Report - httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4

Report Overview

Submitted URL
httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html
IP
34.102.176.152
ASN
#15169 GOOGLE
Submitted
2023-03-26 02:17:07
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-29T11:45:01Z	1.7 kB	3.8 kB	192.229.221.95
t.paypal.com	3487	2012-06-27T15:49:38Z	2023-03-29T05:12:24Z	2.5 kB	2.0 kB	192.229.221.25
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	55 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	3.0 kB	8.0 kB	23.36.76.226
httpharoldhazard1-wixsite-com.filesusr.com	unknown	2023-01-30T08:03:19Z	2023-03-03T21:29:46Z	894 B	94 kB	34.102.176.152
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
www.paypalobjects.com	1467	2012-05-30T08:40:21Z	2023-03-29T08:01:28Z	8.1 kB	510 kB	192.229.221.25
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	238 B	34.117.65.55
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-26 02:17:10	medium	34.102.176.152	Client IP	ET PHISHING Possible Paypal Phishing Landing - Title over non SSL

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	317 B	2023-03-07	2024-01-25
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2024-01-25 02:41:44 Times Seen19 Hash 47bfbb7b4ca1593abf8e92692cbc60bd 89e3cb3a4c259e287613a97bfa6bf555c1bd69bb 451d32c31e18271c959fd5b70ec2a4d39fcffc9f582428a0c3d17abb2fe5988e Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	231 B	2023-03-07	2024-04-04
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:33 Times Seen537 Hash 718d8fda180ddfe6bdd9feb9e4e346c6 d80261d787cd74a03b314ea64c90194af7a8d30d 94c7ef1ae5529ac395e5ae8432272726d807e31b7ae061b3a079284c3a21646e Loading...

	www.paypalobjects.com/pa/js/min/pa.js	57 kB	2023-03-26	2023-05-09
Pretty URL www.paypalobjects.com/pa/js/min/pa.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:38:47 Last Seen2023-05-09 00:46:01 Times Seen285 Hash 5f90cd6d5d4af59dfe4c096984d180e1 8e69b28e369facfa740ec47461f93e13a5bc8240 4d2fc2bb098b754d3e760c2567f3ab4140cb46e85bb852dc8898d693b30deb91 Loading...

	www.paypalobjects.com/tagmgmt/bs-chunk.js	19 B	2023-03-07	2024-04-05
Pretty URL www.paypalobjects.com/tagmgmt/bs-chunk.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:47 Last Seen2024-04-05 20:09:49 Times Seen128 Hash dd780b1933198c2c23d61812a42da34d d411fd22e08e2cc1da029bb9759642ef6e84c10d be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187 Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	154 B	2023-03-07	2023-12-24
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2023-12-24 18:26:42 Times Seen17 Hash 2997c6dfb0ac45d2ab43574aeb09a1f8 84939859c5fe8f35a444e006175bdaaf34609416 e33f87fb68cec8cab65a06db24e98c8129a47bc21fce11e5bf1ff6b4735c969b Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	984 B	2023-03-07	2023-12-24
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2023-12-24 18:26:42 Times Seen17 Hash a6e147703e0bb2d1daf06b40c7d7a5ea 51fedca99d03aa2f8d2372d295b668f126a33481 6c74cce48512016535e43166fa3393c8b17e4dc78ad676154da512a69efdfc22 Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	707 B	2023-03-07	2023-12-24
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2023-12-24 18:26:42 Times Seen17 Hash eb694af5f94f6f051d88ad401a663170 6237bbbc3dad563f878a301085881e13ba0817d0 b2c51f461d5fa96bd57e276061a8755e0793cc73b75a55d962ee93b1bf4b7f9c Loading...

	www.paypalobjects.com/digitalassets/c/website/js/react-16_6_3-bundle.js	112 kB	2023-03-07	2024-01-25
Pretty URL www.paypalobjects.com/digitalassets/c/website/js/react-16_6_3-bundle.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2024-01-25 02:41:44 Times Seen33 Hash fe8147c9ab221bed16ca393f501a7a8b 9c4258034f7f0bb817d3cd0adad8c8597118d412 a6cb296cc17962a45f2e1ec8caa628f675def3f2296af7c66a40ab9bfe17bd3a Loading...

	www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js	1.5 kB	2023-03-07	2024-04-04
Pretty URL www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:33 Times Seen1098 Hash e08674d31c1b328ae44b0889fcebed71 102373e654b79a57f036650ce156f68fdb702034 15213b958a0af95e33fb82a50fc1a68ef2f171b3762662957e91ef1d834291f8 Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	246 B	2023-03-07	2024-01-25
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2024-01-25 02:41:44 Times Seen19 Hash ef3fe88f9fbaa86b7aa9a8ca6f0aa2b0 c7e268f7c0085deb25b4e287da7a91c2fe3201a8 5c7cbabab2343ce1d0921ae384ca85ba10e00b86e8f15e82999d8e8fbf148997 Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	30 kB	2023-03-07	2023-03-29
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2023-03-29 22:43:46 Times Seen5 Hash 4894eacd3d22c8a631be4aab1a87a209 9cd977e878209382fa38e1710c2f905379d6f4ea 810fd1cfe7fcc0098b14fae0e46bf321a2d01dc24707dd367e75b8914bddb7be Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	5.3 kB	2023-03-07	2023-12-24
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2023-12-24 18:26:42 Times Seen17 Hash 1c1fc7814744b2cc0de01e695054b9c3 9613ad82153df8c4c342d5d51426d2d8584c8278 645afbcd37d4800b58022c743057bbef7ec985aee28dfc306243011878c9de5b Loading...

	www.paypalobjects.com/activation/js/marketingIntentsV2.js	554 B	2023-03-07	2024-04-04
Pretty URL www.paypalobjects.com/activation/js/marketingIntentsV2.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:33 Times Seen1124 Hash c9a42008e37bc4f7287fa34295428946 bf3ffb685f469faef9b4573f8824ddf26fa6afac 4be8b546dbb09a4b486f6efab312ee3e5c94cb12e05dbe389c20d5cf391e3da2 Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	990 B	2023-03-07	2023-12-24
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2023-12-24 18:26:42 Times Seen17 Hash 8b3fecf6d75bc88095abbf3dd847b12a b377def30fdd8baee8b5d47c3341a48f2420d5c2 af8e3ec6f9da12177c8e5dab8df767317982a19807b1b5582a235bb038bde053 Loading...

	httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html	604 B	2023-03-07	2024-04-04
Pretty URL httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html IP 34.102.176.152 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:08 Last Seen2024-04-04 06:53:33 Times Seen540 Hash d82c941c792ffb2f2c16af62ba08dae0 6c8a1dd0af434e973e53f29f2817d3595d9699aa a5df9b0e04cb2514f83b2c1b0e978e29d7387b92b1252bdd3a371bf3ffa2250d Loading...

	www.paypalobjects.com/digitalassets/c/website/marketing/global/kui/js/opinionLab-2.1.0.js	42 kB	2023-03-07	2024-01-25
Pretty URL www.paypalobjects.com/digitalassets/c/website/marketing/global/kui/js/opinionLab-2.1.0.js IP 192.229.221.25 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:32 Last Seen2024-01-25 02:41:45 Times Seen33 Hash a5194f96c9bb06ebbb5f58c39fffcd1b d8d0145a70cf4ebfb6237dea846dabaa9fa4a94b da3177d9f38349f23abc99dcc0a87a8e1178a1576f0b27192821b20ebecc45e3 Loading...

HTTP Transactions (46)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3034
Expires: Sun, 26 Mar 2023 03:07:30 GMT
Date: Sun, 26 Mar 2023 02:16:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3343
Expires: Sun, 26 Mar 2023 03:12:39 GMT
Date: Sun, 26 Mar 2023 02:16:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Mar 2023 02:15:30 GMT
content-type: application/json
age: 86
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html

34.102.176.152

200 OK

94 kB

URL HTTP/1.1
httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html
IP
34.102.176.152:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65512)
Size
94 kB (93501 bytes)
Hash
39f5e951394368f9e49c63fbf3166add
849fd0c422fd193793f5c627a671fad3df240999
0f05bf4d86860a0801a14efbcfcdeaca97969830b31377a4818852df470b8c0f

Detections

NIDS	Severity	Alert
suricata	medium	ET PHISHING Possible Paypal Phishing Landing - Title over non SSL

HTTP Headers

GET /html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html HTTP/1.1
Host: httpharoldhazard1-wixsite-com.filesusr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Content-Length: 93501
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Seen-By: gcp.us-central-1.media-router-77bc6f7769-t5mzr
Via: 1.1 google
Date: Sun, 26 Mar 2023 02:15:49 GMT
Expires: Sun, 26 Mar 2023 03:11:34 GMT
Cache-Control: public, max-age=15552000, immutable
Age: 255
Last-Modified: Mon, 14 Sep 2020 20:14:33 GMT
ETag: "39f5e951394368f9e49c63fbf3166add"
Content-Type: text/html; charset=utf-8

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4260
Expires: Sun, 26 Mar 2023 03:27:56 GMT
Date: Sun, 26 Mar 2023 02:16:56 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 46qrHNERNmwIJrpMtzZnpCMEQNzpmY438ir1j8ZkobV75zYdM0lK4rcwfGET7py/X4Sz57Rg2Uo=
x-amz-request-id: B3Q70DA0W8RNWZ0V
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Mar 2023 02:01:01 GMT
age: 955
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 02:16:56 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714e76364e9958ed15233a5c9e860777
803a35f3fbfcb1f3462c3908de80159a00b0a999
6ecc255d0466eaf58b8027a1f43c4c69711e239451490526a93fbf7cd412555a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4502
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 02:16:56 GMT
Etag: "641e3e18-1d7"
Last-Modified: Sun, 26 Mar 2023 01:01:54 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
90b1c3da58195497dc546078dcb9793d
2f815cb9be01d66cc9bbe3d1d91339bcdc1fae02
6636f2fa595fd7597bdd4d0155c3a146e02a8d56c33456c4a20a1f48e3cbad0f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4502
Cache-Control: max-age=170266
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 02:16:56 GMT
Etag: "641f8f9c-1d7"
Expires: Tue, 28 Mar 2023 01:34:42 GMT
Last-Modified: Sun, 26 Mar 2023 00:19:40 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714e76364e9958ed15233a5c9e860777
803a35f3fbfcb1f3462c3908de80159a00b0a999
6ecc255d0466eaf58b8027a1f43c4c69711e239451490526a93fbf7cd412555a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4500
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 02:16:56 GMT
Last-Modified: Sun, 26 Mar 2023 01:01:56 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
90b1c3da58195497dc546078dcb9793d
2f815cb9be01d66cc9bbe3d1d91339bcdc1fae02
6636f2fa595fd7597bdd4d0155c3a146e02a8d56c33456c4a20a1f48e3cbad0f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4502
Cache-Control: max-age=170266
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 02:16:56 GMT
Etag: "641f8f9c-1d7"
Expires: Tue, 28 Mar 2023 01:34:42 GMT
Last-Modified: Sun, 26 Mar 2023 00:19:40 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
714e76364e9958ed15233a5c9e860777
803a35f3fbfcb1f3462c3908de80159a00b0a999
6ecc255d0466eaf58b8027a1f43c4c69711e239451490526a93fbf7cd412555a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4500
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 26 Mar 2023 02:16:56 GMT
Last-Modified: Sun, 26 Mar 2023 01:01:56 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471

www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2

192.229.221.25

200 OK

18 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format (Version 2), CFF, length 18360, version 1.6553\012- data
Size
18 kB (18360 bytes)
Hash
687b74c9a69af269c66b34ba18d6abd0
2bc090adc07a731f3c13da7969ca0a4409cee081
0d4d4b0ee4bdbbbfdf2fa8cc4c0ba0332a3798c2629cb806d249712f6a7063e3

HTTP Headers

GET /digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://httpharoldhazard1-wixsite-com.filesusr.com
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: application/font-woff2
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5a66a30d-47b8"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
paypal-debug-id: eba1b8610e694
server: ECAcc (ska/F74D)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000eba1b8610e694-fa401eefc65bab45-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 18360
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing/web/us/en/home/covid-icon.png

192.229.221.25

200 OK

2.8 kB

URL HTTP/2
www.paypalobjects.com/marketing/web/us/en/home/covid-icon.png
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
PNG image data, 80 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2783 bytes)
Hash
3e4445303f8dd6fb22deed904c2e8fe2
652d3ad27dcec45263afd141c087fa020a2616aa
0ba65b070bd90dbf9075867afbd9c3f8b591619c2a678f2ea7562a469db82181

HTTP Headers

GET /marketing/web/us/en/home/covid-icon.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271c73-adf"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Sat, 13 Feb 2021 00:25:23 GMT
paypal-debug-id: 6bf4a860f2699
server: ECAcc (ska/F761)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006bf4a860f2699-3f76c6658133308a-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 2783
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2

192.229.221.25

200 OK

18 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format (Version 2), CFF, length 18320, version 1.6553\012- data
Size
18 kB (18320 bytes)
Hash
8a41b4550d23b462af63fc46fabb46a4
50359b7126ed92c33efcbf673c286f105d9ae5e7
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f

HTTP Headers

GET /digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://httpharoldhazard1-wixsite-com.filesusr.com
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: application/font-woff2
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5a66ae4b-4790"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Tue, 23 Jan 2018 03:38:51 GMT
paypal-debug-id: 350d0a6532100
server: ECAcc (ska/F737)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000350d0a6532100-d984dccf50e0c420-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 18320
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/website/js/react-16_6_3-bundle.js

192.229.221.25

200 OK

37 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/website/js/react-16_6_3-bundle.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (556)
Size
37 kB (36652 bytes)
Hash
e7634a1c47762270e9c0cfaf44ab3ff8
b21ea0d3d237aae7be2b8867d582713de9657241
54bbf2d71ef680b495655a9d6125468af1f00a565445084628760a650883c5ec

HTTP Headers

GET /digitalassets/c/website/js/react-16_6_3-bundle.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5c199a88-1b4c8"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Wed, 19 Dec 2018 01:10:32 GMT
paypal-debug-id: 2141c35957a73
server: ECAcc (ska/F79E)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000002141c35957a73-7940d7246d7a222d-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 36652
X-Firefox-Spdy: h2

www.paypalobjects.com/pa/js/min/pa.js

192.229.221.25

200 OK

22 kB

URL HTTP/2
www.paypalobjects.com/pa/js/min/pa.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (56587)
Size
22 kB (21542 bytes)
Hash
6a32a2a156ea6a0bdaa2c18e388b7e24
b2140bc5867cc40a0b2f87829889dfab84886c9f
74652dcaddc531228546c08e205718c71112f6e3855b7bb03993559e2a1d0a03

HTTP Headers

GET /pa/js/min/pa.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "641b7c23-dd27"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Wed, 22 Mar 2023 22:07:31 GMT
paypal-debug-id: 3111125020cb6
server: ECAcc (ska/F77F)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000003111125020cb6-15e4ac93d21c272a-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 21542
X-Firefox-Spdy: h2

www.paypalobjects.com/tagmgmt/bs-chunk.js

192.229.221.25

200 OK

19 B

URL HTTP/2
www.paypalobjects.com/tagmgmt/bs-chunk.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with no line terminators
Size
19 B (19 bytes)
Hash
dd780b1933198c2c23d61812a42da34d
d411fd22e08e2cc1da029bb9759642ef6e84c10d
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187

HTTP Headers

GET /tagmgmt/bs-chunk.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271d4a-13"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Sat, 13 Feb 2021 00:28:58 GMT
paypal-debug-id: 41b001ab908ed
server: ECAcc (ska/F775)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
x-content-type-options: nosniff
content-length: 19
X-Firefox-Spdy: h2

www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js

192.229.221.25

200 OK

779 B

URL HTTP/2
www.paypalobjects.com/helpcenter/smartchat/sales/v1/open-chat.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (1387)
Size
779 B (779 bytes)
Hash
852d331ed6897c5edbe14d5d7ceef0ad
6d0441bd7eed5dac7feab975be4ed1fd2af1501a
1e011b258aa5e0a203c9473b4c77dcc5c4c1db820465abf78260fd63705c96c8

HTTP Headers

GET /helpcenter/smartchat/sales/v1/open-chat.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"60271b1c-5bf"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Sat, 13 Feb 2021 00:19:40 GMT
paypal-debug-id: dc2f6735f88da
server: ECAcc (ska/F777)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000dc2f6735f88da-6e9353f0844a256a-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 779
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css

192.229.221.25

200 OK

49 kB

URL HTTP/2
www.paypalobjects.com/marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65363)
Size
49 kB (48572 bytes)
Hash
528a13d979f2f741d6286a7fe7ad3a26
7eebcd215c3bb2232e6ab1e71d940ca7a9a9090a
8b170a7bad7a9302affe0ddd09849245afd56eb1de28118504245b17a7518b96

HTTP Headers

GET /marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: text/css
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"60271b54-4a97a"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Sat, 13 Feb 2021 00:20:36 GMT
paypal-debug-id: d5b3f78316607
server: ECAcc (ska/F686)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d5b3f78316607-3d8d68d5028a5628-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 48572
X-Firefox-Spdy: h2

www.paypalobjects.com/activation/js/marketingIntentsV2.js

192.229.221.25

200 OK

365 B

URL HTTP/2
www.paypalobjects.com/activation/js/marketingIntentsV2.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (469)
Size
365 B (365 bytes)
Hash
305c10d8cc14893fa7f3788f6b26d3b5
4c27a5f9dde9617912bb044e3eeee83607fdf6c8
91ad899e2fdac039958d4790085004f9c45e76f102ba52df10f16d8c672d73bb

HTTP Headers

GET /activation/js/marketingIntentsV2.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271561-22a"
expires: Mon, 27 Mar 2023 02:16:56 GMT
last-modified: Fri, 12 Feb 2021 23:55:13 GMT
paypal-debug-id: a40e728dc9224
server: ECAcc (ska/F6F1)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000a40e728dc9224-05e156bbdcf30e58-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 365
X-Firefox-Spdy: h2

www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom-white.svg

192.229.221.25

200 OK

2.0 kB

URL HTTP/2
www.paypalobjects.com/webstatic/i/logo/rebrand/ppcom-white.svg
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
2.0 kB (1988 bytes)
Hash
07cf97de339e93166ddb663d2e2b1c67
086035ddaa7630ea69c21e2d3e65bc854dfc781c
5565ad9a06510ab8faddcc46bea7bcb554d9f1b47744bc3d1929b5d971ad97f1

HTTP Headers

GET /webstatic/i/logo/rebrand/ppcom-white.svg HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypalobjects.com/marketing-resources/css/10/eb419198434f125e3e772612b3ebd1d9c0892c.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/svg+xml
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"550cc291-1445"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Sat, 21 Mar 2015 01:00:01 GMT
paypal-debug-id: a51df04334ec3
server: ECAcc (ska/F6A1)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000a51df04334ec3-af2a2480479da7ee-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 1988
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff

192.229.221.25

200 OK

20 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format, CFF, length 19988, version 0.0\012- data
Size
20 kB (19988 bytes)
Hash
75920d418c6e4b789a3d204b17553f6c
a9ed80fc5e7979f67eea9585113616a2034d32b5
4db62137dffee2ab0d510197115508b3b7ee0f3d4589c2ac14020e3894819bb1

HTTP Headers

GET /digitalassets/c/paypal-ui/fonts/PayPalSansBig-Light.woff HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://httpharoldhazard1-wixsite-com.filesusr.com
Connection: keep-alive
Referer: https://www.paypalobjects.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: font/woff
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5a7364c2-4e14"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Thu, 01 Feb 2018 19:04:34 GMT
paypal-debug-id: 7640fad40e43f
server: ECAcc (ska/F6B3)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000007640fad40e43f-0a232617ae8c324a-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 19988
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff

192.229.221.25

200 OK

20 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Web Open Font Format, CFF, length 19676, version 0.0\012- data
Size
20 kB (19676 bytes)
Hash
e6d6683417c85c5f2ae5f09334c3b2c3
737c02781d985bc6eb81d1c0df837613243e67f6
6a2a2f064ef289523471b8d25d32c195ecb8145c143d09f997b449d4034a7ac2

HTTP Headers

GET /digitalassets/c/paypal-ui/fonts/PayPalSansSmall-Regular.woff HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://httpharoldhazard1-wixsite-com.filesusr.com
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: font/woff
date: Sun, 26 Mar 2023 02:16:56 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5a66a30d-4cdc"
expires: Sun, 26 Mar 2023 03:16:56 GMT
last-modified: Tue, 23 Jan 2018 02:50:53 GMT
paypal-debug-id: 60d39659a2245
server: ECAcc (ska/F692)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000060d39659a2245-ea785c0750b2a098-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 19676
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
851b891e49332c30f51deef69914384f
6f07f7aa983efed1662b863a4539515f95de3d48
d977e120a6b5d0d18b760b852f591ab9f2dbc6216fd2114f6b47461da2b57e0f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D977E120A6B5D0D18B760B852F591AB9F2DBC6216FD2114F6B47461DA2B57E0F"
Last-Modified: Sat, 25 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15405
Expires: Sun, 26 Mar 2023 06:33:41 GMT
Date: Sun, 26 Mar 2023 02:16:56 GMT
Connection: keep-alive

httpharoldhazard1-wixsite-com.filesusr.com/smartchat/open/eligibility?intent=SALESCHAT&page=/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html

34.102.176.152

403 Forbidden

9 B

URL HTTP/1.1
httpharoldhazard1-wixsite-com.filesusr.com/smartchat/open/eligibility?intent=SALESCHAT&page=/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html
IP
34.102.176.152:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
722969577a96ca3953e84e3d949dee81
3dab5f6012e3e149b5a939b9cebba4a0b84dc8f5
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

HTTP Headers

GET /smartchat/open/eligibility?intent=SALESCHAT&page=/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html HTTP/1.1
Host: httpharoldhazard1-wixsite-com.filesusr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/html/3ff7c4_39f5e951394368f9e49c63fbf3166add.html

HTTP/1.1 403 Forbidden
Server: openresty/1.21.4.1
Date: Sun, 26 Mar 2023 02:16:56 GMT
Content-Type: text/plain
Content-Length: 9
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, must-revalidate, proxy-revalidate, no-store
Timing-Allow-Origin: *
X-Seen-By: gcp.us-central-1.media-router-77bc6f7769-cbdzw
Via: 1.1 google

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Mar 2023 01:17:24 GMT
age: 3573
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nO8UET/srwfnubeQJh5s3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: F/zsFv18cnArVNQTaS/cailTVis=
Date: Sun, 26 Mar 2023 02:16:57 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

t.paypal.com/ts?v=1.7.7&t=1679797031308&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=Unknown&calc=82bba33a054af&nsid=SN-FTGZbNRen6ZLqHLuUIL0WidQzvOOl&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=en_US&csci=c753fadd08984fcd9bc68d4ba76a25d3&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201&xt=108244%2C108087&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&e=im&displayPage=main%3Amktg%3Apersonal%3A%3Ahome&ppage=privacy_banner&bannerType=cookiebanner&flag=ccpa&bannerVersion=v3a&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&3p_vid=2b072e285ac75947&3p_fpti=3635f62c1ddd5853

192.229.221.25

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?v=1.7.7&t=1679797031308&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=Unknown&calc=82bba33a054af&nsid=SN-FTGZbNRen6ZLqHLuUIL0WidQzvOOl&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=en_US&csci=c753fadd08984fcd9bc68d4ba76a25d3&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201&xt=108244%2C108087&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&e=im&displayPage=main%3Amktg%3Apersonal%3A%3Ahome&ppage=privacy_banner&bannerType=cookiebanner&flag=ccpa&bannerVersion=v3a&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&3p_vid=2b072e285ac75947&3p_fpti=3635f62c1ddd5853
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?v=1.7.7&t=1679797031308&g=0&pgrp=main%3Aprivacy%3Apolicy&page=main%3Aprivacy%3Apolicy%3Accpa&pgst=Unknown&calc=82bba33a054af&nsid=SN-FTGZbNRen6ZLqHLuUIL0WidQzvOOl&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=en_US&csci=c753fadd08984fcd9bc68d4ba76a25d3&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201&xt=108244%2C108087&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&e=im&displayPage=main%3Amktg%3Apersonal%3A%3Ahome&ppage=privacy_banner&bannerType=cookiebanner&flag=ccpa&bannerVersion=v3a&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&3p_vid=2b072e285ac75947&3p_fpti=3635f62c1ddd5853 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Sun, 26 Mar 2023 02:16:57 GMT
expires: Sun, 26 Mar 2023 02:16:57 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: bdc87f3241ee1
pragma: no-cache
server: ECAcc (frc/4C8F)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: ts=vreXpYrS%3D1774491417%26vteXpYrS%3D1679798817%26vr%3D3635f62c1ddd5853%26vt%3D2b072e285ac75947; Expires=Thu, 26 Mar 2026 02:16:57 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D3635f62c1ddd5853%26vt%3D2b072e285ac75947; Expires=Thu, 26 Mar 2026 02:16:57 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000bdc87f3241ee1-b63b8f1b27df7818-01
content-length: 42
X-Firefox-Spdy: h2

www.paypalobjects.com/webstatic/icon/pp196.png

192.229.221.25

200 OK

6.3 kB

URL HTTP/2
www.paypalobjects.com/webstatic/icon/pp196.png
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
PNG image data, 196 x 196, 8-bit/color RGB, non-interlaced\012- data
Size
6.3 kB (6295 bytes)
Hash
6aee6ff206053b62bf55f6673ae5914f
d21110a6efd1b626d01655db56cae4da1d4c18fd
46314d287f28e8179437f32d1f83abeab9aaf621448642997151055e8b2898d4

HTTP Headers

GET /webstatic/icon/pp196.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Sun, 26 Mar 2023 02:16:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "53611ccb-1897"
expires: Sun, 26 Mar 2023 03:16:57 GMT
last-modified: Wed, 30 Apr 2014 15:54:51 GMT
paypal-debug-id: 9d5d965485162
server: ECAcc (ska/F6E5)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000009d5d965485162-d67ce604cd2187da-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 6295
X-Firefox-Spdy: h2

www.paypalobjects.com/webstatic/icon/pp32.png

192.229.221.25

200 OK

4.0 kB

URL HTTP/2
www.paypalobjects.com/webstatic/icon/pp32.png
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3972 bytes)
Hash
8f4dd9ccb66a6485107e80b6e86063f9
fc5220270099d7079a068e5fd3ac5ad248f2e15d
9e208d404c81e5fc7170c13b8564b1368100d668b2071b16ee14600d08519ac4

HTTP Headers

GET /webstatic/icon/pp32.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Sun, 26 Mar 2023 02:16:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "53611ccb-f84"
expires: Sun, 26 Mar 2023 03:16:57 GMT
last-modified: Wed, 30 Apr 2014 15:54:51 GMT
paypal-debug-id: 1511fde0bb2a0
server: ECAcc (ska/F76D)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache: HIT
x-content-type-options: nosniff
content-length: 3972
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing-resources/js/be/3df262f97bed64f5e52a9d811d3821d0e32e69.js

192.229.221.25

200 OK

286 kB

URL HTTP/2
www.paypalobjects.com/marketing-resources/js/be/3df262f97bed64f5e52a9d811d3821d0e32e69.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
Unicode text, UTF-8 text, with very long lines (54295)
Size
286 kB (285817 bytes)
Hash
1c78721980f83c852f58ed02a1425452
ae0922f6c054741ed0040a9b4f61edcc14600f55
cd4909fd13f7e8582cd588343cb6778ec9713653a33d4fd65e5bfd5a251dcf15

HTTP Headers

GET /marketing-resources/js/be/3df262f97bed64f5e52a9d811d3821d0e32e69.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=31536000
content-type: application/javascript
date: Sun, 26 Mar 2023 02:16:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"60271bbf-1329e6"
expires: Sun, 26 Mar 2023 03:16:57 GMT
last-modified: Sat, 13 Feb 2021 00:22:23 GMT
paypal-debug-id: 1def9f8522592
server: ECAcc (ska/F695)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000001def9f8522592-8fa667805c1ee699-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 285817
X-Firefox-Spdy: h2

www.paypalobjects.com/digitalassets/c/website/marketing/global/kui/js/opinionLab-2.1.0.js

192.229.221.25

200 OK

12 kB

URL HTTP/2
www.paypalobjects.com/digitalassets/c/website/marketing/global/kui/js/opinionLab-2.1.0.js
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (39683), with CRLF line terminators
Size
12 kB (12254 bytes)
Hash
9514a722fdc1349965919be79be21a82
338f57ffc4ba905f5be4e69e010a25c5426e20bc
929f5ced366eb9c4e267ac96377cea6288eab2481c644eca062815059034bd73

HTTP Headers

GET /digitalassets/c/website/marketing/global/kui/js/opinionLab-2.1.0.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/javascript
date: Sun, 26 Mar 2023 02:16:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "5ee647b6-a5a5"
expires: Sun, 26 Mar 2023 03:16:57 GMT
last-modified: Sun, 14 Jun 2020 15:52:22 GMT
paypal-debug-id: c69fbebad2c37
server: ECAcc (daa/7DA2)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000c69fbebad2c37-f5c3331f8871a7a2-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 12254
X-Firefox-Spdy: h2

t.paypal.com/ts?v=1.7.7&t=1679797032435&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=82bba33a054af&nsid=SN-FTGZbNRen6ZLqHLuUIL0WidQzvOOl&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=c753fadd08984fcd9bc68d4ba76a25d3&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201&xt=108244%2C108087&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A2014%2C%22tcp%22%3A936%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A557%7D&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=134&t3=0&t4d=0&t4=0&t4e=4&tt=1457&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=335&3p_vid=2b072e285ac75947&3p_fpti=3635f62c1ddd5853

192.229.221.25

200 OK

42 B

URL HTTP/2
t.paypal.com/ts?v=1.7.7&t=1679797032435&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=82bba33a054af&nsid=SN-FTGZbNRen6ZLqHLuUIL0WidQzvOOl&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=c753fadd08984fcd9bc68d4ba76a25d3&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201&xt=108244%2C108087&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A2014%2C%22tcp%22%3A936%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A557%7D&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=134&t3=0&t4d=0&t4=0&t4e=4&tt=1457&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=335&3p_vid=2b072e285ac75947&3p_fpti=3635f62c1ddd5853
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

HTTP Headers

GET /ts?v=1.7.7&t=1679797032435&g=0&pgrp=main%3Amktg%3Apersonal%3A%3Ahome&page=main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A&pgst=Unknown&calc=82bba33a054af&nsid=SN-FTGZbNRen6ZLqHLuUIL0WidQzvOOl&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=us&csci=c753fadd08984fcd9bc68d4ba76a25d3&comp=mppnodeweb&tsrce=mppnodeweb&cu=0&ef_policy=ccpa&xe=102245%2C102201&xt=108244%2C108087&pgld=Unknown&bzsr=main&bchn=mktg&tmpl=home.jsx&pgsf=personal&lgin=out&shir=main_mktg_personal_&pros=3&lgcook=0&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A2014%2C%22tcp%22%3A936%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A557%7D&pt=Send%20Money%2C%20Pay%20Online%20or%20Set%20Up%20a%20Merchant%20Account%20-%20PayPal&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=134&t3=0&t4d=0&t4=0&t4e=4&tt=1457&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=335&3p_vid=2b072e285ac75947&3p_fpti=3635f62c1ddd5853 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Sun, 26 Mar 2023 02:16:58 GMT
expires: Sun, 26 Mar 2023 02:16:58 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 972b2dbb33ff3
pragma: no-cache
server: ECAcc (frc/4CA5)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: ts=vreXpYrS%3D1774491418%26vteXpYrS%3D1679798818%26vr%3D3635f62c1ddd5853%26vt%3D2b072e285ac75947; Expires=Thu, 26 Mar 2026 02:16:58 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D3635f62c1ddd5853%26vt%3D2b072e285ac75947; Expires=Thu, 26 Mar 2026 02:16:58 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000972b2dbb33ff3-2859df17a16d9482-01
content-length: 42
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2526
Expires: Sun, 26 Mar 2023 02:59:04 GMT
Date: Sun, 26 Mar 2023 02:16:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2526
Expires: Sun, 26 Mar 2023 02:59:04 GMT
Date: Sun, 26 Mar 2023 02:16:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2526
Expires: Sun, 26 Mar 2023 02:59:04 GMT
Date: Sun, 26 Mar 2023 02:16:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2526
Expires: Sun, 26 Mar 2023 02:59:04 GMT
Date: Sun, 26 Mar 2023 02:16:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2526
Expires: Sun, 26 Mar 2023 02:59:04 GMT
Date: Sun, 26 Mar 2023 02:16:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12991 bytes)
Hash
8e19767dbe464134f0ab81b0eadb98fa
007758853c1d1605db69131eb50ff433a4da5f8c
63f1f08cd038e7b6d3316bbdc59a598b01c3bedd1ef04ba1986152e239fa128c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12991
x-amzn-requestid: 16bc16bf-b87e-4ed7-a559-3e900595928e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smH_kIAMF5oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-21e7ce61788315866c752f28;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 0XTrJJ-Z6-GCn2VJUUt8tqhvG4E8b_TYTBiDBu1Qr35g7THOqp5Zkg==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:51:13 GMT
age: 15945
etag: "007758853c1d1605db69131eb50ff433a4da5f8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11100 bytes)
Hash
908bd7a6c220345e72fa664f871424c4
61a5d3f11e85d5fd77192701c305cb8651aa6395
9531f5b25cab1030aa579aa9f3b369ecb9daf0b929573897c6516520c06084a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11100
x-amzn-requestid: 3021b51a-674d-45d7-9939-9257330c0dbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1hQFs1oAMFb0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f693a-0200a29207f6a3f5074c3cf1;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:35:54 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jlErPpMe9fQqKvMYIXUDGkEXT-hFUt6veP7Gj8byX1ktNmxSRD_Ozg==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:50:36 GMT
age: 15982
etag: "61a5d3f11e85d5fd77192701c305cb8651aa6395"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa47e8d1c-6343-48dc-966b-71e83875b350.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7778 bytes)
Hash
1782dd235045315ec9b8d127a4a61dfd
4242d3ff0a1ca9f76166585532a815c4b1f15175
c404e097daf50098edf2d46b1d314fb2ab95f1d655293f0a9e123867fc11a982

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa47e8d1c-6343-48dc-966b-71e83875b350.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7778
x-amzn-requestid: 5794fe13-ddf8-4a4d-86e3-53da34af0c98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW2QAF91IAMFoNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6a66-1f6247aa2651e9a35dbccec7;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:40:54 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ym5ku830id9iQl1QzIRpIo1jrMq7KILCx91VgOKApAkkDpEdLi_lug==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:12:28 GMT
age: 14670
etag: "4242d3ff0a1ca9f76166585532a815c4b1f15175"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5556 bytes)
Hash
c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ZQcPeutl5BzzzysPzWEzrEY8WU-0F-0twvGPT7RAX-UjNOCk3NtmMQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 06:24:35 GMT
age: 71543
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7823 bytes)
Hash
9b21b2c60279839939b60afd83d047fa
544c243fe2d69156f50eec156a62de127128a028
091a59214cfc0af90b4cb820bb521577ae63e862ec10160b8f64c9a9e593630d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7823
x-amzn-requestid: c528eae7-69b4-4669-8c15-2b306586b84b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWHx5IAMFlEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-340c77491ea4440b340e3822;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L_VF003IBR5rwk7Dkcc5BLDFTR4sUCzXvgD3mcLML1bzNatBZjW-Cg==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:49:34 GMT
age: 16044
etag: "544c243fe2d69156f50eec156a62de127128a028"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3589 bytes)
Hash
1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Olik0rOopNpu03_GQWvvGeuS0D579nAdtuk9RGWUQSopMavKHDn1cQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:53:15 GMT
age: 15823
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.paypalobjects.com/marketing/web/US/en/home/PP_EE_LP_Header_Output_US_1600x800_post_live.mp4

192.229.221.25

206 Partial Content

0 B

URL HTTP/2
www.paypalobjects.com/marketing/web/US/en/home/PP_EE_LP_Header_Output_US_1600x800_post_live.mp4
IP
192.229.221.25:0
ASN
#15133 EDGECAST

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /marketing/web/US/en/home/PP_EE_LP_Header_Output_US_1600x800_post_live.mp4 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://httpharoldhazard1-wixsite-com.filesusr.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-range: bytes 0-2100107/2100108
content-type: video/mp4
date: Sun, 26 Mar 2023 02:16:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271c0d-200b8c"
expires: Sun, 26 Mar 2023 03:16:57 GMT
last-modified: Sat, 13 Feb 2021 00:23:41 GMT
paypal-debug-id: d33849348e2c1
server: ECAcc (daa/7CCE)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d33849348e2c1-ffcb8d0a1893862b-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 2100108
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML