Report - intl-paypal-taxes.com/

Report Overview

Submitted URL
intl-paypal-taxes.com/
IP
216.239.36.21
ASN
#15169 GOOGLE
Submitted
2023-01-23 09:33:55
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	796 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.213.114.144
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	216.58.211.3
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	459 B	137 kB	142.250.74.99
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	87 kB	216.58.207.227
lh4.googleusercontent.com	454	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	556 B	75 kB	142.250.74.97
intl-paypal-taxes.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	353 B	468 B	216.239.32.21
www.intl-paypal-taxes.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	2.1 kB	216.58.207.211
apis.google.com	105	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	7.9 kB	172.217.21.174
lh3.googleusercontent.com	66	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	580 B	39 kB	142.250.74.97
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	932 B	3.3 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-23	medium	intl-paypal-taxes.com/	Phishing
2023-01-23	medium	www.intl-paypal-taxes.com/	Phishing
2023-01-23	medium	www.intl-paypal-taxes.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-23	medium	intl-paypal-taxes.com	Sinkholed
2023-01-23	medium	intl-paypal-taxes.com	Sinkholed
2023-01-23	medium	intl-paypal-taxes.com	Sinkholed
2023-01-23	medium	intl-paypal-taxes.com	Sinkholed
2023-01-23	medium	intl-paypal-taxes.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy14,TGYpv,HIeYee,QxOCld,syx,YXyON,sy2p,abQiW,syj,ruhlUe,KUM7Z,sy18,zPx2U,qEW1W,oNFsLb,sy3n,yxTchf,sy3o,sy3p,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2r,SM1lmd,sy6,sy5,syw,RRzQxe,syy,YV8yqd,sy7,sya,syk,sy9,fNFZH,sy2q,sy1g,sy1r,syl,RrXLpc,cgRV2c,sy1s,o1L5Wb,X4BaPc,syf,sy16,Md9ENb	74 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy14,TGYpv,HIeYee,QxOCld,syx,YXyON,sy2p,abQiW,syj,ruhlUe,KUM7Z,sy18,zPx2U,qEW1W,oNFsLb,sy3n,yxTchf,sy3o,sy3p,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2r,SM1lmd,sy6,sy5,syw,RRzQxe,syy,YV8yqd,sy7,sya,syk,sy9,fNFZH,sy2q,sy1g,sy1r,syl,RrXLpc,cgRV2c,sy1s,o1L5Wb,X4BaPc,syf,sy16,Md9ENb IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:48:05 Last Seen2023-03-13 06:08:46 Times Seen1 Hash 9ba95ed7ff05a21fe12afc2ffe29dd34 9f1f32e1b03ca01e5bab44a2a934ee9c814e8a9b 3b4fa867417d0b5eff2e1a3d8b2d2b5b72a099261a0fb136971035f1f9ae4050 Loading...

	apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs	315 kB	2023-03-09	2023-03-13
Pretty URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:49:36 Last Seen2023-03-13 06:48:26 Times Seen1 Hash cf7cf65b284d8eff63ccac8b7dc7efdb ad42ac2a9e5f7041b3874fd9ab07ac0de8cb64d3 867a1c25babc1264f4e863bb66e46f7100ed43e3332006a6220514fa11fb84c7 Loading...

	www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=m9oV,sy3j,NTMZac,rCcCxc,RAnnUd,mzzZzc,sy2s,uu7UOe,nAFL3,sy2m,gJzDyc,sy2t,sy3u,soHxf,sys,syu,HYv29e,sy2u,uY3Nvd	34 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=m9oV,sy3j,NTMZac,rCcCxc,RAnnUd,mzzZzc,sy2s,uu7UOe,nAFL3,sy2m,gJzDyc,sy2t,sy3u,soHxf,sys,syu,HYv29e,sy2u,uY3Nvd IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:48:05 Last Seen2023-03-13 06:08:46 Times Seen1 Hash d41b060a89a989a5ab8f3850c6de1a29 c93263bd3cb5d87862a81c2781d8e27fa62e4f4d 933de9c74b2bfbd24988905f6e5cc6d7c0a84df0d12483048fe7fadab71e09ff Loading...

	www.intl-paypal-taxes.com/	59 B	2023-03-07	2024-04-24
Pretty URL www.intl-paypal-taxes.com/ IP 216.58.207.211 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-04-24 22:57:46 Times Seen1294 Hash a6e675093ac913b1b3c5bd616350e0ec 3fce18aa4c76382c7bd8be5a7d9da1d202419d5f 6024a6f0412fb6700a75e2c9221311c5230ae6b78a2e0b2e6b8800313c561b21 Loading...

	apis.google.com/js/client.js?onload=gapiLoaded	18 kB	2023-03-09	2023-03-13
Pretty URL apis.google.com/js/client.js?onload=gapiLoaded IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:58:14 Last Seen2023-03-13 06:08:46 Times Seen1 Hash d7aca2b8a15afd7acc0b48b6fdfa7550 f853efac8e11487e1b4cec368d4902116bb3a3c0 1f71b4356fa7e767c94c91521ee4f68c7912f8eeea394d1ba4c5db4a21095b6b Loading...

	www.intl-paypal-taxes.com/	40 B	2023-03-07	2024-04-24
Pretty URL www.intl-paypal-taxes.com/ IP 216.58.207.211 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-04-24 22:57:47 Times Seen1294 Hash 8dc7198496a693002800c969535719d8 2af910a76b06855faba3c17d869440b55a29e893 a750528f499f276d2fd47264648a292994d3423ee1918dd48e033fc9dfa8f2e6 Loading...

	www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=1/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=view	528 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=1/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=view IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:48:05 Last Seen2023-03-13 06:08:46 Times Seen1 Hash ccc49091e25fc7be2ee70764efaf45e4 4a571c0c4e3130cbb8596ba446064f97259d73c5 5ccaec735afef4060ae9928a815a52089bdbdb6d905e61368a7a7614ccb5c63d Loading...

	www.intl-paypal-taxes.com/	2.5 kB	2023-03-13	2023-03-13
Pretty URL www.intl-paypal-taxes.com/ IP 216.58.207.211 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:08:46 Last Seen2023-03-13 06:08:46 Times Seen1 Hash 1838616884b779b2865e1d283c26f5e8 e43d6eb00abf1381107635a1ba16647f270b303c 81621055cf47cff389d5c0808bc2f90bbbba4989dc1654eaec78917e5e225add Loading...

	www.intl-paypal-taxes.com/	463 B	2023-03-07	2024-04-24
Pretty URL www.intl-paypal-taxes.com/ IP 216.58.207.211 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-04-24 22:57:47 Times Seen840 Hash ba62c114275d5fe6454780a3d9eb3c20 958b480fb44cfff057e97319868d1ad06edae8c9 63846bca36b23a5f1e2d6a718b0e73b640d647d321d3e3425391b09398ea329f Loading...

	www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=sy3e,IZT63,vfuNJf,sy38,sy3c,sy3f,sy3s,sy3q,sy3r,siKnQd,sy36,sy3d,sy3h,YNjGDd,sy3g,sy3i,PrPYRd,iFQyKf,hc6Ubd,sy3t,SpsfSb,sy39,sy3b,wR5FRb,pXdRYb,dIoSBb,zbML3c	27 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=sy3e,IZT63,vfuNJf,sy38,sy3c,sy3f,sy3s,sy3q,sy3r,siKnQd,sy36,sy3d,sy3h,YNjGDd,sy3g,sy3i,PrPYRd,iFQyKf,hc6Ubd,sy3t,SpsfSb,sy39,sy3b,wR5FRb,pXdRYb,dIoSBb,zbML3c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:48:05 Last Seen2023-03-13 06:08:46 Times Seen1 Hash 5c418b3dfe2d36584492f99e669353d5 3fdb7fdae467e2c8ec32155d73cc62ea944574eb 6942cbb4c70ca8ab9d2029da727f7ddc0d4f29766d6f88c009e14f1af66fb2a4 Loading...

	www.intl-paypal-taxes.com/	37 B	2023-03-07	2024-04-24
Pretty URL www.intl-paypal-taxes.com/ IP 216.58.207.211 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-04-24 22:57:46 Times Seen1365 Hash 278a1fde660b456524bac51f78574a09 9299ca406f8c85dcf8127283ad24b7c971eac8f8 537028ea4a4d59d93a18a6f92e8cc51ad5d8928f7406f69353b809ac4efba0fb Loading...

	www.intl-paypal-taxes.com/	4.2 kB	2023-03-13	2023-03-13
Pretty URL www.intl-paypal-taxes.com/ IP 216.58.207.211 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:08:46 Last Seen2023-03-13 06:08:46 Times Seen1 Hash 8e50e7c0661ad4c273f72db0e89e5750 b817eed6355bdcfdcb68db363d3909e10e4c0b80 dda3224145d57611e3835d867e6fe43963ed28a239148bde426ab6e55da19512 Loading...

	www.intl-paypal-taxes.com/	167 B	2023-03-08	2023-11-28
Pretty URL www.intl-paypal-taxes.com/ IP 216.58.207.211 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:26 Last Seen2023-11-28 03:07:22 Times Seen956 Hash b2e4025e8778a2dad8b55f32f753b9c0 156441e72f8380a2b4a7ba59dfb6cb828696502b d97d5d1b2889ff7d225c69788b178016838bba9e3ae41b1f01784ba75b3308d1 Loading...

	www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=sy1a,sy1b,sy19,FoQBg	37 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=sy1a,sy1b,sy19,FoQBg IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:48:05 Last Seen2023-03-13 06:08:46 Times Seen1 Hash d18c8e49b613839d14b2cbf6b1c09529 fdb361b267fa015d7738bc1a10639ab32607581d 5a916d20db960a58e2c52d9d6d4ce20a01b7bcbcc98c6e36b893f1670caa5874 Loading...

	www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=sy2o,TRvtze	850 B	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=sy2o,TRvtze IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:48:05 Last Seen2023-03-13 06:08:46 Times Seen1 Hash 97ae7c30073050d24fe6cee8e8685fc8 728aaf573895e6542153838fbd1bf3d091a6b3ab 470fdc1ec700d537531977b517e64958f1dc14410ecd7c7b0ffe1a824bac1e01 Loading...

	www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=sy11,sy12,sy13,sy15,fuVYe,vVEdxc,sy17,CG0Qwb	32 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.hTJ1uH7UEmA.O/d=0/rs=AGEqA5mJGPaLGrkijj2Jb_CoMl864zK6Dw/m=sy11,sy12,sy13,sy15,fuVYe,vVEdxc,sy17,CG0Qwb IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:48:05 Last Seen2023-03-13 06:08:46 Times Seen1 Hash f29a236bf1d5af7925034117e0cfb82c feacd4fa6808c12b667ff0901444fec6b7a01c36 9ccb1716c668a2800583c35ff601b3ff4bf4f12c54c9949c122047cf65ab3443 Loading...

HTTP Transactions (41)

URL IP Response Size

intl-paypal-taxes.com/

216.239.32.21

301 Moved Permanently

230 B

URL HTTP/1.1
intl-paypal-taxes.com/
IP
216.239.32.21:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
230 B (230 bytes)
Hash
eb38563cb75a3e7876cc1b88730fd290
7fe004766ea9aa4c702ddf05729387695aa15b6e
dd9f90ac9a5cf078ba042d34111116cdad346be9051ac6fe660fde4c57be629c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: intl-paypal-taxes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Location: http://www.intl-paypal-taxes.com/
Date: Mon, 23 Jan 2023 09:33:44 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 230
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12496
Expires: Mon, 23 Jan 2023 13:02:00 GMT
Date: Mon, 23 Jan 2023 09:33:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7164
Expires: Mon, 23 Jan 2023 11:33:08 GMT
Date: Mon, 23 Jan 2023 09:33:44 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 23 Jan 2023 08:42:36 GMT
content-type: application/json
age: 3068
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8026
Expires: Mon, 23 Jan 2023 11:47:30 GMT
Date: Mon, 23 Jan 2023 09:33:44 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dUAtYLbFRTLBso6garWHrStijvNAxMNVJAikZRPs7OIXPoyQ6GGzzBer18sDK2+bSHfTZMCYli02mjXpkogJyw==
x-amz-request-id: SVB6FQ4T9T5EVV1S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 23 Jan 2023 08:47:39 GMT
age: 2765
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 23 Jan 2023 09:33:44 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.intl-paypal-taxes.com/

216.58.207.211

301 Moved Permanently

0 B

URL HTTP/1.1
www.intl-paypal-taxes.com/
IP
216.58.207.211:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.intl-paypal-taxes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 23 Jan 2023 09:33:44 GMT
Location: https://www.intl-paypal-taxes.com/
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

ocsp.pki.goog/s/gts1d4/Snguk0McFbk

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1d4/Snguk0McFbk
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9eabf147b19913b00d9200755a31b188
0d3f31b34af8e0c618d91f00bb428f20676cb1d8
60c0c81c9a977dcd252059aeb24aa3dcf3f67429fb1983338263130cf81efb45

HTTP Headers

POST /s/gts1d4/Snguk0McFbk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:45 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 23 Jan 2023 09:17:30 GMT
age: 975
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4727
Cache-Control: max-age=89509
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:45 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:25:34 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/_/atari/_/ss/k=atari.vw.ESY_8x7XR4M.L.F4.O/d=1/rs=AGEqA5mXJSDbBGpw4IGeKe6Ts5IJ7fWk8A

142.250.74.99

200 OK

136 kB

URL HTTP/2
www.gstatic.com/_/atari/_/ss/k=atari.vw.ESY_8x7XR4M.L.F4.O/d=1/rs=AGEqA5mXJSDbBGpw4IGeKe6Ts5IJ7fWk8A
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
136 kB (136494 bytes)
Hash
25508e20e67070cd58cad1d38f55ab7b
a699b51a3fbcef3641ab325ed3b87ddd05fdb5df
caeb3e72682fca702a9199a10ca8e4e3843b94f51bb075e6a1884cc633fb4517

HTTP Headers

GET /_/atari/_/ss/k=atari.vw.ESY_8x7XR4M.L.F4.O/d=1/rs=AGEqA5mXJSDbBGpw4IGeKe6Ts5IJ7fWk8A HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.intl-paypal-taxes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-length: 136494
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 11:16:58 GMT
expires: Sat, 20 Jan 2024 11:16:58 GMT
cache-control: public, max-age=31536000
age: 253007
last-modified: Tue, 10 Jan 2023 13:28:04 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

142.250.74.106

200 OK

1.8 kB

URL HTTP/2
fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.8 kB (1832 bytes)
Hash
ea259d0204b6f69efe10f97ce343c093
9c41ed8193f50c2231db99e6e7faee8c34124502
77244ac37b0ca8e38f02a43cdcda3a70207c15be5158cd1a282c6228aa2aae2a

HTTP Headers

GET /css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.intl-paypal-taxes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jan 2023 09:33:45 GMT
date: Mon, 23 Jan 2023 09:33:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

54.213.114.144

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.213.114.144:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Qi2OnlMVBU/ceh3M2wCaDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N8ZGF3NGD42CrOpXLJ480Z7ZfSA=

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2182bcd522c31d3b880961c8c82e5789
e5caa39d2aa22d6d5f9f4cecc26ec61d244a4be9
25d37caaa7bb1a0e464d7bbf1495839e70f06c1cb4ad0ad5abe42e8ab0e1676e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

apis.google.com/js/client.js?onload=gapiLoaded

172.217.21.174

200 OK

6.9 kB

URL HTTP/2
apis.google.com/js/client.js?onload=gapiLoaded
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2054)
Size
6.9 kB (6895 bytes)
Hash
6522f3e96bb63666902e67d897064b84
4ef40dd1590a7e8fd8a04226865397aab7a17da4
302af74c7a06c1d733e0b82b7580da16d551bc311091127d055c73526778c802

HTTP Headers

GET /js/client.js?onload=gapiLoaded HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.intl-paypal-taxes.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 6895
date: Mon, 23 Jan 2023 09:33:45 GMT
expires: Mon, 23 Jan 2023 09:33:45 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "ff112e622221d232"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.intl-paypal-taxes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:33:54 GMT
expires: Thu, 18 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 395991
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.intl-paypal-taxes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 04:29:06 GMT
expires: Wed, 17 Jan 2024 04:29:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
age: 536679
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

216.58.207.227

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Size
28 kB (28288 bytes)
Hash
53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

HTTP Headers

GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.intl-paypal-taxes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 14:34:21 GMT
expires: Fri, 19 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 327564
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.intl-paypal-taxes.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 07:51:59 GMT
expires: Thu, 18 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 438106
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lh3.googleusercontent.com/5waIAIlqzaCOOcn6NzlXUWO0Qvh4SApu7_9SFIYW033hvoJLzeThKs7v-ibWkD3bCw08fX3qAQm36ifI_WCJKtvXvt_3qfnpEmwR8t4ba0B1XOlzgPMnQHvr19b68Aqb5FwIO8ET29QE5dDXfXSbe4ivYNe7e2r_DgUbl2EiaOKESJ8UohUJvQ=w1280

142.250.74.97

200 OK

38 kB

URL HTTP/2
lh3.googleusercontent.com/5waIAIlqzaCOOcn6NzlXUWO0Qvh4SApu7_9SFIYW033hvoJLzeThKs7v-ibWkD3bCw08fX3qAQm36ifI_WCJKtvXvt_3qfnpEmwR8t4ba0B1XOlzgPMnQHvr19b68Aqb5FwIO8ET29QE5dDXfXSbe4ivYNe7e2r_DgUbl2EiaOKESJ8UohUJvQ=w1280
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x442, components 3\012- data
Size
38 kB (38015 bytes)
Hash
a544d9daa7fa9c8eef8d9b36a1da34fb
2ac52c242478e32ffb52edad473b6d4768a7a534
416241569fe4686a468a74b3f73413e4f45c2a009d22b410ea0ff48fe6dd9111

HTTP Headers

GET /5waIAIlqzaCOOcn6NzlXUWO0Qvh4SApu7_9SFIYW033hvoJLzeThKs7v-ibWkD3bCw08fX3qAQm36ifI_WCJKtvXvt_3qfnpEmwR8t4ba0B1XOlzgPMnQHvr19b68Aqb5FwIO8ET29QE5dDXfXSbe4ivYNe7e2r_DgUbl2EiaOKESJ8UohUJvQ=w1280 HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.intl-paypal-taxes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 24 Jan 2023 09:33:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="web project.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 23 Jan 2023 09:33:46 GMT
server: fife
content-length: 38015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lh4.googleusercontent.com/9nhjJbMKKUwzPMdmI0JNHGAMDRb6O0F_YYShNh8eetviIC_p_M-ojLfEWQl1i48fR_smRnU18luSzCJdp6rhBzxS3-NyDQ8OsQNsPEGLheHfKxFzw6n2D0WoflkEOsP-cypoqunxNIxhM_fE5RcPokm7kgZy-GXCH3ZW

142.250.74.97

200 OK

75 kB

URL HTTP/2
lh4.googleusercontent.com/9nhjJbMKKUwzPMdmI0JNHGAMDRb6O0F_YYShNh8eetviIC_p_M-ojLfEWQl1i48fR_smRnU18luSzCJdp6rhBzxS3-NyDQ8OsQNsPEGLheHfKxFzw6n2D0WoflkEOsP-cypoqunxNIxhM_fE5RcPokm7kgZy-GXCH3ZW
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
PNG image data, 900 x 900, 8-bit/color RGB, non-interlaced\012- data
Size
75 kB (74595 bytes)
Hash
2ade55aae51cbb452903ba7bf8ff9b85
6fd6cc9744c0d60132cfd2faded735ea6e80a33a
7772d94c92b7022e284e957c3d349b3abd99fc498771f53515fe52f0f9210073

HTTP Headers

GET /9nhjJbMKKUwzPMdmI0JNHGAMDRb6O0F_YYShNh8eetviIC_p_M-ojLfEWQl1i48fR_smRnU18luSzCJdp6rhBzxS3-NyDQ8OsQNsPEGLheHfKxFzw6n2D0WoflkEOsP-cypoqunxNIxhM_fE5RcPokm7kgZy-GXCH3ZW HTTP/1.1
Host: lh4.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.intl-paypal-taxes.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1"
expires: Tue, 24 Jan 2023 09:33:46 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pppppf.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 23 Jan 2023 09:33:46 GMT
server: fife
content-length: 74595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 23 Jan 2023 09:33:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7305
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:33:46 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7305
Expires: Mon, 23 Jan 2023 11:35:31 GMT
Date: Mon, 23 Jan 2023 09:33:46 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7387 bytes)
Hash
9c9e3df640be93567ea081ffe31576f6
fb07a0e3cfcb7f53b94f614a2e96ec1d8d5967d4
679e5a9ab43a5599759171b70ad5dbe0c4ca8facb895f08ef0313b0c7e691ea3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7387
x-amzn-requestid: 54845590-a39f-4a1b-ba4a-fe24368b268a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD7N3GmQIAMF6AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb0bf2-4b4bf4fc209388b74cb1c7f7;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:47:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 67ewmF74mKQGH8hoGiYfRHTaVmS0JZc4WkSHXiODoz8sirBFY5MD2w==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 16:31:47 GMT
age: 61319
etag: "fb07a0e3cfcb7f53b94f614a2e96ec1d8d5967d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11818 bytes)
Hash
e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 04:07:43 GMT
age: 19563
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12758 bytes)
Hash
7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 07:21:00 GMT
age: 7966
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4085 bytes)
Hash
3d0dd6e84bd1708aec285a9153eafabc
2d2729ca550ecdca29a502eb76c68f4eed623032
3c0492fc05ab9a35cd8d833a031aa907a473f2ff22fed0732fa331a0c2939660

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F27144ba0-24e7-4177-b8d9-4121af2315c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4085
x-amzn-requestid: 444720ab-9a4d-40f7-a2e2-e574d4e2928d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBP0uEeToAMFepA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c9f9b7-113188a040ff40ad479415cc;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 02:17:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wbZuUg06OrIyirTvHtsdGz2ux_OxhbBMbPHy_52LjsmknZIf6bLDBw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 10:24:16 GMT
age: 83370
etag: "2d2729ca550ecdca29a502eb76c68f4eed623032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10052 bytes)
Hash
5401628b3bdd03eeee51f68177ac4d41
bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29
3e231ba2e44699d88ed1e28510dad0762a57e0854a11d40f752421bd41738944

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f6ce48-0095-4b2b-b098-c6f6de90570c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10052
x-amzn-requestid: 10422f29-dc81-41f9-b03e-76fb2b0f4f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2vnHFT9oAMFbmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c62d-780503606bec4fff6e911fc8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:48:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQaGhmXW_zeKd-WXUxi_z0e3Ul1YrtBgIbPEEWRfQfG7d8C0JyZdXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:56:00 GMT
age: 41866
etag: "bb12e1d1bc5a87d3fa05371894a8bc8eb3d1bb29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7982 bytes)
Hash
8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R-9qgCHHj8iD9FEwYhzLoXAQvdrO6D6qRIWAvyQJyfB-LHDGUjvmzA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:59 GMT
age: 42347
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.intl-paypal-taxes.com/

216.58.207.211

200 OK

0 B

URL HTTP/2
www.intl-paypal-taxes.com/
IP
216.58.207.211:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.intl-paypal-taxes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Jan 2023 09:33:45 GMT
cross-origin-opener-policy: unsafe-none
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'nonce-Lz-M-889VRIsFnGmCLUJEg' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
referrer-policy: strict-origin-when-cross-origin
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.intl-paypal-taxes.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jan 2023 09:33:45 GMT
date: Mon, 23 Jan 2023 09:33:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.intl-paypal-taxes.com/_/view/logImpressions?authuser=0

216.58.207.211

200 OK

0 B

URL HTTP/2
www.intl-paypal-taxes.com/_/view/logImpressions?authuser=0
IP
216.58.207.211:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /_/view/logImpressions?authuser=0 HTTP/1.1
Host: www.intl-paypal-taxes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.intl-paypal-taxes.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 3213
Origin: https://www.intl-paypal-taxes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Jan 2023 09:33:46 GMT
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2

www.intl-paypal-taxes.com/_/view/logImpressions?authuser=0

216.58.207.211

200 OK

0 B

URL HTTP/2
www.intl-paypal-taxes.com/_/view/logImpressions?authuser=0
IP
216.58.207.211:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /_/view/logImpressions?authuser=0 HTTP/1.1
Host: www.intl-paypal-taxes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.intl-paypal-taxes.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 4570
Origin: https://www.intl-paypal-taxes.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Jan 2023 09:33:49 GMT
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML