firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 10:06:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VA62Hcdu37tdn6iEuPJYWwmWPA6OA35cIy8DJFlPcnjPQJoNKR3Ljg==
Age: 2339
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10119
Expires: Sat, 10 Sep 2022 13:34:10 GMT
Date: Sat, 10 Sep 2022 10:45:31 GMT
Connection: keep-alive
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
142.250.74.83200 OK 18 kB URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59109), with no line terminators
Hash 30da7db513b712a9e8c523124cce51e2
bb1667b6e4a6cd42050b630eec1494485cae8922
b939e2af27309fa063b9e2dddd114765d813e94a999410e551945268fd0a7d66
GET /get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache
Content-Encoding: gzip
X-Cloud-Trace-Context: 5c9808466930380499e40ebdc19314d6
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:31 GMT
Server: Google Frontend
Content-Length: 17609
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Cm867mojKYwFD0b1KlgUwBg2v5YqfdKGC_YPdrJ425q6_6uynA68Og==
age: 12499
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 10:45:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d5f1a4a3cbcff2a380ae3b2ed83909c4
51db46957c05e034a896a4ede346f2ed90901012
fee75b595277c400b25afefb4206d7a0b6275cc29f7c4caab2457190550ef77c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5753
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:31 GMT
Last-Modified: Sat, 10 Sep 2022 09:09:39 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d5f1a4a3cbcff2a380ae3b2ed83909c4
51db46957c05e034a896a4ede346f2ed90901012
fee75b595277c400b25afefb4206d7a0b6275cc29f7c4caab2457190550ef77c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5910
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:31 GMT
Last-Modified: Sat, 10 Sep 2022 09:07:01 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d5f1a4a3cbcff2a380ae3b2ed83909c4
51db46957c05e034a896a4ede346f2ed90901012
fee75b595277c400b25afefb4206d7a0b6275cc29f7c4caab2457190550ef77c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4917
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:31 GMT
Last-Modified: Sat, 10 Sep 2022 09:23:34 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d5f1a4a3cbcff2a380ae3b2ed83909c4
51db46957c05e034a896a4ede346f2ed90901012
fee75b595277c400b25afefb4206d7a0b6275cc29f7c4caab2457190550ef77c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3114
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:31 GMT
Last-Modified: Sat, 10 Sep 2022 09:53:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d5f1a4a3cbcff2a380ae3b2ed83909c4
51db46957c05e034a896a4ede346f2ed90901012
fee75b595277c400b25afefb4206d7a0b6275cc29f7c4caab2457190550ef77c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4880
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:31 GMT
Last-Modified: Sat, 10 Sep 2022 09:24:11 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1
142.250.74.83404 Not Found 127 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f2a8a0217b26596b95ea004ce5d7b45
0f4bbd140e16e3a7d34f4ef2663dc6e9bd76038a
a89bc0f4f08baa4d1fad0f2a4bd5fe0ff427ed4faab591ae2531fe946a764532
Analyzer Verdict Alert fortinet Phishing
GET /auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1 HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 9d6ed0132233b15cbabe74678d35b20e
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:31 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 127
www.paypalobjects.com/pa/mi/3p/gtag/analytics.js
151.101.86.133200 OK 18 kB URL HTTP/2 www.paypalobjects.com/pa/mi/3p/gtag/analytics.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (1494)
Hash 12fc9a4a0883485292bb7966afb50411
9ebb6301be9bf0ff1689b2a65c617c22b49b3cb1
e36e16fec1c1434147c978fbae2303df06c4c7884e70135f3a93f0e55e9cd232
GET /pa/mi/3p/gtag/analytics.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"60271cd9-aed9"
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
paypal-debug-id: cb7fb20b424f9
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10057-SJC, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 1112, 7875
x-timer: S1662806732.567081,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 17980
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/mi/miconfig.js
151.101.86.133200 OK 22 kB URL HTTP/2 www.paypalobjects.com/pa/mi/miconfig.js
IP 151.101.86.133:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 8b78273af2878913bfde8e5885e49ed6
d2da2dbbe3070e8c967bf06c252f4683e9a7bcd2
d4aa84da7fd90140c7ecab6ca76b200bd3b950c7a60e35f378a528b3c8830d99
GET /pa/mi/miconfig.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"60e8dce5-1d4a2"
last-modified: Fri, 09 Jul 2021 23:33:57 GMT
paypal-debug-id: c4f497dce234
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000000c4f497dce234-5f81efd2f1281bec-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10020-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662806732.570406,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 22447
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/3pjs/tl/5.6.1/patlcfg.js
151.101.86.133200 OK 3.2 kB URL HTTP/2 www.paypalobjects.com/pa/3pjs/tl/5.6.1/patlcfg.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (9053), with no line terminators
Hash 841878d0eb407b73fe7fdd631d849bc6
93edf49f79390928f69f955147788bd15af0a7e2
2fce9cbe5bad1d30e9249bd365f096391cbf81ddfbcbaa3900c41e9ba4f44e3f
GET /pa/3pjs/tl/5.6.1/patlcfg.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"60271cd9-235d"
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
paypal-debug-id: 30199f65ed674
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000030199f65ed674-9eb70ab947335eca-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10024-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 136, 1
x-timer: S1662806732.571080,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 3212
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/icon-PN-check.png
151.101.86.133200 OK 1.2 kB URL HTTP/2 www.paypalobjects.com/images/shared/icon-PN-check.png
IP 151.101.86.133:0
File type PNG image data, 121 x 133, 8-bit colormap, non-interlaced\012- data
Hash 4014dbe27b6642b8539a8220a59a518f
193e344cf36dd9bd88b6b691e32089078b14a4e7
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
GET /images/shared/icon-PN-check.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "49vz/MoiBvXh6ILc659PTN8gH45nwBXy23o3w9v7cpc"
fastly-io-info: ifsz=2236 idim=121x133 ifmt=png ofsz=1238 odim=121x133 ofmt=png
fastly-stats: io=1
paypal-debug-id: a62b3a2ce2f32
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10042-SJC, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 23809, 1
x-timer: S1662806732.571404,VS0,VE1
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1238
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/js/min/pa.js
151.101.86.133200 OK 22 kB URL HTTP/2 www.paypalobjects.com/pa/js/min/pa.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (56537)
Hash 273a02c75ef53dbef1799aaa1610d996
c2d82d154aea17925934cf813de737d2491091c7
2043c999656b80a7091e265b55e26a4150c792fedc48d534826065f1fa59cf8c
GET /pa/js/min/pa.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"631927fb-dcf5"
last-modified: Wed, 07 Sep 2022 23:23:39 GMT
paypal-debug-id: 848b9935ca078
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000848b9935ca078-9185210c43793eca-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10026-SJC, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 1892
x-timer: S1662806732.571423,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 21559
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/mi/3p/gtag/gtag.js
151.101.86.133200 OK 31 kB URL HTTP/2 www.paypalobjects.com/pa/mi/3p/gtag/gtag.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (1571)
Hash 46b695034ade7245090675c81109a32a
6ba25f2ba3472ac0c7e576cf86ef60782176561f
13bb2040d667228783887402249dff01c35fc1e80a8054a3c2fc17a7a28cfece
GET /pa/mi/3p/gtag/gtag.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"60271cd9-13bba"
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
paypal-debug-id: f5e12caa3478b
dc: phx-origin-www-3.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10076-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 13481, 1601
x-timer: S1662806732.572183,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 31297
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
151.101.86.133200 OK 1.7 kB URL HTTP/2 www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png
IP 151.101.86.133:0
File type PNG image data, 224 x 200, 8-bit colormap, non-interlaced\012- data
Hash 01f70242c93a7a45b8fd6ee1a56aba6b
396950270473fe9149c24a251885f7ed7efd6134
4b16c98214d45bedb1513b7fd53a02ce204f6a2091a920c3122fb213168c3139
GET /images/shared/glyph_alert_critical_big-2x.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "e3ulSVTzLS+1hMwG/oqsG+jIfAa7MoSaV806RZTn6+w"
fastly-io-info: ifsz=5828 idim=224x200 ifmt=png ofsz=1709 odim=224x200 ofmt=png
fastly-stats: io=1
paypal-debug-id: b81b460757e6d
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10042-SJC, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 15581, 11746
x-timer: S1662806732.573831,VS0,VE0
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1709
X-Firefox-Spdy: h2
www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js
151.101.86.133200 OK 43 kB URL HTTP/2 www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a772d6e37edf4db34f3bdf8d0953531e
f2bd5841907dd85fb6e72d9259e224191fd3a46b
89f8f51d1d9ea9486a3b62d05d8f700d0c71b7e01dfe5da6ab70d430ed14ec3a
GET /pa/3pjs/tl/5.6.1/patleaf.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"60271cd9-1e7b4"
last-modified: Sat, 13 Feb 2021 00:27:05 GMT
paypal-debug-id: e0488e6be7afb
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000e0488e6be7afb-73641d7bf70d92db-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10078-SJC, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1662806732.574239,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 42976
X-Firefox-Spdy: h2
www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
151.101.86.133200 OK 6.7 kB URL HTTP/2 www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (22848), with no line terminators
Hash dbbc4ada6d57936a2a6055d10f70b778
abb2b0ea2f77b8d14b8343f1bd8b829a84e71f07
69b0687c1489cf8302bfef3e3d7ee5697077780467a778dc680700d096e9780d
GET /webcaptcha/ngrlCaptcha.min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"624d6980-5940"
last-modified: Wed, 06 Apr 2022 10:20:48 GMT
paypal-debug-id: dcaa6edc90bc4
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10079-SJC, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 15853
x-timer: S1662806732.575693,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 6711
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/signin-split.js
151.101.86.133200 OK 33 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/signin-split.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 19f5b8eb8fffa6d69f0b1f28d820002a
2c0b4405f36664d8206c2343b1402d43f80141c1
8f90224102d04620b580dab347d398f8bb09e25a73e7eb8c21464de54650e61c
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/js/signin-split.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"5ebda88e-201b7"
expires: Wed, 30 Aug 2023 19:27:19 GMT
last-modified: Thu, 14 May 2020 20:22:38 GMT
paypal-debug-id: bcc96357bb855
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000bcc96357bb855-e541af25d402cd4c-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10026-SJC, cache-bma1667-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662806732.576376,VS0,VE160
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 32841
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/ioc.js
151.101.86.133200 OK 2.0 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/ioc.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (3737)
Hash adf6a62a1e9c1b42295f790146641149
50b6f75f5333c32da85385c872259504f451a434
8372f97676192f17dc50263c5d50a67c2a85d5f616fa09541af0a950da261768
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/js/ioc.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"5ebda88e-1407"
expires: Thu, 07 Sep 2023 10:43:52 GMT
last-modified: Thu, 14 May 2020 20:22:38 GMT
paypal-debug-id: eba6135eeabd9
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000eba6135eeabd9-aa621d7999d23a0e-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10076-SJC, cache-bma1667-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662806732.571437,VS0,VE167
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 2005
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/css/contextualLogin.css
151.101.86.133200 OK 17 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/css/contextualLogin.css
IP 151.101.86.133:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8710f9b62f4959d1e706df929ab9976a
5c83347c34a6dbf3d5f2e39111ffbb75a6b2608c
45ca5d2cd792d5aa65b9fe3c283bd281a401928e09d5f424dcd14bc77fd0d7a4
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/css/contextualLogin.css HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: x-csrf-token
content-encoding: gzip
content-type: text/css
etag: W/"5ebda88d-187a2"
expires: Sat, 09 Sep 2023 04:14:38 GMT
last-modified: Thu, 14 May 2020 20:22:37 GMT
paypal-debug-id: 4bbd6b4edb936
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000004bbd6b4edb936-f5afa87e8ae6d2c3-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10062-SJC, cache-bma1667-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662806732.578068,VS0,VE162
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 17091
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/fn-sync-telemetry-min.js
151.101.86.133200 OK 2.3 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/fn-sync-telemetry-min.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (5534), with no line terminators
Hash 400c935a429f070148fc6d3993296efa
e5554c8227f385f3207a16326f9f8fd678d41c75
e077fe0b1b504e91b3cc5ed69d60f3ad1a327d59dd173eb3aee9d4911d2c3d3f
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/fn-sync-telemetry-min.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"5ebda88f-159e"
expires: Fri, 25 Aug 2023 02:15:55 GMT
last-modified: Thu, 14 May 2020 20:22:39 GMT
paypal-debug-id: 1dc36de928aa1
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000001dc36de928aa1-1c7cafe28e5f8343-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10064-SJC, cache-bma1667-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662806732.578684,VS0,VE166
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 2303
X-Firefox-Spdy: h2
www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/modernizr-2.6.1.js
151.101.86.133200 OK 1.8 kB URL HTTP/2 www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/modernizr-2.6.1.js
IP 151.101.86.133:0
File type HTML document, ASCII text, with very long lines (3807), with no line terminators
Hash 8ccfeaab41083bf23d23bbf8cf5c1d91
2c93343dfa49cd21e5fb95c952baca2a8355d113
43e849f50db968a0f8c8a881126b0885840238be79d42508d4000a31e19e1f4b
GET /web/res/998/3939bdf57803094a3bd44b3c944f7/js/lib/modernizr-2.6.1.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"5ebda88f-edf"
expires: Sun, 10 Sep 2023 10:45:31 GMT
last-modified: Thu, 14 May 2020 20:22:39 GMT
paypal-debug-id: 1d9e2a5478f0b
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000001d9e2a5478f0b-82f00b2ef45fb3cc-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10045-SJC, cache-bma1667-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662806732.576546,VS0,VE248
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=31557600
content-length: 1788
X-Firefox-Spdy: h2
www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
151.101.86.133200 OK 1.9 kB URL HTTP/2 www.paypalobjects.com/images/shared/paypal-logo-129x32.svg
IP 151.101.86.133:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 796be015d691467b94dc2617ed1b009a
cfb268c516c0d6b3d05bdac25a3557eeab59c499
c442af9b78ab4ee99c8a248a98f4ee1cdac6bd841f5daa6950ce9677aac2a506
GET /images/shared/paypal-logo-129x32.svg HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.paypalobjects.com/web/res/998/3939bdf57803094a3bd44b3c944f7/css/contextualLogin.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=3600
content-encoding: gzip
content-type: image/svg+xml
etag: W/"544ad849-1351"
last-modified: Fri, 24 Oct 2014 22:52:57 GMT
paypal-debug-id: 1c098630023be
dc: phx-origin-www-2.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
x-served-by: cache-sjc10031-SJC, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 24, 1
x-timer: S1662806732.869003,VS0,VE1
vary: Accept-Encoding
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=31557600
content-length: 1932
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4136
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:32 GMT
Last-Modified: Sat, 10 Sep 2022 09:36:36 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1
142.250.74.83404 Not Found 127 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f2a8a0217b26596b95ea004ce5d7b45
0f4bbd140e16e3a7d34f4ef2663dc6e9bd76038a
a89bc0f4f08baa4d1fad0f2a4bd5fe0ff427ed4faab591ae2531fe946a764532
Analyzer Verdict Alert fortinet Phishing
GET /auth/createchallenge/e1d96ebf7ae343bc/recaptchav3.js?_sessionID=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1 HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: d3e7784728e05ec3c266dde3778cbc3e
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:31 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 127
www.paypalobjects.com/web/res/249/eec0e77d9f9cbf5737eeea8a2641a/recaptcha/grcenterprise_v3.html
151.101.86.133200 OK 1.5 kB URL HTTP/2 www.paypalobjects.com/web/res/249/eec0e77d9f9cbf5737eeea8a2641a/recaptcha/grcenterprise_v3.html
IP 151.101.86.133:0
File type HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document, ASCII text
Hash 1c75454855ef890f901dded860bb0100
305d6861dd5792a5b1aba65104e437d642f07742
b93a4f3def0fdddd10264e8141566070aa32676896148e7b314e118fcccd4092
GET /web/res/249/eec0e77d9f9cbf5737eeea8a2641a/recaptcha/grcenterprise_v3.html HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html
etag: W/"5eb29cd0-fae"
expires: Wed, 16 Aug 2023 18:23:02 GMT
last-modified: Wed, 06 May 2020 11:17:36 GMT
paypal-debug-id: 5d1e813d4a2e4
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000005d1e813d4a2e4-83a8e6845a4b6d28-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:32 GMT
x-served-by: cache-sjc10068-SJC, cache-bma1667-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662806732.865257,VS0,VE166
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=31536000
strict-transport-security: max-age=31557600
content-length: 1549
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce167d2ea292e54aeb35fd3f854a2148
2edbdd91b37fcdbc5dfea4ebb667a0526d1e6eb7
1f10917d1bc3afd66192af958430594e5873e74c07db677313e4fb7a4d471ee1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5845
Cache-Control: max-age=145345
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:32 GMT
Etag: "631be8b8-1d7"
Expires: Mon, 12 Sep 2022 03:07:57 GMT
Last-Modified: Sat, 10 Sep 2022 01:30:32 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.paypalobjects.com/unifiedlogin/smartlockIframe.html?method=hintsAvailable&mode=web&clientId=76862753678-9l8i0gh7kv9mi12drrka4pj54ee2rj9v.apps.googleusercontent.com
151.101.86.133200 OK 948 B URL HTTP/2 www.paypalobjects.com/unifiedlogin/smartlockIframe.html?method=hintsAvailable&mode=web&clientId=76862753678-9l8i0gh7kv9mi12drrka4pj54ee2rj9v.apps.googleusercontent.com
IP 151.101.86.133:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e39ce5a3134787a4d66920b3c7e4eea4
f0e2fc8a71ffedb0fde7e9d2dee401e82d082ac4
4c3322489f7852f57331f7acdf805dce2767c5251ce2d45f022ecacbb31dae28
GET /unifiedlogin/smartlockIframe.html?method=hintsAvailable&mode=web&clientId=76862753678-9l8i0gh7kv9mi12drrka4pj54ee2rj9v.apps.googleusercontent.com HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: text/html
etag: W/"60271d6d-d74"
last-modified: Sat, 13 Feb 2021 00:29:33 GMT
paypal-debug-id: 25095c5546d2e
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000025095c5546d2e-278ff214c2526123-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:32 GMT
x-served-by: cache-sjc10036-SJC, cache-bma1667-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1662806732.896226,VS0,VE168
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 948
X-Firefox-Spdy: h2
b.stats.paypal.com/v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
64.4.245.84302 Found 0 B URL HTTP/1.1 b.stats.paypal.com/v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
IP 64.4.245.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4 HTTP/1.1
Host: b.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Server: PayPal-B.Stats/1.0
Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
Content-Length: 0
Set-Cookie: c=3634d6451817426e39d9; Domain=stats.paypal.com; expires=Fri, 05 Sep 2042 10:45:32 GMT; Path=/
Content-Type: application/octet-stream
Date: Sat, 10 Sep 2022 10:45:32 GMT
c.paypal.com/da/r/fb.js
151.101.193.35304 Not Modified 0 B IP 151.101.193.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 09 Aug 2022 20:44:56 GMT
If-None-Match: W/"62f2c748-e586"
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 10 Sep 2022 10:45:32 GMT
via: 1.1 varnish
etag: W/"62f2c748-e586"
age: 2639789
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 169964
x-timer: S1662806732.114464,VS0,VE1
vary: Accept-Encoding
expires: Sun, 11 Sep 2022 10:45:32 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
t.paypal.com/ts?v=1.7.0&t=1662806722217&g=0&e=err&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&comp=unifiedloginnodeweb&erpg=data%20is%20not%20defined&error_type=WINDOW_ONERROR&error_description=_0x566ba4%2F_0x19d402%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14319%0A_0x363e17%3C%2F%3C%2F_0x3b1a1e%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A10510%0A_0x566ba4%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14353%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A15719%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A16289%0A&error_source=http%3A%2F%2F9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%201%3A14319&3p_vid=1358c75146d06a69&3p_fpti=7741dafc17e7dcad
151.101.1.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?v=1.7.0&t=1662806722217&g=0&e=err&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&comp=unifiedloginnodeweb&erpg=data%20is%20not%20defined&error_type=WINDOW_ONERROR&error_description=_0x566ba4%2F_0x19d402%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14319%0A_0x363e17%3C%2F%3C%2F_0x3b1a1e%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A10510%0A_0x566ba4%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14353%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A15719%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A16289%0A&error_source=http%3A%2F%2F9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%201%3A14319&3p_vid=1358c75146d06a69&3p_fpti=7741dafc17e7dcad
IP 151.101.1.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?v=1.7.0&t=1662806722217&g=0&e=err&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&comp=unifiedloginnodeweb&erpg=data%20is%20not%20defined&error_type=WINDOW_ONERROR&error_description=_0x566ba4%2F_0x19d402%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14319%0A_0x363e17%3C%2F%3C%2F_0x3b1a1e%3C%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A10510%0A_0x566ba4%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A14353%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A15719%0A%40_%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%3A1%3A16289%0A&error_source=http%3A%2F%2F9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com%2Fget_draft%3Fid%3D9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html%201%3A14319&3p_vid=1358c75146d06a69&3p_fpti=7741dafc17e7dcad HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sat, 10 Sep 2022 10:45:32 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 6788b8188750d
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1757501132%26vteXpYrS%3D1662808532%26vr%3D7741dafc17e7dcad%26vt%3D1358c75146d06a69; Expires=Wed, 10 Sep 2025 10:45:32 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D7741dafc17e7dcad%26vt%3D1358c75146d06a69; Expires=Wed, 10 Sep 2025 10:45:32 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-00000000000000000006788b8188750d-fd3abd05bc18ce78-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sat, 10 Sep 2022 10:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11540-HHN, cache-bma1641-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662806732.986584,VS0,VE181
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
151.101.193.35200 OK 1.7 kB URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP 151.101.193.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 772435591902ec7cab64cceed05a90d5
375e86c02a77cfab6e87fa4dcb88a601eede83e0
a5e4a3ce198f5e4258e2368b4de8aaabe4b6ed1743f6c26d59774daf4b8f632e
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
correlation-id: adc987a9c24a0
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: adc987a9c24a0
traceparent: 00-0000000000000000000adc987a9c24a0-ebe07c4f9adea39d-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Sat, 10 Sep 2022 10:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4059-HHN, cache-bma1627-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662806732.895864,VS0,VE164
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
64.4.245.84200 OK 42 B URL HTTP/1.1 dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
IP 64.4.245.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4 HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=ee8b33d28758a35562c8; Domain=stats.paypal.com; expires=Fri, 05 Sep 2042 10:45:32 GMT; Path=/
Date: Sat, 10 Sep 2022 10:45:32 GMT
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
151.101.193.35200 OK 149 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP 151.101.193.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3e7bf609e5fb0ff1f33d97fb3816e286
eca827e429a89cbe927689c26e9ef73734e00a0e
cfe079d6fe9faae81a78f62296ecc7a4cb12a28fa99f1bed6ea4c6d8ea194df3
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
correlation-id: e9b1dee550b17
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: e9b1dee550b17
traceparent: 00-0000000000000000000e9b1dee550b17-e808faa5e4ae7353-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Sat, 10 Sep 2022 10:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11548-HHN, cache-bma1627-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662806732.069126,VS0,VE178
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/platform/tealeaftarget
142.250.74.83404 Not Found 127 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/platform/tealeaftarget
IP 142.250.74.83:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f2a8a0217b26596b95ea004ce5d7b45
0f4bbd140e16e3a7d34f4ef2663dc6e9bd76038a
a89bc0f4f08baa4d1fad0f2a4bd5fe0ff427ed4faab591ae2531fe946a764532
Analyzer Verdict Alert fortinet Phishing
POST /platform/tealeaftarget HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-Type: application/json
X-PageId: P.MZSAL9F3GVZYSQKFCZ7ES6ZDXS9Q
X-Tealeaf: device (UIC) Lib/5.6.0.1875
X-TealeafType: GUI
X-TeaLeaf-Page-Url: /get_draft
X-Tealeaf-SyncXHR: false
X-Tealeaf-MessageTypes: 1,2,5,12
Content-Encoding: gzip
Content-Length: 11911
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 30e9c6c0f7840728d4b1814cb19e2759
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 127
www.paypalobjects.com/webstatic/icon/pp64.png
151.101.86.133200 OK 1.7 kB URL HTTP/2 www.paypalobjects.com/webstatic/icon/pp64.png
IP 151.101.86.133:0
File type PNG image data, 64 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash de1ba89339f0a1addf3aaa930cd3e461
d29ffd216b865aa95798758aaccbed3a654139c3
af0887bb94e12e0bfc49f20335693e68b43c993885d6f1cf95d3830ce88565c0
GET /webstatic/icon/pp64.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "WxEn9yGH+kBq+xbUh4K1VFdViFyyxkv58VcTdG5vmJA"
fastly-io-info: ifsz=4518 idim=64x64 ifmt=png ofsz=1745 odim=64x64 ofmt=png
fastly-stats: io=1
paypal-debug-id: 18257985e9837
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:32 GMT
via: 1.1 varnish
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 2489
x-timer: S1662806732.299774,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 1745
X-Firefox-Spdy: h2
www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico
151.101.86.133200 OK 1.4 kB URL HTTP/2 www.paypalobjects.com/en_US/i/icon/pp_favicon_x.ico
IP 151.101.86.133:0
File type MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash 455deaddcb9436734b2144429ae53ff7
e173c07062d5ea7d98da48a8973d7dd24969fe61
5c958cea39018dd9f80738db7d3a8c2f28a0d539e5d481b296daafea829897f2
GET /en_US/i/icon/pp_favicon_x.ico HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=3600
content-encoding: gzip
content-type: image/x-icon
etag: W/"5d5637bd-1536"
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
paypal-debug-id: 393f79a5b684c
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:32 GMT
x-served-by: cache-sjc10051-SJC, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 16241, 8265
x-timer: S1662806732.300180,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 1431
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 10:45:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.paypal.com/da/r/fb.js
151.101.193.35304 Not Modified 0 B IP 151.101.193.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 09 Aug 2022 20:44:56 GMT
If-None-Match: W/"62f2c748-e586"
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 10 Sep 2022 10:45:32 GMT
via: 1.1 varnish
etag: W/"62f2c748-e586"
age: 2639790
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 169966
x-timer: S1662806732.318021,VS0,VE1
vary: Accept-Encoding
expires: Sun, 11 Sep 2022 10:45:32 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.28.179101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.28.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0oJuKIvLXiQxKj1jVmIldQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /Wvz8ddFBdnOLZS3OEu+Ms2ThEM=
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 808
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 13ca2be72ec3a5867aae276492166bbb
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/c697b46957f15073/challenge.js
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/auth/createchallenge/c697b46957f15073/challenge.js
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
GET /auth/createchallenge/c697b46957f15073/challenge.js HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 9f004db552cf07319c8317194d73c993
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
b.stats.paypal.com/v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
64.4.245.84302 Found 0 B URL HTTP/1.1 b.stats.paypal.com/v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
IP 64.4.245.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/counter.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4 HTTP/1.1
Host: b.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Connection: close
Server: PayPal-B.Stats/1.0
Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
Content-Length: 0
Set-Cookie: c=7f764a8e843d19578cef; Domain=stats.paypal.com; expires=Fri, 05 Sep 2042 10:45:32 GMT; Path=/
Content-Type: application/octet-stream
Date: Sat, 10 Sep 2022 10:45:32 GMT
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 973
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 45d0dc5bac3f8bcab0660e5ec2135d54
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/load-resource HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 125
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 5a18ac06dc3afc174c43e2ae82386c4b
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 1186
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: b6d4607bafd83729a87cb423e1950db5
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/cookie-banner
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/cookie-banner
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
GET /signin/cookie-banner HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 858e4cc5a3ca1c7eb91ba98d4375552b
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
c.paypal.com/da/r/fb.js
151.101.193.35304 Not Modified 0 B IP 151.101.193.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 09 Aug 2022 20:44:56 GMT
If-None-Match: W/"62f2c748-e586"
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 10 Sep 2022 10:45:32 GMT
via: 1.1 varnish
etag: W/"62f2c748-e586"
age: 2639790
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 169967
x-timer: S1662806733.575621,VS0,VE1
vary: Accept-Encoding
expires: Sun, 11 Sep 2022 10:45:32 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
64.4.245.84200 OK 42 B URL HTTP/1.1 dub.stats.paypal.com/v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4
IP 64.4.245.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /v1/counter2.cgi?r=cD00MGVlZWE0ZDBmMTE0ZGI2OGJjODk2M2UxMTYzMjQ1MiZpPTg5LjI0NS42Mi45OSZ0PTE1OTAwMjczNjQuNjcyJmE9MjEmcz1VTklGSUVEX0xPR0lOOefbsdhJLZojfiVSjhglOhwUZg4 HTTP/1.1
Host: dub.stats.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: close
Server: PayPal-B.Stats/1.0
Content-Type: image/jpeg
Content-Length: 42
Set-Cookie: c=8de7ca612b163e6f1c1f; Domain=stats.paypal.com; expires=Fri, 05 Sep 2042 10:45:32 GMT; Path=/
Date: Sat, 10 Sep 2022 10:45:32 GMT
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/load-resource HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 125
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 3a2ba1f177803a3894b6123f53231623
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/load-resource
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/load-resource HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 125
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 65856e056b11a09d17e2bc5f05a8fc35
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:32 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
c6.paypal.com/v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD
151.101.85.35200 OK 0 B URL HTTP/2 c6.paypal.com/v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD
IP 151.101.85.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/r/d/b/p3?f=40eeea4d0f114db68bc8963e11632452&s=UNIFIED_LOGIN_INPUT_PASSWORD HTTP/1.1
Host: c6.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.paypal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
correlation-id: 8b69dac4c6080
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 8b69dac4c6080
traceparent: 00-00000000000000000008b69dac4c6080-6dbc545c81da32a9-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sat, 10 Sep 2022 10:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11521-HHN, cache-bma1639-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662806733.607926,VS0,VE203
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 0
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p2
151.101.193.35200 OK 125 B IP 151.101.193.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8906f37c80e582a83562c1b6ae045844
4db3fb00343a7d9af5228edd1cede9a50724ce55
48e892d6bf3b262a4921b4d414d48b3b6383a5cceee3657bf533bd84a1ee8a4a
POST /v1/r/d/b/p2 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 3866
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: 7ed1093edf776
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 7ed1093edf776
set-cookie: sc_f=Ty2BRh9RbO6-fO6_1w2NMaKiI1IDboRUKDO4wuI7aBDF0pDt6mTgtfAIJ0mcBihdfeMx4-yYcqITml8t9O0vX6w1sD8xtsULO8aK0m;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Thu, 09-Sep-2027 03:45:32 GMT; HttpOnly
traceparent: 00-00000000000000000007ed1093edf776-69763dd1582feaaf-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sat, 10 Sep 2022 10:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11552-HHN, cache-bma1627-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
c.paypal.com/v1/r/d/b/p1
151.101.193.35200 OK 125 B IP 151.101.193.35:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 33755c22850d51aaf0f31370fa783c51
233c055036ee0b3ab5c25644931e4c0ebb12b3da
d01e1053afaa369a2c6dc1025acee78dfcdc145ae83089eca50301f7772abd24
POST /v1/r/d/b/p1 HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1288
Origin: https://c.paypal.com
Connection: keep-alive
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
correlation-id: 62af6489056ba
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 62af6489056ba
set-cookie: sc_f=5Yh9bdk1f-4mRbXHanDK93cS6-aMUunYs2Vm_d4i9bQh8vAMANwiYhNVLfGoDPe5TUCAILGM6q2WXtOFxntPrr8bGkA3mcVclhGT9W;Domain=c.paypal.com;Max-Age=157680000;Path=/;Secure;Version=1;Expires=Thu, 09-Sep-2027 03:45:32 GMT; HttpOnly
KHcl0EuY7AKSMgfvHl7J5E7hPtK=0Ow8EEQIM5X3cs0OHPHcWAzOjlgpGCBouWF6akG9nCKNvEFEb7G7P8jem_ArpaVGjjkZyFXJGMVn1rq8;Domain=.paypal.com;Max-Age=630720000;Path=/;Secure;Version=1;Expires=Fri, 05-Sep-2042 03:45:32 GMT; HttpOnly
traceparent: 00-000000000000000000062af6489056ba-ad2895c873de3536-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sat, 10 Sep 2022 10:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11538-HHN, cache-bma1627-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 125
X-Firefox-Spdy: h2
t.paypal.com/ts?v=1.7.0&t=1662806723133&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1590027364641&calc=e697c8ff57f24&nsid=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=ca3049b0a3ec4f4799a8dddfdf17bc8d&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=1&gacook=914113329.1580169992&ef_policy=gdpr_eu&c_prefs=T%3D1%2CF%3D1%2CP%3D1&transition_name=ss_prepare_pwd&xe=101090%2C101735%2C100363%2C100644&xt=104050%2C105856%2C103720%2C101702&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&sl_status=NOT_LINKED&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A1618%2C%22tcp%22%3A952%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A252%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=200&t3=9&t4d=0&t4=0&t4e=1&tt=1365&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=281&3p_vid=1358c75146d06a69&3p_fpti=7741dafc17e7dcad
151.101.1.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?v=1.7.0&t=1662806723133&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1590027364641&calc=e697c8ff57f24&nsid=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=ca3049b0a3ec4f4799a8dddfdf17bc8d&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=1&gacook=914113329.1580169992&ef_policy=gdpr_eu&c_prefs=T%3D1%2CF%3D1%2CP%3D1&transition_name=ss_prepare_pwd&xe=101090%2C101735%2C100363%2C100644&xt=104050%2C105856%2C103720%2C101702&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&sl_status=NOT_LINKED&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A1618%2C%22tcp%22%3A952%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A252%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=200&t3=9&t4d=0&t4=0&t4e=1&tt=1365&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=281&3p_vid=1358c75146d06a69&3p_fpti=7741dafc17e7dcad
IP 151.101.1.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?v=1.7.0&t=1662806723133&g=0&pgrp=main%3Aunifiedlogin%3A%3A%3Alogin&page=main%3Aunifiedlogin%3A%3A%3Alogin%3A%3A%3A&pgst=1590027364641&calc=e697c8ff57f24&nsid=_aLojqw_zCmxu5SgKeC5LVy23kkiQil1&rsta=de_DE&pgtf=Nodejs&env=live&s=ci&ccpg=DE&csci=ca3049b0a3ec4f4799a8dddfdf17bc8d&comp=unifiedloginnodeweb&tsrce=smartchatnodeweb&cu=1&gacook=914113329.1580169992&ef_policy=gdpr_eu&c_prefs=T%3D1%2CF%3D1%2CP%3D1&transition_name=ss_prepare_pwd&xe=101090%2C101735%2C100363%2C100644&xt=104050%2C105856%2C103720%2C101702&ctx_login_ot_content=0&obex=signin&landing_page=login&state_name=begin_pwd&ctx_login_ctxid_fetch=ctxid-not-exist&ctx_login_content_fetch=success&ctx_login_lang_footer=shown&ctx_login_signup_btn=shown%7Cdefault&ctx_login_intent=signin&ctx_login_flow=Signin&ctx_login_state_transition=login_loaded&post_login_redirect=default&ret_url=%2F&sl_status=NOT_LINKED&e=im&imsrc=setup&view=%7B%22t10%22%3A0%2C%22t11%22%3A1618%2C%22tcp%22%3A952%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A252%7D&pt=Loggen%20Sie%20sich%20bei%20PayPal%20ein&cd=24&sw=1280&sh=1024&dw=1280&dh=1024&bw=1280&bh=939&ce=1&t1=0&t1c=0&t1d=0&t1s=0&t2=200&t3=9&t4d=0&t4=0&t4e=1&tt=1365&rdc=0&protocol=http%2F1.1&res=%7B%7D&rtt=281&3p_vid=1358c75146d06a69&3p_fpti=7741dafc17e7dcad HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Sat, 10 Sep 2022 10:45:32 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: cc95a3679248c
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1757501132%26vteXpYrS%3D1662808532%26vr%3D7741dafc17e7dcad%26vt%3D1358c75146d06a69; Expires=Wed, 10 Sep 2025 10:45:32 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D7741dafc17e7dcad%26vt%3D1358c75146d06a69; Expires=Wed, 10 Sep 2025 10:45:32 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000cc95a3679248c-325f3ef1c61142a9-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Sat, 10 Sep 2022 10:45:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4075-HHN, cache-bma1641-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662806733.817721,VS0,VE186
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4463
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 10:45:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4463
Expires: Sat, 10 Sep 2022 11:59:56 GMT
Date: Sat, 10 Sep 2022 10:45:33 GMT
Connection: keep-alive
c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
151.101.193.35200 OK 652 B URL HTTP/2 c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
IP 151.101.193.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5b2726b3b282693ab23717f2d35fe7fb
655e7c774ad61bd9a9dc1c5bfe5878e1650a56da
1bc91bf0a0d58701ed7c7b5ce7aadef002a6d7ed83e3e0733cdde4ce58cbe80a
GET /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
correlation-id: f087b000b7133
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: f087b000b7133
traceparent: 00-0000000000000000000f087b000b7133-a5bcaef4292cb909-01
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Sat, 10 Sep 2022 10:45:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11570-HHN, cache-bma1627-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1662806732.390623,VS0,VE164
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
timing-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15249f3dafdd1690bc87ebb4fa6d518d
f930fcb22325e28592bc39b0b1974f5197c19afd
a0b9e88c78e85a037363e0b0e4e03478718f8715fe69e72bfd159922eca28301
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c7c5434-1873-4130-a7ce-78209ce54bf0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10950
x-amzn-requestid: 435fc2f4-fbcb-4eec-81d8-a23154dcec61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFUwZEfvIAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63186802-2348a4000430702d4e9ea132;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 09:44:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ORlM8dFTc_iThvJghFakY86D3ToJ5TCmP8Ip2PcvXCCkSKKHpWQ0Zw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:12:29 GMT
age: 45184
etag: "f930fcb22325e28592bc39b0b1974f5197c19afd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 478caf1cbdbafefa1b73c4e1a21e027c
90dd5e86857e7f6313bbb053baa8c1d4784d3089
0c845efdea74e5b1245ca00ea33a0b8220551d156ca34620e3d90ccb4de345dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff87d6b48-0caf-49d8-be21-3ec24e24374f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8706
x-amzn-requestid: 37d04670-7b5a-4cbb-ad4c-46615c604bc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzcG2moAMF30g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb349-5351f9c15ad587ae3c807d48;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: lcckuCebVvSAYgrOAQaGKSp9Bg7RMpdpgIr_3rlRjKgn6iuIQYDHVg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 45110
etag: "90dd5e86857e7f6313bbb053baa8c1d4784d3089"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d21a3e07583d9fad4104b6457f7915e7
fdc9453562f993e2545ca99731a7741e748b6082
8ea38264c82c6b544447079cc92eae70d0968a070ba39022af0e18c498916338
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8266
x-amzn-requestid: 3411ec4b-ac18-4b4e-8876-c99b94d3a4a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWEjhIAMFWpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-4d9e496e7ff141b46748d850;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: vyV1_onImxuLNGp4UI1W5grcuVW3LHJFJjvmO0VXU-OYorF6RVcoDw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:50:11 GMT
age: 46522
etag: "fdc9453562f993e2545ca99731a7741e748b6082"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 362d0931425ffa11f3287246f0480cc8
cc0f8bf63d11aeb3ea780af092523833f3b1abd3
75619cdf413b35451f109180e084a3630d0665a24b29e45510fed938d381db75
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6676
x-amzn-requestid: 97140273-f327-4ec8-b076-cea440ce1d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNi34HNxoAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb1cb-6356b02944a048db1be05d1c;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2s35YFxVMMVFBVoSTyoCp0w0ivNRYerua-rmRWXdbvtP2UHafYwUmw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:10:25 GMT
age: 45308
etag: "cc0f8bf63d11aeb3ea780af092523833f3b1abd3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 45110
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HwwG0Hjf8uZn1AtbLU_wKs3w9lict3tRP31XQY6tIxDz9KDNaBMAqw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 04:00:05 GMT
age: 24328
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
142.250.74.83404 Not Found 69 B URL HTTP/1.1 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/signin/client-log
IP 142.250.74.83:0
Hash eef1d7bf9f9d731e83ef7530f5ca7e5a
5875979a6b63786086fd33926c56927e8e8fab5f
a8988b5b746d08ad931493f016ae204bad6d3eb2ed9794106ec5e41b84bb842a
Analyzer Verdict Alert fortinet Phishing
POST /signin/client-log HTTP/1.1
Host: 9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-type: application/x-www-form-urlencoded
Content-Length: 1278
Origin: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/get_draft?id=9d62cf_b629798a3637a0ea5eb0bf9dd9f6992d.html
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=UTF-8
Content-Encoding: gzip
X-Cloud-Trace-Context: 1cdddd6558e527eae5f81a7af4d5e645
Vary: Accept-Encoding
Date: Sat, 10 Sep 2022 10:45:35 GMT
Server: Google Frontend
Cache-Control: private
Content-Length: 69
c.paypal.com/da/r/fb.js
151.101.193.35200 OK 0 B IP 151.101.193.35:0
GET /da/r/fb.js HTTP/1.1
Host: c.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://9d62cfee-59b3-42a8-9542-4b3a32692792.htmlcomponentservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
etag: W/"62f2c748-e586"
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
paypal-debug-id: 7a368cc6692de
traceparent: 00-00000000000000000007a368cc6692de-855db9bc9b6fdf14-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
accept-ranges: bytes
date: Sat, 10 Sep 2022 10:45:31 GMT
age: 2639789
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-sjc10042-SJC, cache-bma1678-BMA, cache-bma1627-BMA
x-cache: HIT, HIT, HIT
x-cache-hits: 1, 1, 169963
x-timer: S1662806732.579150,VS0,VE2
vary: Accept-Encoding
expires: Sun, 11 Sep 2022 10:45:31 GMT
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: false
access-control-max-age: 86400
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 20053
X-Firefox-Spdy: h2