes)
Hash
66b1bbc5d016726231fc2ca9985c942e
e29ffbd380b7ef6db15895e539f67f4de7926732
f26858c19b7e24ff87f0f59b2c3706ae33fc1d0b779a59af20addc46c310ab3d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/js/layout.js HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 448
content-type: application/javascript
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/libs/swiper/swiper-bundle.min.css

69.16.238.78

200 OK

4.5 kB

URL HTTP/2
paperelites.com/public/assets/libs/swiper/swiper-bundle.min.css
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (15306)
Size
4.5 kB (4460 bytes)
Hash
bda52feb0cd0e8ca210f9b05e4bcd42c
bdafb07fded242d35b43081508d17855d49b56c1
07ffbec059d7d476eff651a64103e84ab0cef36cc9e513d1b5664046297fffc4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/libs/swiper/swiper-bundle.min.css HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4460
content-type: text/css
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/css/app.min.css

69.16.238.78

200 OK

53 kB

URL HTTP/2
paperelites.com/public/assets/css/app.min.css
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
ASCII text
Size
53 kB (52716 bytes)
Hash
1711f59b03c211f053446978b477f1a2
fd823ccb0ed06171aa471606758017c5eec42311
189d80367acd7dec871ea8d94a1835ad342f8b0c8ebbd5bf554328adfe265adb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/css/app.min.css HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 25 Aug 2022 08:50:04 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 52716
content-type: text/css
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/images/brand/Paper-Elite-logo-long-black.png

69.16.238.78

200 OK

7.8 kB

URL HTTP/2
paperelites.com/public/assets/images/brand/Paper-Elite-logo-long-black.png
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 552 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
7.8 kB (7838 bytes)
Hash
6f27db267b27a5a1f04b83fb44482ce7
0fe5d3e102cbdd7ea2b9966b5c0fa67b9f602a86
4d1b8fb8bfb28793e0efc6db954cda1c1fd543b30029d1c708bb2b1e6dc93b85

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/images/brand/Paper-Elite-logo-long-black.png HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 7838
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
content-type: image/png
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/css/icons.min.css

69.16.238.78

200 OK

90 kB

URL HTTP/2
paperelites.com/public/assets/css/icons.min.css
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
data
Size
90 kB (90488 bytes)
Hash
097b80b876ef7416045ef701166e1bed
0e49e6146064dab2fd6ebe095d5585020adbe048
2890b867fb1d5370e43ecb9eed2f1a4b4f48fd5c93198658f8e7c352a435a404

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/css/icons.min.css HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: text/css
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/libs/simplebar/simplebar.min.js

69.16.238.78

200 OK

18 kB

URL HTTP/2
paperelites.com/public/assets/libs/simplebar/simplebar.min.js
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
Unicode text, UTF-8 text, with very long lines (58822)
Size
18 kB (18455 bytes)
Hash
cda5592bed217c2c3fa379a6a6e34014
b925d23cfc58197cbfcff901b75272096be3e311
fa014ff38ba0fce9c1e0c090a4d37e82c2c45e935126eccc27578b754496e9c6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/libs/simplebar/simplebar.min.js HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 18455
content-type: application/javascript
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/js/pages/landing.init.js

69.16.238.78

200 OK

1.1 kB

URL HTTP/2
paperelites.com/public/assets/js/pages/landing.init.js
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1064 bytes)
Hash
040d54f42d5169fdcb766840b5271f91
47f75caa21dfc739b0f19c7f26a6854babef5c14
eb8dbd3ea6641c0283a3843e3c88570b31bbaa877ff15107057e014b2a9170d7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/js/pages/landing.init.js HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 27 Sep 2022 07:39:58 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1064
content-type: application/javascript
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/libs/node-waves/waves.min.js

69.16.238.78

200 OK

2.3 kB

URL HTTP/2
paperelites.com/public/assets/libs/node-waves/waves.min.js
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (6291)
Size
2.3 kB (2316 bytes)
Hash
78f146477d50d22a5e39e69a5338517c
f09d4bf6d1da3db03635143dd442808c2ed84de8
71cd428b400e2d3fb3d7c03bef0800312890fdc215565bfc1cfc9d7b77565ccb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/libs/node-waves/waves.min.js HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2316
content-type: application/javascript
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/images/brand/Paper-Elite-logo-long-black-paper.png

69.16.238.78

200 OK

8.1 kB

URL HTTP/2
paperelites.com/public/assets/images/brand/Paper-Elite-logo-long-black-paper.png
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 552 x 194, 8-bit/color RGBA, non-interlaced\012- data
Size
8.1 kB (8127 bytes)
Hash
bae157adbd32c371e4fbfca2d2c7aeda
3c6c965c9d4d2659d193909538148b79a62bad5c
ff84010a5b5b279386afc2668920d20dfaf57d89f8c8f4034620f3c285dd24c3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/images/brand/Paper-Elite-logo-long-black-paper.png HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 8127
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
content-type: image/png
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/images/landing/process-arrow-img.png

69.16.238.78

200 OK

8.9 kB

URL HTTP/2
paperelites.com/public/assets/images/landing/process-arrow-img.png
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 250 x 46, 8-bit/color RGBA, non-interlaced\012- data
Size
8.9 kB (8889 bytes)
Hash
9dedf34b3890369c393be3e3d2b9bc79
b3381e1a186e2a53fa1908f24838dae504c6fad2
aeadf1e98e07445d741a43600e7b131ec16098f17f3fab6a964ef07dbacf5d12

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/images/landing/process-arrow-img.png HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 25 Aug 2022 08:12:52 GMT
accept-ranges: bytes
content-length: 8889
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
content-type: image/png
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/libs/bootstrap/js/bootstrap.bundle.min.js

69.16.238.78

200 OK

23 kB

URL HTTP/2
paperelites.com/public/assets/libs/bootstrap/js/bootstrap.bundle.min.js
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (65299)
Size
23 kB (23053 bytes)
Hash
7ea1fe73df3e8aa2d0a765604bc83b59
ddbc17412fa5eb0ca87a1cb848797d93ce1acaf4
11515c1f1b6e4c673f3aee29ccabf0dc99b8a6c9c62910c16ab33008c85f1be6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/libs/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 23053
content-type: application/javascript
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap

142.250.74.10

200 OK

997 B

URL HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
997 B (997 bytes)
Hash
48d7c1cc17ca8946073b58e6e338cbe4
898e9de64d18e6b3178b45035d579ef2fd18ce3e
8fbe9cd7a9deffdd83684e499216d99caa100a01c6c57da9c463ec014bac512b

HTTP Headers

GET /css2?family=Poppins:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paperelites.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 12:31:25 GMT
date: Fri, 18 Nov 2022 12:31:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

paperelites.com/public/assets/images/avatars/file.png

69.16.238.78

200 OK

35 kB

URL HTTP/2
paperelites.com/public/assets/images/avatars/file.png
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced\012- data
Size
35 kB (35026 bytes)
Hash
87f655acb4b922a7ccc7f594b874a945
abd81d42e4315752e158b8eaa21f0dcdededecf7
d7afcdd69981dc4eb8c52d7a852edd7225ef14cf05191335196b023e13193046

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/images/avatars/file.png HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 27 Sep 2022 08:51:52 GMT
accept-ranges: bytes
content-length: 35026
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
content-type: image/png
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/libs/feather-icons/feather.min.js

69.16.238.78

200 OK

21 kB

URL HTTP/2
paperelites.com/public/assets/libs/feather-icons/feather.min.js
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
Unicode text, UTF-8 text, with very long lines (61490)
Size
21 kB (20692 bytes)
Hash
d67bee1525bc84ec4d81ab2b29d82d90
859e43f32a390926bf35158fb23d04ac1975ee6a
2cbee3be29b71ed2d057f84af9fcefacf4ed28845f3f10ae85c2bd4acc16d92d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/libs/feather-icons/feather.min.js HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20692
content-type: application/javascript
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/libs/swiper/swiper-bundle.min.js

69.16.238.78

200 OK

38 kB

URL HTTP/2
paperelites.com/public/assets/libs/swiper/swiper-bundle.min.js
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
ASCII text, with very long lines (65279)
Size
38 kB (37914 bytes)
Hash
3400da8a92545d4ebe48dc2b41ecbaac
0350f830e97162c914a7f76d4000ae164fd68918
36b8f6cbb1cdb2478d754c2b13493724788d86eb30b25657e064882bf8115055

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/libs/swiper/swiper-bundle.min.js HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 37914
content-type: application/javascript
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

216.58.207.195

200 OK

8.0 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paperelites.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 14:43:52 GMT
expires: Wed, 15 Nov 2023 14:43:52 GMT
cache-control: public, max-age=31536000
age: 251253
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

paperelites.com/uploads/blog_thumbnails/How%20to%20Avoid%20Scammers%20Online.png

69.16.238.78

200 OK

698 kB

URL HTTP/2
paperelites.com/uploads/blog_thumbnails/How%20to%20Avoid%20Scammers%20Online.png
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 1140 x 597, 8-bit/color RGBA, non-interlaced\012- data
Size
698 kB (698173 bytes)
Hash
f6983f407b3bd01eefef26391cbcdce0
3979c939ce597d01da6da20bfa84ec1125121343
01f65c7d9484246b6c382c0be7a50961e21d86d842b784a5d57da859b90c46fa

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/blog_thumbnails/How%20to%20Avoid%20Scammers%20Online.png HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 27 Sep 2022 06:55:24 GMT
accept-ranges: bytes
content-length: 698173
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
content-type: image/png
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/images/banners/banner.jpg

69.16.238.78

200 OK

194 kB

URL HTTP/2
paperelites.com/public/assets/images/banners/banner.jpg
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1280, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1280, components 3\012- data
Size
194 kB (194130 bytes)
Hash
604c269911da278d51fee0c7c18bf342
dcb6ffb347796eeed86a01505c69af7ce181ddba
e5bcc9416a64ff821854fb200a391d017f1e96e6b2cc139480582ec709be617f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/images/banners/banner.jpg HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://paperelites.com/public/assets/css/app.min.css
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 194130
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
content-type: image/jpeg
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paperelites.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:48:50 GMT
expires: Thu, 16 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 139355
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

paperelites.com/public/assets/fonts/remixicon.woff

69.16.238.78

200 OK

125 kB

URL HTTP/2
paperelites.com/public/assets/fonts/remixicon.woff
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
Web Open Font Format (Version 2), TrueType, length 125268, version 1.0\012- data
Size
125 kB (125268 bytes)
Hash
9915fef980fa539085da55b84dfde760
4d375abf43ed18aa54264c1b59714b0a59c593a4
e61f0d10c8cac8cd0ecb36790d6cce883380c0b185ff3c9bf849ed336ba8285c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/fonts/remixicon.woff HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://paperelites.com/public/assets/css/icons.min.css
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 125268
cache-control: max-age=172800
expires: Sun, 20 Nov 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-type: font/woff
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/js/pages/plugins/lord-icon-2.1.0.js

69.16.238.78

200 OK

131 kB

URL HTTP/2
paperelites.com/public/assets/js/pages/plugins/lord-icon-2.1.0.js
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
data
Size
131 kB (131349 bytes)
Hash
6045c0fe69a47ca95e341df199691089
8b5ef5036206121c6e7de68ef88851c18cae086e
5c9fabb20979398cd039de0b94a37a58405ac815445a516a87ebfa8f32077632

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/js/pages/plugins/lord-icon-2.1.0.js HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/javascript
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paperelites.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:31:06 GMT
expires: Thu, 16 Nov 2023 19:31:06 GMT
cache-control: public, max-age=31536000
age: 147619
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.195

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paperelites.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:32:10 GMT
expires: Thu, 16 Nov 2023 08:32:10 GMT
cache-control: public, max-age=31536000
age: 187155
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

paperelites.com/public/assets/fonts/materialdesignicons-webfont.woff

69.16.238.78

200 OK

361 kB

URL HTTP/2
paperelites.com/public/assets/fonts/materialdesignicons-webfont.woff
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
Web Open Font Format (Version 2), TrueType, length 361384, version 1.0\012- data
Size
361 kB (361384 bytes)
Hash
9d243c168a4f1c2cb3cec74884344de7
07d569796a205afa6e6c78a200632f4390dc5c8b
11e3d4caeceb6a9d4be5144f349b5abbb8e586f1568d58a24794331023249733

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/fonts/materialdesignicons-webfont.woff HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://paperelites.com/public/assets/css/icons.min.css
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 361384
cache-control: max-age=172800
expires: Sun, 20 Nov 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-type: font/woff
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/fonts/hkgrotesk-semibold.woff

69.16.238.78

200 OK

63 kB

URL HTTP/2
paperelites.com/public/assets/fonts/hkgrotesk-semibold.woff
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
Web Open Font Format, TrueType, length 62688, version 1.0\012- data
Size
63 kB (62688 bytes)
Hash
28d43353b758a7294986605ecb965401
dc3a740e151162f8420f215d52643b1364adcd9f
fd55423683b9d9e6715d7a112d66191a01b1acd4bc930fed86d26ff2f570001e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/fonts/hkgrotesk-semibold.woff HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://paperelites.com/public/assets/css/app.min.css
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 62688
cache-control: max-age=172800
expires: Sun, 20 Nov 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-type: font/woff
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
fbcd20697ca95af1ab8642a7af8f9654
ed0df615db8b5d2409ed2e36a619fe777efdee9a
00d5ba856f1f6003c4ae37a78fc1675d6cfa8ff6e2a52a962c13f3811e0d9363

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3989
Cache-Control: max-age=100830
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:25 GMT
Etag: "63765266-116"
Expires: Sat, 19 Nov 2022 16:31:55 GMT
Last-Modified: Thu, 17 Nov 2022 15:25:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

paperelites.com/public/assets/fonts/hkgrotesk-medium.woff

69.16.238.78

200 OK

42 kB

URL HTTP/2
paperelites.com/public/assets/fonts/hkgrotesk-medium.woff
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
Web Open Font Format, TrueType, length 42172, version 1.0\012- data
Size
42 kB (42172 bytes)
Hash
296bfb9b8b1a36d07e1830eac65730f1
5c97c16cb9769dcd52c38382b16bdc3bcdd001ee
220567a08de9c722420a4cb513ac1a0f7b9f6daf12661172d44efe86604056eb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/fonts/hkgrotesk-medium.woff HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://paperelites.com/public/assets/css/app.min.css
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 42172
cache-control: max-age=172800
expires: Sun, 20 Nov 2022 12:31:25 GMT
vary: Accept-Encoding,User-Agent
content-type: font/woff
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58b1a3ccc7ca124d1dd0974ec34a57a7
c64ea6e1db1b98f929a8dd3e3117ad20e0f49d10
5b5932ff648e36fc7c64e1fbec97ae1207f530106650378888a20c18b7cf45b3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5B5932FF648E36FC7C64E1FBEC97AE1207F530106650378888A20C18B7CF45B3"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7945
Expires: Fri, 18 Nov 2022 14:43:51 GMT
Date: Fri, 18 Nov 2022 12:31:26 GMT
Connection: keep-alive

static.getbutton.io/widget-send-button/js/init.js

176.9.188.20

302 Moved Temporarily

145 B

URL HTTP/1.1
static.getbutton.io/widget-send-button/js/init.js
IP
176.9.188.20:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
145 B (145 bytes)
Hash
0e0a408f3009ae4498e7f3ffc9c5fa7b
113078a9c13645b225d88d5e306709f8994ea817
e3a16c76764dacf8ea25637976a03595564530a9fce185c2145f7c1903f2707b

HTTP Headers

GET /widget-send-button/js/init.js HTTP/1.1
Host: static.getbutton.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.23.1
Date: Fri, 18 Nov 2022 12:31:26 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: https://static.getbutton.io/widget/bundle.js

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
fbcd20697ca95af1ab8642a7af8f9654
ed0df615db8b5d2409ed2e36a619fe777efdee9a
00d5ba856f1f6003c4ae37a78fc1675d6cfa8ff6e2a52a962c13f3811e0d9363

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3990
Cache-Control: max-age=100830
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:26 GMT
Etag: "63765266-116"
Expires: Sat, 19 Nov 2022 16:31:56 GMT
Last-Modified: Thu, 17 Nov 2022 15:25:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278

static.getbutton.io/widget/bundle.js

176.9.188.20

200 OK

94 kB

URL HTTP/1.1
static.getbutton.io/widget/bundle.js
IP
176.9.188.20:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (65475)
Size
94 kB (94215 bytes)
Hash
d8cd247eabac0219996f3e07e4a9a211
bf8835bf60ec200dbdb7498c9c0e68d42f1c6030
7ba300201e1d30489a65dda4a1c35e25d6281b47d064d37a843892e138849b3e

HTTP Headers

GET /widget/bundle.js HTTP/1.1
Host: static.getbutton.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.23.1
Date: Fri, 18 Nov 2022 12:31:26 GMT
Content-Type: application/javascript
Last-Modified: Wed, 16 Nov 2022 07:07:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63748c32-4a576"
Expires: Fri, 18 Nov 2022 15:31:26 GMT
Cache-Control: max-age=10800
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Fri, 18 Nov 2022 15:02:21 GMT
Date: Fri, 18 Nov 2022 12:31:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Fri, 18 Nov 2022 15:02:21 GMT
Date: Fri, 18 Nov 2022 12:31:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Fri, 18 Nov 2022 15:02:21 GMT
Date: Fri, 18 Nov 2022 12:31:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9055
Expires: Fri, 18 Nov 2022 15:02:21 GMT
Date: Fri, 18 Nov 2022 12:31:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3759 bytes)
Hash
5d0b6106f00f9fd8b89c2d484a559a1a
399ac393209dcdac7d2188d7aa8d95f04570ef7c
5d8151c9eb558f4a2b8bd2952c6845606ddb0c27e36f6e49aca7e60908cd9fe4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e93b023-2729-4761-a4ea-05612c0917fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3759
x-amzn-requestid: 8c91ac59-89dc-4218-b69f-0cebb29f301b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-wJHgxoAMF-hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab33-4dac305614a92bc52c038222;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mb2-PTjNmt06Wd5jOjQ5WoLY-0NgI80CKPXtwgzBt4n5km8Pu_WN0Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:54 GMT
age: 51752
etag: "399ac393209dcdac7d2188d7aa8d95f04570ef7c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10349 bytes)
Hash
7d16e5ff718353c095d266b080fe547f
fa7c5c9a1d16355859196271f3d13f3850931888
9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:05:52 GMT
age: 51934
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8884 bytes)
Hash
14649d486602810c1b218b96b27b2cc4
96c6cbfe31e7247c64dfa8c3759967627f8c6286
80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MiGFxoAMFlxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:08:13 GMT
age: 51793
etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12065 bytes)
Hash
05289172c1455c4134e496c6f4606efd
ce1bb33256b0754f9acc01e7e9f3e5dc85f89244
a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:02:57 GMT
age: 52109
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6344 bytes)
Hash
a9d32fa3866dd741de610a61a93ad893
4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: RQqPegf6sdVW0qmrGnUo6EORLuT7BRikwhtF08LAxWNCpLGwGZnG8Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:34:03 GMT
age: 53843
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11667 bytes)
Hash
032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CHi9V7-WaWmG6Y0249CZJnhe_RjvleaGFVXoOnJ62cjrcXoLLKwzgw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 07:20:30 GMT
age: 18656
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

paperelites.com/public/assets/images/favicon/favicon-16x16.png

69.16.238.78

200 OK

628 B

URL HTTP/2
paperelites.com/public/assets/images/favicon/favicon-16x16.png
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
628 B (628 bytes)
Hash
cfb6331dd8401cd45de8068ebfa456f6
f0c5474a541e8e2ade4864bdeea289c73c596859
7cb166a586db714fd12cae6180ea74cb507602715a77129cbd5a6f6881b439ce

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/images/favicon/favicon-16x16.png HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7; _ga_GLT1JP8FZT=GS1.1.1668774684.1.0.1668774684.0.0.0; _ga=GA1.1.1028768817.1668774684
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 628
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:26 GMT
content-type: image/png
date: Fri, 18 Nov 2022 12:31:26 GMT
server: Apache
X-Firefox-Spdy: h2

paperelites.com/public/assets/images/favicon/android-chrome-512x512.png

69.16.238.78

200 OK

38 kB

URL HTTP/2
paperelites.com/public/assets/images/favicon/android-chrome-512x512.png
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (37643 bytes)
Hash
f390cdcb8f34b0a3c0e26cbf60cac33c
25fba08298f0b9ed3862e3514541fba31ce423fb
2eb9562173e3a26faaebbedf43f55710658f502c2886008cd7f17d093340504a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /public/assets/images/favicon/android-chrome-512x512.png HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7; _ga_GLT1JP8FZT=GS1.1.1668774684.1.0.1668774684.0.0.0; _ga=GA1.1.1028768817.1668774684
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 20 Aug 2022 11:26:28 GMT
accept-ranges: bytes
content-length: 37643
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:26 GMT
content-type: image/png
date: Fri, 18 Nov 2022 12:31:26 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
24e839b9f3c854f1059813baa2c678a5
be2078cbfd0e0ed2de69e22e76c5c83aba9c656e
35b72207dddd79dce8c7f0bc72243dc70d0a9190b15fd344c790224513b8f810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-GLT1JP8FZT&gtm=2oeb90&_p=338151783&cid=1028768817.1668774684&ul=en-us&sr=1280x1024&_s=1&sid=1668774684&sct=1&seg=0&dl=https%3A%2F%2Fpaperelites.com%2F&dt=Home%20-%20PaperElites%20%7C%7C%20Academic%20Writing%20Research%20Centre&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-GLT1JP8FZT&gtm=2oeb90&_p=338151783&cid=1028768817.1668774684&ul=en-us&sr=1280x1024&_s=1&sid=1668774684&sct=1&seg=0&dl=https%3A%2F%2Fpaperelites.com%2F&dt=Home%20-%20PaperElites%20%7C%7C%20Academic%20Writing%20Research%20Centre&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-GLT1JP8FZT&gtm=2oeb90&_p=338151783&cid=1028768817.1668774684&ul=en-us&sr=1280x1024&_s=1&sid=1668774684&sct=1&seg=0&dl=https%3A%2F%2Fpaperelites.com%2F&dt=Home%20-%20PaperElites%20%7C%7C%20Academic%20Writing%20Research%20Centre&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: null
date: Fri, 18 Nov 2022 12:31:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

1.6 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
1.6 kB (1611 bytes)
Hash
b20a975da1e885c9cce62f2dc983d9e8
4376014c0120c855118e2a7c5d8b25f073516975
6f29dcd8d2141da90c190ee2e7ca60f6a9c2589a8b93503704b658b4a06fcb2a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 12:31:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

embed.tawk.to/_s/v4/app/637655d0c72/js/twk-main.js

104.22.25.131

200 OK

86 kB

URL HTTP/2
embed.tawk.to/_s/v4/app/637655d0c72/js/twk-main.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
86 kB (86016 bytes)
Hash
fb635bc3ef47f3b3c59beeea90e3ccfd
92329adba693ea65f5361aa4b456df77cd41cfba
56656b466b9ee87f3f685d2085873e7ad67a1098e726ecaf358751993f94b15d

HTTP Headers

GET /_s/v4/app/637655d0c72/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paperelites.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 12:31:26 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 15:41:49 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c0b91ea9800b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

vsb58.tawk.to/s/?k=63777b1f6d983d2811a8363d&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmJkM2I3ZjdiOTY3YjExNzk5NzNjMjYiLCJ2aWQiOiI2MmJkM2I3ZjdiOTY3YjExNzk5NzNjMjYtd2dCZjc0eFNfdmV0ejhsS1ZSVkFxIiwic2lkIjoiNjM3NzdiMWY2ZDk4M2QyODExYTgzNjNkIiwiaWF0IjoxNjY4Nzc0Njg3LCJleHAiOjE2Njg3NzY0ODcsImp0aSI6Ikd3ZjJNeUZ0emFZNmtWX2lLV1l3MiJ9.f3HjlmkkCGEpOMySVHgpwyzIOvn3kXUMTVp7J6mG2zkIAPueU5tFgTl-ZHXRKJKVHz6nBE4zlMr7DlrhSk32nA&EIO=3&transport=websocket&__t=OIAkEwK

104.22.25.131

101 Switching Protocols

44 kB

URL HTTP/1.1
vsb58.tawk.to/s/?k=63777b1f6d983d2811a8363d&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmJkM2I3ZjdiOTY3YjExNzk5NzNjMjYiLCJ2aWQiOiI2MmJkM2I3ZjdiOTY3YjExNzk5NzNjMjYtd2dCZjc0eFNfdmV0ejhsS1ZSVkFxIiwic2lkIjoiNjM3NzdiMWY2ZDk4M2QyODExYTgzNjNkIiwiaWF0IjoxNjY4Nzc0Njg3LCJleHAiOjE2Njg3NzY0ODcsImp0aSI6Ikd3ZjJNeUZ0emFZNmtWX2lLV1l3MiJ9.f3HjlmkkCGEpOMySVHgpwyzIOvn3kXUMTVp7J6mG2zkIAPueU5tFgTl-ZHXRKJKVHz6nBE4zlMr7DlrhSk32nA&EIO=3&transport=websocket&__t=OIAkEwK
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
44 kB (44169 bytes)
Hash
8604f8b8a42f976b88bd16c3d56f5977
46d8fcb90c4a388eddcb2b8c47233eb7157d0e48
e8045f6cfd65c03436e533428685566dcb1da63b71edeb719caee993f5563aed

HTTP Headers

GET /s/?k=63777b1f6d983d2811a8363d&cver=0&pop=false&asver=10&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MmJkM2I3ZjdiOTY3YjExNzk5NzNjMjYiLCJ2aWQiOiI2MmJkM2I3ZjdiOTY3YjExNzk5NzNjMjYtd2dCZjc0eFNfdmV0ejhsS1ZSVkFxIiwic2lkIjoiNjM3NzdiMWY2ZDk4M2QyODExYTgzNjNkIiwiaWF0IjoxNjY4Nzc0Njg3LCJleHAiOjE2Njg3NzY0ODcsImp0aSI6Ikd3ZjJNeUZ0emFZNmtWX2lLV1l3MiJ9.f3HjlmkkCGEpOMySVHgpwyzIOvn3kXUMTVp7J6mG2zkIAPueU5tFgTl-ZHXRKJKVHz6nBE4zlMr7DlrhSk32nA&EIO=3&transport=websocket&__t=OIAkEwK HTTP/1.1
Host: vsb58.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://paperelites.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /h0FxXWwcckq7jNYDfAvZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 18 Nov 2022 12:31:28 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: oN9m5a56vpyvR+4QJowtIUVMnqc=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 76c0b928ab660af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

embed.tawk.to/62bd3b7f7b967b1179973c26/1g6pj0qv1

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/62bd3b7f7b967b1179973c26/1g6pj0qv1
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /62bd3b7f7b967b1179973c26/1g6pj0qv1 HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paperelites.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 18 Nov 2022 12:31:26 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637655d0c72"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c0b91c3eaa0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

paperelites.com/uploads/blog_thumbnails/How%20Online%20Writing%20Works%20and%20How%20You%20Can%20Earn.jpg

69.16.238.78

200 OK

0 B

URL HTTP/2
paperelites.com/uploads/blog_thumbnails/How%20Online%20Writing%20Works%20and%20How%20You%20Can%20Earn.jpg
IP
69.16.238.78:0
ASN
#32244 LIQUIDWEB

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /uploads/blog_thumbnails/How%20Online%20Writing%20Works%20and%20How%20You%20Can%20Earn.jpg HTTP/1.1
Host: paperelites.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paperelites.com/
Connection: keep-alive
Cookie: ci_session=dbc978e0efef9a297adc13a9010426129c5e6b8a; csrf_cookie_name=13db3d22ac8243f7e4bdb82b1e6e97c7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 27 Sep 2022 07:03:38 GMT
accept-ranges: bytes
content-length: 180292
cache-control: max-age=2592000
expires: Sun, 18 Dec 2022 12:31:25 GMT
content-type: image/jpeg
date: Fri, 18 Nov 2022 12:31:25 GMT
server: Apache
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637655d0c72/js/twk-vendor.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637655d0c72/js/twk-vendor.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637655d0c72/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paperelites.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 12:31:26 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 15:41:49 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c0b91ea9850b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-vendors.js

104.22.25.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637655d0c72/js/twk-chunk-vendors.js
IP
104.22.25.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637655d0c72/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paperelites.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 18 Nov 2022 12:31:26 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 15:41:49 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c0b91ec9940b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations