www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
172.217.21.179200 OK 18 kB URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
IP 172.217.21.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59109), with no line terminators
Hash 30da7db513b712a9e8c523124cce51e2
bb1667b6e4a6cd42050b630eec1494485cae8922
b939e2af27309fa063b9e2dddd114765d813e94a999410e551945268fd0a7d66
Analyzer Verdict Alert openphish PayPal Inc.
fortinet Phishing
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M3
GET /get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache
Content-Encoding: gzip
X-Cloud-Trace-Context: f84d2ce88363efeb7490d2431083b5c6
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:44 GMT
Server: Google Frontend
Content-Length: 17609
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13429
Expires: Tue, 21 Mar 2023 09:40:33 GMT
Date: Tue, 21 Mar 2023 05:56:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4081
Expires: Tue, 21 Mar 2023 07:04:45 GMT
Date: Tue, 21 Mar 2023 05:56:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14737
Expires: Tue, 21 Mar 2023 10:02:21 GMT
Date: Tue, 21 Mar 2023 05:56:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7AKAccaM4WSWui3y2MgMJ2qgoYkSdsA/YtntJfdaquNso/Y6D3E7nniX1NKwMZKwPXK4lGQQnWo=
x-amz-request-id: Y39NH340FR3GQ8VV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 05:53:04 GMT
age: 220
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 05:14:57 GMT
content-type: application/json
age: 2507
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 05:56:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1
172.217.21.179404 Not Found 127 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1
IP 172.217.21.179:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f2a8a0217b26596b95ea004ce5d7b45
0f4bbd140e16e3a7d34f4ef2663dc6e9bd76038a
a89bc0f4f08baa4d1fad0f2a4bd5fe0ff427ed4faab591ae2531fe946a764532
Analyzer Verdict Alert fortinet Phishing
GET /auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1 HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 6c4776ff6db38cb8ce41492be4d45efb
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:44 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 127
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f196562fdee2977e85bd02fb029de5e6
832da5a18b039ccbf29ab58811852e751a7a9465
6f67ce705c4b8df9b104f5369012f26ccfa52d790d707e6910d35bbdd40abecb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6362
Cache-Control: max-age=158934
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 05:56:44 GMT
Etag: "6418f818-1d7"
Expires: Thu, 23 Mar 2023 02:05:38 GMT
Last-Modified: Tue, 21 Mar 2023 00:19:36 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f196562fdee2977e85bd02fb029de5e6
832da5a18b039ccbf29ab58811852e751a7a9465
6f67ce705c4b8df9b104f5369012f26ccfa52d790d707e6910d35bbdd40abecb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6361
Cache-Control: max-age=158933
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 05:56:44 GMT
Etag: "6418f818-1d7"
Expires: Thu, 23 Mar 2023 02:05:37 GMT
Last-Modified: Tue, 21 Mar 2023 00:19:36 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f196562fdee2977e85bd02fb029de5e6
832da5a18b039ccbf29ab58811852e751a7a9465
6f67ce705c4b8df9b104f5369012f26ccfa52d790d707e6910d35bbdd40abecb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6361
Cache-Control: max-age=158933
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 05:56:44 GMT
Etag: "6418f818-1d7"
Expires: Thu, 23 Mar 2023 02:05:37 GMT
Last-Modified: Tue, 21 Mar 2023 00:19:36 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f196562fdee2977e85bd02fb029de5e6
832da5a18b039ccbf29ab58811852e751a7a9465
6f67ce705c4b8df9b104f5369012f26ccfa52d790d707e6910d35bbdd40abecb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6361
Cache-Control: max-age=158933
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 05:56:44 GMT
Etag: "6418f818-1d7"
Expires: Thu, 23 Mar 2023 02:05:37 GMT
Last-Modified: Tue, 21 Mar 2023 00:19:36 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f196562fdee2977e85bd02fb029de5e6
832da5a18b039ccbf29ab58811852e751a7a9465
6f67ce705c4b8df9b104f5369012f26ccfa52d790d707e6910d35bbdd40abecb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6361
Cache-Control: max-age=158933
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 05:56:44 GMT
Etag: "6418f818-1d7"
Expires: Thu, 23 Mar 2023 02:05:37 GMT
Last-Modified: Tue, 21 Mar 2023 00:19:36 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/fn-sync-telemetry-min.js
192.229.221.25200 OK 2.3 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/fn-sync-telemetry-min.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (5534), with no line terminators
Hash 400c935a429f070148fc6d3993296efa
e5554c8227f385f3207a16326f9f8fd678d41c75
e077fe0b1b504e91b3cc5ed69d60f3ad1a327d59dd173eb3aee9d4911d2c3d3f
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/fn-sync-telemetry-min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5ebda88f-159e"
expires: Wed, 20 Mar 2024 05:56:44 GMT
last-modified: Thu, 14 May 2020 20:22:39 GMT
paypal-debug-id: 21e098400f59a
server: ECAcc (ska/F73D)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 2303
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/js/min/pa.js
192.229.221.25200 OK 22 kB URL HTTP/2 www.paypalobjects.com/pa/js/min/pa.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (56607)
Hash e1b71f6f213609d91bd05f7282d7d1e8
73bdc86b3c62e9da1e9f12b98822e0686667d33c
ab3771660b9d40a78cbbf284b9481a2ea9095c40e72e251e767f9e00347d740b
GET /pa/js/min/pa.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "63c865b0-dd3b"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Wed, 18 Jan 2023 21:33:36 GMT
paypal-debug-id: 2d9a42b8b1ad1
server: ECAcc (ska/F77F)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000002d9a42b8b1ad1-a9efe069fbda10ff-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 21563
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/icon-PN-check.png
192.229.221.25200 OK 2.2 kB URL HTTP/2 www.paypalobjects.com/images/shared/icon-PN-check.png
IP 192.229.221.25:0
File type PNG image data, 121 x 133, 8-bit/color RGBA, non-interlaced\012- data
Hash ec06d032b1e2fa682c8ef3497bf982d2
06b4d2a83aed4b365140147985c2f12d3457ee61
4a77d272b8cf508cc4a7e0da5763faa9958e42a5554fdb5d29fc3be51d685653
GET /images/shared/icon-PN-check.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271b47-8bc"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Sat, 13 Feb 2021 00:20:23 GMT
paypal-debug-id: 89d27e36e5acb
server: ECAcc (ska/F762)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000089d27e36e5acb-636a533b4fde7647-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 2236
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/ioc.js
192.229.221.25200 OK 2.0 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/ioc.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (3737)
Hash adf6a62a1e9c1b42295f790146641149
50b6f75f5333c32da85385c872259504f451a434
8372f97676192f17dc50263c5d50a67c2a85d5f616fa09541af0a950da261768
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/js/ioc.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5ebda88e-1407"
expires: Wed, 20 Mar 2024 05:56:44 GMT
last-modified: Thu, 14 May 2020 20:22:38 GMT
paypal-debug-id: 49ffc06833f79
server: ECAcc (ska/F6BD)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 2005
X-Firefox-Spdy: h2
c.paypal.com/da/r/fb.js
151.101.129.35200 OK 20 kB IP 151.101.129.35:0
File type C source, ASCII text, with very long lines (60607), with no line terminators
Hash a336abc2a1bea7b9d98d0fb6140bf300
cb19c4faca451aaada7b2117720763824f003ccc
3002f685e9ef74517865d813080ae23f77d3319eb16e905e57df59231bdbcb01
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"63d97a76-ecbf"
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
paypal-debug-id: 8d02b3197927f
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 21 Mar 2023 05:56:44 GMT
age: 4177731
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-sjc10074-SJC, cache-bma1678-BMA, cache-bma1646-BMA
x-cache: HIT, HIT, HIT
x-cache-hits: 11, 1, 33614
x-timer: S1679378205.643842,VS0,VE1
vary: Accept-Encoding
expires: Wed, 22 Mar 2023 05:56:44 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 20545
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/mi/miconfig.js
192.229.221.25200 OK 22 kB URL HTTP/2 www.paypalobjects.com/pa/mi/miconfig.js
IP 192.229.221.25:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 8b78273af2878913bfde8e5885e49ed6
d2da2dbbe3070e8c967bf06c252f4683e9a7bcd2
d4aa84da7fd90140c7ecab6ca76b200bd3b950c7a60e35f378a528b3c8830d99
GET /pa/mi/miconfig.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60e8dce5-1d4a2"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Fri, 09 Jul 2021 23:33:57 GMT
paypal-debug-id: 92f053a94436c
server: ECAcc (ska/F6D2)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000092f053a94436c-4567f3ab767eb5ce-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 22447
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
192.229.221.25200 OK 5.8 kB URL HTTP/2 www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
IP 192.229.221.25:0
File type PNG image data, 224 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a0fb0e8e8a895eeb013429819d1807d
37d6b16548d41dbde47c3d2a089efa69481d900e
13e4806e5c517e074ab1ea26fe0f2b7b87eaa3988006f35ed0bd4c89502d0d79
GET /images/shared/glyph_alert_critical_big-2x.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "54130c54-16c4"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Fri, 12 Sep 2014 15:08:04 GMT
paypal-debug-id: 6b89ec0134ddf
server: ECAcc (ska/F770)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006b89ec0134ddf-c57c6b841a3cbc91-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 5828
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/modernizr-2.6.1.js
192.229.221.25200 OK 1.8 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/modernizr-2.6.1.js
IP 192.229.221.25:0
File type HTML document, ASCII text, with very long lines (3807), with no line terminators
Hash 8ccfeaab41083bf23d23bbf8cf5c1d91
2c93343dfa49cd21e5fb95c952baca2a8355d113
43e849f50db968a0f8c8a881126b0885840238be79d42508d4000a31e19e1f4b
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/modernizr-2.6.1.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5ebda88f-edf"
expires: Wed, 20 Mar 2024 05:56:44 GMT
last-modified: Thu, 14 May 2020 20:22:39 GMT
paypal-debug-id: a219efc031f32
server: ECAcc (ska/F758)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000a219efc031f32-e00a50aafb4c20ff-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 1788
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/signin-split.js
192.229.221.25200 OK 33 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/signin-split.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 19f5b8eb8fffa6d69f0b1f28d820002a
2c0b4405f36664d8206c2343b1402d43f80141c1
8f90224102d04620b580dab347d398f8bb09e25a73e7eb8c21464de54650e61c
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/js/signin-split.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5ebda88e-201b7"
expires: Wed, 20 Mar 2024 05:56:44 GMT
last-modified: Thu, 14 May 2020 20:22:38 GMT
paypal-debug-id: 21634198ca05f
server: ECAcc (ska/F6A9)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000021634198ca05f-7820b4945e5e0f00-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 32841
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/mi/3p/gtag/gtag.js
192.229.221.25200 OK 31 kB URL HTTP/2 www.paypalobjects.com/pa/mi/3p/gtag/gtag.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (1571)
Hash 46b695034ade7245090675c81109a32a
6ba25f2ba3472ac0c7e576cf86ef60782176561f
13bb2040d667228783887402249dff01c35fc1e80a8054a3c2fc17a7a28cfece
GET /pa/mi/3p/gtag/gtag.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271cd9-13bba"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
paypal-debug-id: ca9cb5a3c7f1c
server: ECAcc (ska/F73F)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000ca9cb5a3c7f1c-bf4ab5050da86ed3-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 31297
X-Firefox-Spdy: h2
www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
192.229.221.25200 OK 6.7 kB URL HTTP/2 www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (22876), with no line terminators
Hash 071e619850c8b89795e7ec942a262ec0
2331291db26931472ccb3d99c8b37329f8d7e4d1
5d42349de577dc151ed225fe3e70a5b56644fb0d42d9240faed00530ace9d147
GET /webcaptcha/ngrlCaptcha.min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "63a012f1-595c"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Mon, 19 Dec 2022 07:29:53 GMT
paypal-debug-id: 886af33eb6e53
server: ECAcc (ska/F69F)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000886af33eb6e53-11d5f98160898fc5-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 6717
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/mi/3p/gtag/analytics.js
192.229.221.25200 OK 18 kB URL HTTP/2 www.paypalobjects.com/pa/mi/3p/gtag/analytics.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (1494)
Hash 12fc9a4a0883485292bb7966afb50411
9ebb6301be9bf0ff1689b2a65c617c22b49b3cb1
e36e16fec1c1434147c978fbae2303df06c4c7884e70135f3a93f0e55e9cd232
GET /pa/mi/3p/gtag/analytics.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271cd9-aed9"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
paypal-debug-id: fe0d124253a7d
server: ECAcc (ska/F68A)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000fe0d124253a7d-6138724b52c8ac80-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 17980
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/css/contextualLogin.css
192.229.221.25200 OK 17 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/css/contextualLogin.css
IP 192.229.221.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8710f9b62f4959d1e706df929ab9976a
5c83347c34a6dbf3d5f2e39111ffbb75a6b2608c
45ca5d2cd792d5aa65b9fe3c283bd281a401928e09d5f424dcd14bc77fd0d7a4
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/css/contextualLogin.css HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=31536000
content-type: text/css
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5ebda88d-187a2"
expires: Wed, 20 Mar 2024 05:56:44 GMT
last-modified: Thu, 14 May 2020 20:22:37 GMT
paypal-debug-id: d1ad6c759ddef
server: ECAcc (ska/F737)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 17091
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/249/eec0e77d9f9cbf5737eeea8a2641a/recaptcha/grcenterprise_v3.html
192.229.221.25200 OK 1.5 kB URL HTTP/2 www.paypalobjects.com/web/res/249/eec0e77d9f9cbf5737eeea8a2641a/recaptcha/grcenterprise_v3.html
IP 192.229.221.25:0
File type HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document, ASCII text
Hash 1c75454855ef890f901dded860bb0100
305d6861dd5792a5b1aba65104e437d642f07742
b93a4f3def0fdddd10264e8141566070aa32676896148e7b314e118fcccd4092
GET /web/res/249/eec0e77d9f9cbf5737eeea8a2641a/recaptcha/grcenterprise_v3.html HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=31536000, s-maxage=31536000
content-type: text/html
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5eb29cd0-fae"
expires: Wed, 20 Mar 2024 05:56:44 GMT
last-modified: Wed, 06 May 2020 11:17:36 GMT
paypal-debug-id: fbc23a2ff9840
server: ECAcc (ska/F77D)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000fbc23a2ff9840-ee7b2b51cc71dcab-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 1549
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
192.229.221.25200 OK 1.9 kB URL HTTP/2 www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
IP 192.229.221.25:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 796be015d691467b94dc2617ed1b009a
cfb268c516c0d6b3d05bdac25a3557eeab59c499
c442af9b78ab4ee99c8a248a98f4ee1cdac6bd841f5daa6950ce9677aac2a506
GET /images/shared/paypal-logo-129x32.svg HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/css/contextualLogin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/svg+xml
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"544ad849-1351"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Fri, 24 Oct 2014 22:52:57 GMT
paypal-debug-id: f983444936ec
server: ECAcc (ska/F796)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000000f983444936ec-b72d6c356e6aee01-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 1932
X-Firefox-Spdy: h2
www.paypalobjects.com/unifiedlogin/smartlockIframe.html?method=hintsAvailable&mode=web&clientId=76862753678-9l8i0gh7kv9mi12drrka4pj54ee2rj9v.apps.googleusercontent.com
192.229.221.25200 OK 948 B URL HTTP/2 www.paypalobjects.com/unifiedlogin/smartlockIframe.html?method=hintsAvailable&mode=web&clientId=76862753678-9l8i0gh7kv9mi12drrka4pj54ee2rj9v.apps.googleusercontent.com
IP 192.229.221.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e39ce5a3134787a4d66920b3c7e4eea4
f0e2fc8a71ffedb0fde7e9d2dee401e82d082ac4
4c3322489f7852f57331f7acdf805dce2767c5251ce2d45f022ecacbb31dae28
GET /unifiedlogin/smartlockIframe.html?method=hintsAvailable&mode=web&clientId=76862753678-9l8i0gh7kv9mi12drrka4pj54ee2rj9v.apps.googleusercontent.com HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: text/html
date: Tue, 21 Mar 2023 05:56:44 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"60271d6d-d74"
expires: Tue, 21 Mar 2023 06:56:44 GMT
last-modified: Sat, 13 Feb 2021 00:29:33 GMT
paypal-debug-id: 88d544b1c7f54
server: ECAcc (ska/F7BD)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 948
X-Firefox-Spdy: h2
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1
172.217.21.179404 Not Found 127 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1
IP 172.217.21.179:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f2a8a0217b26596b95ea004ce5d7b45
0f4bbd140e16e3a7d34f4ef2663dc6e9bd76038a
a89bc0f4f08baa4d1fad0f2a4bd5fe0ff427ed4faab591ae2531fe946a764532
Analyzer Verdict Alert fortinet Phishing
GET /auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1 HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: ac9733830596632d718d476b878eb037
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:44 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 127
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 05:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 4df75066e63cf30106cbccbb3e8a9985
d43a34e7c297dfa8c914a93b0b710dbda1e16745
74f43e8ba8b098a0214949b21e8ce6799ef360e9cf3fc327927c44e530c680f5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4421
Cache-Control: max-age=161255
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 05:56:45 GMT
Etag: "641908bf-1d7"
Expires: Thu, 23 Mar 2023 02:44:20 GMT
Last-Modified: Tue, 21 Mar 2023 01:30:39 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
c.paypal.com/da/r/fb.js
151.101.129.35304 Not Modified 0 B IP 151.101.129.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 31 Jan 2023 20:30:46 GMT
If-None-Match: W/"63d97a76-ecbf"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 21 Mar 2023 05:56:45 GMT
via: 1.1 varnish
etag: W/"63d97a76-ecbf"
age: 4177732
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 33615
x-timer: S1679378205.089276,VS0,VE1
vary: Accept-Encoding
expires: Wed, 22 Mar 2023 05:56:45 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
b.stats.paypal.com/v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
64.4.245.84302 Found 0 B URL HTTP/1.1 b.stats.paypal.com/v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
IP 64.4.245.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4 HTTP/1.1
Host: b.stats.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Server: PayPal-B.Stats/1.0
Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
Content-Length: 0
Set-Cookie: c=c7dc560724701c741753; Domain=stats.paypal.com; expires=Mon, 16 Mar 2043 05:56:45 GMT; Path=/
Content-Type: application/octet-stream
Date: Tue, 21 Mar 2023 05:56:45 GMT
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
151.101.129.35200 OK 478 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP 151.101.129.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7ae40b7bd006ca5282d6093df5565e37
3de9f6304b7ca2c5f215c4d1072ed1a335b4994d
9e4d9c73eb14b77dc7402d6a3e90ac3b754e11c40d73fd9a35b565ef4cf3f64c
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
correlation-id: 5e10d725f61d9
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 5e10d725f61d9
traceparent: 00-00000000000000000005e10d725f61d9-c545270401344b18-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 21 Mar 2023 05:56:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220031-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1679378205.865387,VS0,VE165
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/3pjs/tl/5.6.1/patlcfg.js
192.229.221.25200 OK 3.2 kB URL HTTP/2 www.paypalobjects.com/pa/3pjs/tl/5.6.1/patlcfg.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (9053), with no line terminators
Hash 841878d0eb407b73fe7fdd631d849bc6
93edf49f79390928f69f955147788bd15af0a7e2
2fce9cbe5bad1d30e9249bd365f096391cbf81ddfbcbaa3900c41e9ba4f44e3f
GET /pa/3pjs/tl/5.6.1/patlcfg.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:45 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"60271cd9-235d"
expires: Tue, 21 Mar 2023 06:56:45 GMT
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
paypal-debug-id: a3d6ef859335a
server: ECAcc (daa/7CD0)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000a3d6ef859335a-c0cdf7f621388f98-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 3212
X-Firefox-Spdy: h2
smartlock.google.com/client
216.58.211.14404 Not Found 1.6 kB URL HTTP/2 smartlock.google.com/client
IP 216.58.211.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 81fab772426082ef237fb9adeef0340a
6cf8ef829c94ad4dc7ea43343fee9563b8902ab3
ded00bb9409d0a8ad4916c1ce7d42852df93fb2040196697f58b9198fcd68751
GET /client HTTP/1.1
Host: smartlock.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypalobjects.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 1567
date: Tue, 21 Mar 2023 05:56:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 05:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13418
Expires: Tue, 21 Mar 2023 09:40:23 GMT
Date: Tue, 21 Mar 2023 05:56:45 GMT
Connection: keep-alive
c.paypal.com/da/r/fb.js
151.101.129.35304 Not Modified 0 B IP 151.101.129.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 31 Jan 2023 20:30:46 GMT
If-None-Match: W/"63d97a76-ecbf"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 21 Mar 2023 05:56:45 GMT
via: 1.1 varnish
etag: W/"63d97a76-ecbf"
age: 4177732
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 33616
x-timer: S1679378205.277266,VS0,VE1
vary: Accept-Encoding
expires: Wed, 22 Mar 2023 05:56:45 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
64.4.245.84200 OK 42 B URL HTTP/1.1 dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
IP 64.4.245.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4 HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=2f8a06e7bdfc8e6b14c5; Domain=stats.paypal.com; expires=Mon, 16 Mar 2043 05:56:45 GMT; Path=/
Date: Tue, 21 Mar 2023 05:56:45 GMT
www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js
192.229.221.25200 OK 43 kB URL HTTP/2 www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js
IP 192.229.221.25:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4c3ede3afc48bc48e7b486026a5f9796
20e5c65a1f34ffbea0088f553ec42b8bc84d1bfb
3b59ed52980519c0364821b740a126484dadb135bac616bb3e9a921ab0335991
GET /pa/3pjs/tl/5.6.1/patleaf.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Tue, 21 Mar 2023 05:56:45 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271cd9-1e7b4+gzip"
expires: Tue, 21 Mar 2023 06:56:45 GMT
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
paypal-debug-id: 368cf181434c1
server: ECAcc (daa/7CE7)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000368cf181434c1-2881cd19138386f1-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 42770
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p1
151.101.129.35200 OK 125 B IP 151.101.129.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9d3c6b805609cb10656eab7a3a7ebb10
d14f33873cc8ee88854178e05a1cfef35e55bcba
89feccf8106056f0f16538608271cf72edf2f1e5b0332c95208f0ce767e7547c
POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1314
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: 9dc9bcdbd6d3
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 9dc9bcdbd6d3
set-cookie: sc_f=EDx4EvUAEFUsNuO95BMSUOguGjf2fj2MeFELWHx6yE5mmzm-7ndgVVbJkupmuyfcMWICNO8SO2Pu860PkDcCl90awYRwFeguJ6zvIG;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Sat, 18-Mar-2028 22:56:45 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=FfuOejjRd3Z4SmNfQapIFnRgRqFLQdpOeqhXmhN-UTCXDK66VHXEMOZkn3sfIGQj8CX4nv_Em7v83_dA;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Sun, 15-Mar-2043 22:56:45 GMT; HttpOnly
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Tue, 21 Mar 2023 06:26:45 GMT; HttpOnly; Secure
traceparent: 00-000000000000000000009dc9bcdbd6d3-06b4433344958f78-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 21 Mar 2023 05:56:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220054-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p2
151.101.129.35200 OK 125 B IP 151.101.129.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f178708d354a0403bbc03d220de6f84
779a0d02e525a3bdee6f7b9931ef332e49212a5a
b8fe7a4c973820092ee7016c49384c347a74ca8d78be6db6784e9e9a116950b1
POST /v1/r/d/b/p2 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 3834
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
correlation-id: d5a66df8ad667
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: d5a66df8ad667
set-cookie: sc_f=Y3ICXz-wWIdFpG7_5lbohNQTSP9oKSa77YLfXt-Dm4AB1Mu-99iE9FUbQqY7mcSAD4t91oU0sOSZi5q8UOS9bUni2MfjUfCJxNiSq0;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Sat, 18-Mar-2028 22:56:45 GMT; HttpOnly
traceparent: 00-0000000000000000000d5a66df8ad667-f5c755b7058b9cc1-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 21 Mar 2023 05:56:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220038-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: "traceparent;desc="00-0000000000000000000d5a66df8ad667-f22e9ccac8df3974-01"";content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
www.paypalobjects.com/webstatic/icon/pp64.png
192.229.221.25200 OK 4.5 kB URL HTTP/2 www.paypalobjects.com/webstatic/icon/pp64.png
IP 192.229.221.25:0
File type PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash 5ff4fb77dc2ba5364283b18256b34e1a
37f8e1586e4a091d7a0a266842fd3a3d4e15c5aa
965b855f8212fb12dac35c751da64ae8c1a10ab93ac274c0f40c1d28d159ebce
GET /webstatic/icon/pp64.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Tue, 21 Mar 2023 05:56:45 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "53611ccb-11a6"
expires: Tue, 21 Mar 2023 06:56:45 GMT
last-modified: Wed, 30 Apr 2014 15:54:51 GMT
paypal-debug-id: a73f5facf79bb
server: ECAcc (ska/F75E)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000a73f5facf79bb-4e1325bda04df70b-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 4518
X-Firefox-Spdy: h2
www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico
192.229.221.25200 OK 1.4 kB URL HTTP/2 www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico
IP 192.229.221.25:0
File type MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash 455deaddcb9436734b2144429ae53ff7
e173c07062d5ea7d98da48a8973d7dd24969fe61
5c958cea39018dd9f80738db7d3a8c2f28a0d539e5d481b296daafea829897f2
GET /en_US/i/icon/pp_favicon_x.ico HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/x-icon
date: Tue, 21 Mar 2023 05:56:45 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5d5637bd-1536"
expires: Tue, 21 Mar 2023 06:56:45 GMT
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
paypal-debug-id: eacb064bac5a5
server: ECAcc (ska/F6D8)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000eacb064bac5a5-527631bf7720b39a-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 1431
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.11.44101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.11.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: feUfKAARwtBdaCDuYtK3zw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: merXmBsHvvFtS0swxSm3n+FPmeQ=
c6.paypal.com/v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD
151.101.129.35200 OK 0 B URL HTTP/2 c6.paypal.com/v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD
IP 151.101.129.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD HTTP/1.1
Host: c6.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
correlation-id: 9e1cedb45e539
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 9e1cedb45e539
traceparent: 00-00000000000000000009e1cedb45e539-bb08147a681f225a-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 21 Mar 2023 05:56:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220052-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1679378205.290461,VS0,VE294
server-timing: "traceparent;desc="00-00000000000000000009e1cedb45e539-d68dcc173c5e9108-01"";content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 0
X-Firefox-Spdy: h2
t.paypal.com/ts?v=1.7.6&t=1679378207628&g=0&e=err&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&comp=unifiedloginnodeweb&erpg=data%20is%20not%20defined&error_type=WINDOW_ONERROR&error_description=_0x566ba4%2F_0x19d402%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14319%0A_0x363e17%3C%2F%3C%2F_0x3b1a1e%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A10510%0A_0x566ba4%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14353%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A15719%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A16289%0A&error_source=http%3A%2F%2Fwww.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%201%3A14319&3p_vid=30bd7b2a3a94226c&3p_fpti=28f2e9d42f0caffb
151.101.193.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?v=1.7.6&t=1679378207628&g=0&e=err&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&comp=unifiedloginnodeweb&erpg=data%20is%20not%20defined&error_type=WINDOW_ONERROR&error_description=_0x566ba4%2F_0x19d402%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14319%0A_0x363e17%3C%2F%3C%2F_0x3b1a1e%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A10510%0A_0x566ba4%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14353%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A15719%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A16289%0A&error_source=http%3A%2F%2Fwww.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%201%3A14319&3p_vid=30bd7b2a3a94226c&3p_fpti=28f2e9d42f0caffb
IP 151.101.193.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?v=1.7.6&t=1679378207628&g=0&e=err&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&comp=unifiedloginnodeweb&erpg=data%20is%20not%20defined&error_type=WINDOW_ONERROR&error_description=_0x566ba4%2F_0x19d402%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14319%0A_0x363e17%3C%2F%3C%2F_0x3b1a1e%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A10510%0A_0x566ba4%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14353%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A15719%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A16289%0A&error_source=http%3A%2F%2Fwww.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%201%3A14319&3p_vid=30bd7b2a3a94226c&3p_fpti=28f2e9d42f0caffb HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Tue, 21 Mar 2023 05:56:45 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 56791e4fa2ce6
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1774072605%26vteXpYrS%3D1679380005%26vr%3D28f2e9d42f0caffb%26vt%3D30bd7b2a3a94226c; Expires=Sat, 21 Mar 2026 05:56:45 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D28f2e9d42f0caffb%26vt%3D30bd7b2a3a94226c; Expires=Sat, 21 Mar 2026 05:56:45 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-000000000000000000056791e4fa2ce6-d1ba3fecff1cd11e-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 21 Mar 2023 05:56:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220057-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1679378205.472795,VS0,VE164
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
c.paypal.com/da/r/fb.js
151.101.129.35304 Not Modified 0 B IP 151.101.129.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 31 Jan 2023 20:30:46 GMT
If-None-Match: W/"63d97a76-ecbf"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 21 Mar 2023 05:56:45 GMT
via: 1.1 varnish
etag: W/"63d97a76-ecbf"
age: 4177732
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 33618
x-timer: S1679378206.651957,VS0,VE1
vary: Accept-Encoding
expires: Wed, 22 Mar 2023 05:56:45 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/platform/tealeaftarget
172.217.21.179404 Not Found 127 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/platform/tealeaftarget
IP 172.217.21.179:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f2a8a0217b26596b95ea004ce5d7b45
0f4bbd140e16e3a7d34f4ef2663dc6e9bd76038a
a89bc0f4f08baa4d1fad0f2a4bd5fe0ff427ed4faab591ae2531fe946a764532
Analyzer Verdict Alert fortinet Phishing
POST /platform/tealeaftarget HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-Type: application/json
X-PageId: P.LJRJDUHQQ8DQH6T2FSJYXX747R9G
X-Tealeaf: device (UIC) Lib/5.6.0.1875
X-TealeafType: GUI
X-TeaLeaf-Page-Url: /get_draft
X-Tealeaf-SyncXHR: false
X-Tealeaf-MessageTypes: 1,2,5,12
Content-Encoding: gzip
Content-Length: 11908
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: ab73ee7c9565e30a13e6f82ed9f9f64e
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 127
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 812
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 5fdaaa95da8735ec662a650eaac6586d
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/c697b46957f15073/challenge.js
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/c697b46957f15073/challenge.js
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
GET /auth/createchallenge/c697b46957f15073/challenge.js HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 30402d6150e9e188dbad964c36ed2c3b
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 977
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: a0006067fb382bac5e39dc43b6107130
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 1190
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 7cf6ad6f6421cb57c166c4a921d40dcb
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/cookie-banner
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/cookie-banner
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
GET /signin/cookie-banner HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: cde1bbdfe4ad3840c46f13f95072fe7f
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/load-resource HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 125
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 01874ebab3f3e2f32bc8cde870145e4b
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
b.stats.paypal.com/v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
64.4.245.84302 Found 0 B URL HTTP/1.1 b.stats.paypal.com/v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
IP 64.4.245.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4 HTTP/1.1
Host: b.stats.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Server: PayPal-B.Stats/1.0
Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
Content-Length: 0
Set-Cookie: c=7eb86471f29825a7a9c7; Domain=stats.paypal.com; expires=Mon, 16 Mar 2043 05:56:45 GMT; Path=/
Content-Type: application/octet-stream
Date: Tue, 21 Mar 2023 05:56:45 GMT
c.paypal.com/da/r/fb.js
151.101.129.35304 Not Modified 0 B IP 151.101.129.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 31 Jan 2023 20:30:46 GMT
If-None-Match: W/"63d97a76-ecbf"
TE: trailers
HTTP/2 304 Not Modified
date: Tue, 21 Mar 2023 05:56:45 GMT
via: 1.1 varnish
etag: W/"63d97a76-ecbf"
age: 4177733
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 33619
x-timer: S1679378206.912374,VS0,VE1
vary: Accept-Encoding
expires: Wed, 22 Mar 2023 05:56:45 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/load-resource HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 125
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 53b13fbb74d5899ad77d34de170f1abd
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
64.4.245.84200 OK 42 B URL HTTP/1.1 dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
IP 64.4.245.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4 HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=7e15d370fb9cae894933; Domain=stats.paypal.com; expires=Mon, 16 Mar 2043 05:56:45 GMT; Path=/
Date: Tue, 21 Mar 2023 05:56:45 GMT
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/load-resource HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 125
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 403c336eb120284fef9e57e3e0fbdaac
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:45 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
t.paypal.com/ts?v=1.7.6&t=1679378208208&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1590027364641&calc=e697c8ff57f24&nsid=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=ca3049b0a3ec4f4799a8dddfdf17bc8d&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=1&gacook=914113329.1580169992&ef_policy=gdpr_eu&c_prefs=T%3D1%2CF%3D1%2CP%3D1&transition_name=ss_prepare_pwd&xe=101090%2C101735%2C100363%2C100644&xt=104050%2C105856%2C103720%2C101702&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&sl_status=NOT_LINKED&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A1757%2C%22tcp%22%3A886%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A57%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=167&t3=8&t4d=0&t4=0&t4e=2&tt=1700&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=271&3p_vid=30bd7b2a3a94226c&3p_fpti=28f2e9d42f0caffb
151.101.193.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?v=1.7.6&t=1679378208208&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1590027364641&calc=e697c8ff57f24&nsid=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=ca3049b0a3ec4f4799a8dddfdf17bc8d&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=1&gacook=914113329.1580169992&ef_policy=gdpr_eu&c_prefs=T%3D1%2CF%3D1%2CP%3D1&transition_name=ss_prepare_pwd&xe=101090%2C101735%2C100363%2C100644&xt=104050%2C105856%2C103720%2C101702&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&sl_status=NOT_LINKED&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A1757%2C%22tcp%22%3A886%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A57%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=167&t3=8&t4d=0&t4=0&t4e=2&tt=1700&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=271&3p_vid=30bd7b2a3a94226c&3p_fpti=28f2e9d42f0caffb
IP 151.101.193.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?v=1.7.6&t=1679378208208&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1590027364641&calc=e697c8ff57f24&nsid=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=ca3049b0a3ec4f4799a8dddfdf17bc8d&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=1&gacook=914113329.1580169992&ef_policy=gdpr_eu&c_prefs=T%3D1%2CF%3D1%2CP%3D1&transition_name=ss_prepare_pwd&xe=101090%2C101735%2C100363%2C100644&xt=104050%2C105856%2C103720%2C101702&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&sl_status=NOT_LINKED&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A1757%2C%22tcp%22%3A886%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A57%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=167&t3=8&t4d=0&t4=0&t4e=2&tt=1700&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=271&3p_vid=30bd7b2a3a94226c&3p_fpti=28f2e9d42f0caffb HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Tue, 21 Mar 2023 05:56:46 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: e1791edab7afd
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1774072606%26vteXpYrS%3D1679380006%26vr%3D28f2e9d42f0caffb%26vt%3D30bd7b2a3a94226c; Expires=Sat, 21 Mar 2026 05:56:46 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D28f2e9d42f0caffb%26vt%3D30bd7b2a3a94226c; Expires=Sat, 21 Mar 2026 05:56:46 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000e1791edab7afd-a047fbd441c1e057-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 21 Mar 2023 05:56:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220056-HHN, cache-bma1683-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1679378206.957521,VS0,VE165
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
c6.paypal.com/v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD
151.101.129.35200 OK 0 B URL HTTP/2 c6.paypal.com/v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD
IP 151.101.129.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD HTTP/1.1
Host: c6.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
correlation-id: 7f27654826ddc
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 7f27654826ddc
traceparent: 00-00000000000000000007f27654826ddc-8ee017af02b9e58d-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 21 Mar 2023 05:56:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220041-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1679378206.956908,VS0,VE183
server-timing: "traceparent;desc="00-00000000000000000007f27654826ddc-c187305a7e9539c1-01"";content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 0
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p2
151.101.129.35200 OK 125 B IP 151.101.129.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f178708d354a0403bbc03d220de6f84
779a0d02e525a3bdee6f7b9931ef332e49212a5a
b8fe7a4c973820092ee7016c49384c347a74ca8d78be6db6784e9e9a116950b1
POST /v1/r/d/b/p2 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 3966
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
correlation-id: 9f983a16904df
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 9f983a16904df
set-cookie: sc_f=Y3ICXz-wWIdFpG7_5lbohNQTSP9oKSa77YLfXt-Dm4AB1Mu-99iE9FUbQqY7mcSAD4t91oU0sOSZi5q8UOS9bUni2MfjUfCJxNiSq0;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Sat, 18-Mar-2028 22:56:46 GMT; HttpOnly
traceparent: 00-00000000000000000009f983a16904df-630809e7c12e9a3a-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 21 Mar 2023 05:56:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220066-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: "traceparent;desc="00-00000000000000000009f983a16904df-ad02cc831bd4f207-01"";content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p1
151.101.129.35200 OK 125 B IP 151.101.129.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b391a3d8c124e9f3a9368f0b35fb52c
9c6e0763d4c137dd6f5e45afa937f4aab42d54f8
7271805d0e384b805e07536d34f0c253a717d15137800f80be5aa37256c42525
POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1313
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: d49b662425796
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: d49b662425796
set-cookie: sc_f=KaJjvrWEKPRCKMwy1ZlhPxIE_dJMfTLzHYf_MrkurChNRz6T3pBXwkD3H6gkfLFa9l4gmJstmEcZb6w2KxTDeUo8pJ-7G4mp7XzYJW;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Sat, 18-Mar-2028 22:56:46 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=FfuOejjRd3Z4SmNfQapIFnRgRqFLQdpOeqhXmhN-UTCXDK66VHXEMOZkn3sfIGQj8CX4nv_Em7v83_dA;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Sun, 15-Mar-2043 22:56:46 GMT; HttpOnly
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Tue, 21 Mar 2023 06:26:46 GMT; HttpOnly; Secure
traceparent: 00-0000000000000000000d49b662425796-c4717ac47bfab5f6-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 21 Mar 2023 05:56:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220043-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13553
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 05:56:46 GMT
Connection: keep-alive
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
151.101.129.35200 OK 652 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP 151.101.129.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 27d4c955f3d827d1f3b1c0beb235fc27
76ba9d15ffb4f56a8db6422d1c31749cfa863bd8
7200d7384eb609045f93f4b449b3e6c296180334673aac27677d4d678a40af7d
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
access-control-expose-headers: Server-Timing
correlation-id: f00904efbe5e6
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: f00904efbe5e6
traceparent: 00-0000000000000000000f00904efbe5e6-025b2926ac25063f-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 21 Mar 2023 05:56:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220037-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1679378206.726979,VS0,VE164
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f00904efbe5e6-bb750ed2c5b5ce83-01"";content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07b787370d844cd515ddd9fa2f18dd2f
05af207b7d57654a46bcbaa335b05b05cdc03d48
37064c2c7234ff6172959969ba6d56decc8e8900c9a8f7ef177db7198144a7ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F450a7216-1468-4600-bf16-dcda5d72733e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: dabbce3d-fb36-404d-8b37-3bafed979062
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFFfBIAMFdMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-5cdf621e6196e46f7a1e849c;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: YfNJIF6SPWXOGEwKrIhi1h1bVS_RrqAvQQSV6OLbA3EJ8hkwWpoRMg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:00 GMT
age: 29086
etag: "05af207b7d57654a46bcbaa335b05b05cdc03d48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e6173b5-998a-4997-816d-b57ba0bc3829.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e6173b5-998a-4997-816d-b57ba0bc3829.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aef5e670f176a12585ea06a11ff3aa68
86831c3690d45996079c0cd02280d63e7fe0dc84
1898e033c5e706ca54471b36db485b09eef7548b2db49ef45392b22932e4733b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e6173b5-998a-4997-816d-b57ba0bc3829.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8515
x-amzn-requestid: abe490b3-8839-44ed-8541-a3ca5cdf9343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CAiRmE2uIAMFhNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64167da3-3d42a6f84aa11cb1023b24b5;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 03:12:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kvUQAkABP4KnXuUoYIrmeZez0IV1hgceDsqbJu7v_T1Y7mi8nWG_zA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 17:46:56 GMT
age: 43790
etag: "86831c3690d45996079c0cd02280d63e7fe0dc84"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e538277f72ecedd22d24c1012250fa9e
4bd955ea3790a6926486e3d56f51c712c56997d7
5f4d374598cfb1a78e7016ec3a0b563e61e7481be202c34b10c9fdfbfc7b638e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68a4b574-14c9-4d65-81df-d700ef3fa2f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11336
x-amzn-requestid: 3aaca817-ebbc-449f-806c-d5a2a7559335
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFEmFIAMFqhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-435381723c24efc66eed6b4b;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: GIjvleZ9_Ylizb0wtrfvVrU8qtjVdojVpS3IGmBZaqtLha42eEMBJw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:17:11 GMT
age: 27575
etag: "4bd955ea3790a6926486e3d56f51c712c56997d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80b8965f-0f1d-477d-b284-4d1e59649cf0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80b8965f-0f1d-477d-b284-4d1e59649cf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 549399285b0e626c036b5a3f7923acb7
47fc867d2850248a0cf58ffe6344bc723c567a92
ebee0635c9e51d080a113627a278b1af7f6e440754a1a43a201dc5e3e2392d5d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80b8965f-0f1d-477d-b284-4d1e59649cf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12272
x-amzn-requestid: 92cdffc1-5ab5-4579-99ae-8f8d7fe7453d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWjFFxfIAMF7UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d146-3e0b9ead0718e199373ff06a;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:33:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 408SujdURTeUV20k71o-5tJ-ZwsNmGfqLdZtj7GTnoaPAv3MCcVN5g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:01:02 GMT
age: 28544
etag: "47fc867d2850248a0cf58ffe6344bc723c567a92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0e2bcb0494bb5b0434a6b8c5276de8ff
33642ec68ca683dae156e15ee7449f8fecbfcd80
6921a091b2b19492a76cf3723b72c6966cb85751cabebbe2056a167994425414
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8599
x-amzn-requestid: f213c7c9-3dd9-4d20-8c46-742c3650dcfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGXKZFD6oAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d242-592c030e6760816b2d4f01f9;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: BOHK8DbdtREptv5xcR1VW-Hz0vV6tKyocLZHftBr6doO64Jkd7mUig==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:00 GMT
age: 29086
etag: "33642ec68ca683dae156e15ee7449f8fecbfcd80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: sTt0-W1XE7yUFGFXg2nPnKw5tKKkrw-cH_TCIbQy8JL-k0QtCNZS8w==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:08 GMT
age: 29078
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
172.217.21.179404 Not Found 69 B URL HTTP/1.1 www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
IP 172.217.21.179:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 1282
Origin: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: fd6ebb281c7b26e7042ff2258f891451
Vary: Accept-Encoding
Date: Tue, 21 Mar 2023 05:56:48 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
151.101.129.35200 OK 0 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP 151.101.129.35:0
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
access-control-expose-headers: Server-Timing
correlation-id: 616657142fa79
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 616657142fa79
traceparent: 00-0000000000000000000616657142fa79-b09806fbf6f82c32-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 21 Mar 2023 05:56:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220056-HHN, cache-bma1646-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1679378205.065123,VS0,VE163
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000616657142fa79-41353b190d723f24-01"";content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2