| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash5eb7c9bc996a0ff420e58af45526f053 8c2614832b8efe1c9da0bbd465d6f3f172d95a9e c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19724
Expires: Mon, 30 Jan 2023 17:03:55 GMT
Date: Mon, 30 Jan 2023 11:35:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3eb88dea4fe00db1182370e72683c3ab ca520abf1e91bfd2aef40c6a1270a911071e8922 d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4146
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 11:35:11 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 10:43:11 GMT
content-type: application/json
age: 3120
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/7Qg-Q6sUQ7s | 142.250.74.131 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/7Qg-Q6sUQ7s IP142.250.74.131:0
Hash34fa7bd36ffdaafbdf28cf138eb7b6fa e8e12dc1280165fbae722575e143f0a8beb27639 767a77ea8d67260d987d5ff3960dddc7397c243f7269d5875d4b9ec331b8dcc5
POST /s/gts1p5/7Qg-Q6sUQ7s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 11:35:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash09ee4b0fe6cf4ca5ed31b24452338d00 7e62b6e20f0d4737f4a8d94f9818a0883027839e 56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Mon, 30 Jan 2023 13:49:36 GMT
Date: Mon, 30 Jan 2023 11:35:11 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: G/znFtlKfzSVUPHHRX3CD9Smhz3aUEb63QE4+T2CvYEIZaF/ZXRNDGpg8w1RpoFwgntRUM0qsmU=
x-amz-request-id: BJENWBH4SDFZRZEK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 10:50:42 GMT
age: 2669
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 11:35:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/7Qg-Q6sUQ7s | 142.250.74.131 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/7Qg-Q6sUQ7s IP142.250.74.131:0
Hash34fa7bd36ffdaafbdf28cf138eb7b6fa e8e12dc1280165fbae722575e143f0a8beb27639 767a77ea8d67260d987d5ff3960dddc7397c243f7269d5875d4b9ec331b8dcc5
POST /s/gts1p5/7Qg-Q6sUQ7s HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 11:35:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 10:49:04 GMT
age: 2767
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 891 B |
IP93.184.220.29:0
Hash97c86969228f62147d2a2fcb59c2ef95 50ca15485154165926e46df28a476f9360a3671d 75fb8255734b642231c1af264cd3feb98c2b98d7fe20e05758f5a17e8786f45a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6186
Cache-Control: max-age=142036
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 11:35:12 GMT
Etag: "63d71b1b-1d7"
Expires: Wed, 01 Feb 2023 03:02:28 GMT
Last-Modified: Mon, 30 Jan 2023 01:19:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 681 B |
IP93.184.220.29:0
Hashba5a3e33dcc901c52963df8dff939b15 daf30d6e66acecfc66ca991e9e55fda6067a89aa 6bf6bd5b72af1d2abeba7ff049fd9349bca49084ac946584927d19bdbf7c7834
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5860
Cache-Control: max-age=141711
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 11:35:12 GMT
Etag: "63d71b1b-1d7"
Expires: Wed, 01 Feb 2023 02:57:03 GMT
Last-Modified: Mon, 30 Jan 2023 01:19:23 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 1.3 kB |
IP93.184.220.29:0
Hashb629e2c172b2df3c375807477bc2e9b2 1e8307dd8851103337dcb0a1e4ec3ed6edbeb876 ede08342e64e16dd0998104e11851c1e9a5759985411be2624f0a5085874811b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5081
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 11:35:12 GMT
Last-Modified: Mon, 30 Jan 2023 10:10:32 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash5c5bc701375ee726e789d906137c3327 82ae36f943c89e5b60c12f2b09ab2e6b866b3c75 6efceb2ae05906e09732571d3e9a00ede94c80404ca0c99a51cc498497c9012b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6208
Cache-Control: max-age=142059
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 11:35:12 GMT
Etag: "63d71b1b-1d7"
Expires: Wed, 01 Feb 2023 03:02:51 GMT
Last-Modified: Mon, 30 Jan 2023 01:19:23 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
|
|
| www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Light.woff2 | 151.101.130.133 | 200 OK | 94 kB |
URL HTTP/2www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Light.woff2 IP151.101.130.133:0
Hash2f66c0d497ee7120817c244bf6dd79ef d2c979e35c702681ec8f0ac818ea65f57508301d 6f516a39baba4e5e713889cb161b09c2efa0c4bbc21a5e30de165fe387eeae83
GET /ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Light.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pazpal.top
Connection: keep-alive
Referer: https://pazpal.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
etag: "60271d64-9551"
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
paypal-debug-id: cd81acc5e989d
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 11:35:12 GMT
x-served-by: cache-sjc10020-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 2984, 3340
x-timer: S1675078512.102411,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/font-woff2
strict-transport-security: max-age=31557600
content-length: 38225
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/ui-web/iconfont-consumer/3-3-0/fonts/ConsumerIcons-Regular.woff | 151.101.130.133 | 200 OK | 36 kB |
URL HTTP/2www.paypalobjects.com/ui-web/iconfont-consumer/3-3-0/fonts/ConsumerIcons-Regular.woff IP151.101.130.133:0
File typeWeb Open Font Format, TrueType, length 35676, version 1.0\012- data Hash7c15e312007f96e514598e0595dc5893 ab8cd9f8b7053d272899ea5de7b4fda2bf7dbe75 d7793651ef95bfe8e9e0ca8660c9ee4e76744c40f04ee8427a388ca1005fc29b
GET /ui-web/iconfont-consumer/3-3-0/fonts/ConsumerIcons-Regular.woff HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pazpal.top
Connection: keep-alive
Referer: https://pazpal.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: font/woff
etag: "60271d63-8b5c"
last-modified: Sat, 13 Feb 2021 00:29:23 GMT
paypal-debug-id: 53891202e1928
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000053891202e1928-a2c9e43bfab95edd-01
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
date: Mon, 30 Jan 2023 11:35:12 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1675078512.102646,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
strict-transport-security: max-age=31557600
content-length: 35676
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Thin.woff2 | 151.101.130.133 | 200 OK | 40 kB |
URL HTTP/2www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Thin.woff2 IP151.101.130.133:0
Hashe03ff9636813bfc325ea40fd97393977 cc47f151cd1109c8170debf31f1ed499b5cfc9c8 c1f4ae763952d20014010aa3b44e91d894b0482a4e80004f9204ea07f20fe472
GET /ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Thin.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pazpal.top
Connection: keep-alive
Referer: https://pazpal.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
etag: "60271d64-9be9"
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
paypal-debug-id: efef1c9236f06
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000efef1c9236f06-c429e0d54e0f7d53-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 11:35:12 GMT
x-served-by: cache-sjc10070-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 9700, 1
x-timer: S1675078512.102669,VS0,VE1
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/font-woff2
strict-transport-security: max-age=31557600
content-length: 39913
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Medium.woff2 | 151.101.130.133 | 200 OK | 40 kB |
URL HTTP/2www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Medium.woff2 IP151.101.130.133:0
Hash908150b271a140c18430aa9dd3dcc31e 1e12a092df271d72ca93dbc8dcc7c76156958ace 4f01cd9e0267bd1b91a61ea8b5b1c57e837e53cdc506420df07be7947c731d18
GET /ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Medium.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pazpal.top
Connection: keep-alive
Referer: https://pazpal.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=3600
etag: "60271d64-9bf9"
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
paypal-debug-id: 53e5f05930c47
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 11:35:12 GMT
x-served-by: cache-sjc10063-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 9299, 57
x-timer: S1675078512.106958,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/font-woff2
strict-transport-security: max-age=31557600
content-length: 39929
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Regular.woff2 | 151.101.130.133 | 200 OK | 39 kB |
URL HTTP/2www.paypalobjects.com/ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Regular.woff2 IP151.101.130.133:0
Hash1fab7f2157981feeadbe1e06e71befbc 9a9b717652ad8df06c4584e51c599977f51bd3fa 7ea44b694615ace8bc7da6e141f8638c80cb6fd5090c9548a7619191233f764b
GET /ui-web/paypal-sans-big/1-0-0/PayPalSansBig-Regular.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pazpal.top
Connection: keep-alive
Referer: https://pazpal.top/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
etag: "60271d64-986d"
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
paypal-debug-id: 6fff1bab5d46a
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006fff1bab5d46a-e832fc1341ce9753-01
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 11:35:12 GMT
x-served-by: cache-sjc10047-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 7037, 155
x-timer: S1675078512.107458,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
content-type: application/font-woff2
strict-transport-security: max-age=31557600
content-length: 39021
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 923 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf9c30410e8e6a4c7ed1aaf1bee33ddd7 bd433e107dda584e7805b7224848a98042931173 7be8e258c009a2f62333dd9eebc42573a07d72ce6fd9bdd5e75a613f58feb6a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2778
Expires: Mon, 30 Jan 2023 12:21:30 GMT
Date: Mon, 30 Jan 2023 11:35:12 GMT
Connection: keep-alive
|
|
| www.paypalobjects.com/webstatic/icon/pp196.png | 151.101.130.133 | 200 OK | 3.8 kB |
URL HTTP/2www.paypalobjects.com/webstatic/icon/pp196.png IP151.101.130.133:0
File typePNG image data, 196 x 196, 8-bit/color RGB, non-interlaced\012- data Hashed31bc434b32c89992df3f22f61ca1ec 703347f96597b3c8256be706251d3a7d4684b4c4 c4c1145f22e1dfb0babc27a92d0926a8ff150dd4be4b2b64da67d904e79c829a
GET /webstatic/icon/pp196.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pazpal.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "uOyLz8kMZBJJN3W8u7m7SVs+QXRHmMApjJ9SRQPF0L4"
fastly-io-info: ifsz=6295 idim=196x196 ifmt=png ofsz=3800 odim=196x196 ofmt=png
fastly-stats: io=1
paypal-debug-id: baf540c96b7ff
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 11:35:12 GMT
x-served-by: cache-sjc10040-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 12311, 6273
x-timer: S1675078512.314456,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 3800
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/webstatic/icon/pp32.png | 151.101.130.133 | 200 OK | 1.7 kB |
URL HTTP/2www.paypalobjects.com/webstatic/icon/pp32.png IP151.101.130.133:0
Hash26577077a7f24a6dc1ebdbfc4f54e717 69194675b0e3fe1442db1de57c8e2297f77c47a6 c122dc92469534cd3099cf94de3a81aa85271f2ddfb32573a8e4a565b08a8119
GET /webstatic/icon/pp32.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pazpal.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
dc: ccg11-origin-www-1.paypal.com
etag: "ixxsjh/08yyYkm/Ht3Vfdwl15rzD49JuSBgLHSM/CEE"
fastly-io-info: ifsz=3972 idim=32x32 ifmt=png ofsz=1514 odim=32x32 ofmt=png
fastly-stats: io=1
paypal-debug-id: 30f75bde7ba2a
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 30 Jan 2023 11:35:12 GMT
x-served-by: cache-sjc10062-SJC, cache-bma1643-BMA
x-cache: HIT, HIT
x-cache-hits: 4099, 8987
x-timer: S1675078512.315246,VS0,VE0
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET
strict-transport-security: max-age=31557600
content-length: 1514
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.163.168.122 | 101 Switching Protocols | 208 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.163.168.122:0
Hashc24a3abf0007749ae39188fc78b779f5 756bb2ca2381a2c5971600d7ebc11e78efe89dce 4cf0b36e43053122e588174bf41faf65bdc8276051193cc75fc469f9aa875891
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VG5K662Z67s2Y1InOXyTQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eF+8m7LC3kGhO3wOVFe8Faahkj0=
|
|
| firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675069034600%22 | 35.241.9.150 | 200 OK | 21 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221675069034600%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (20973), with no line terminators Hashd8e8b00d69e52e0b93d5793afcb51283 4c4f55bf49d28f6097b139d8181e46f74f454287 df8168abc215e3be8765f6f64762b355a6d546821ca035fc849c9be100f203b0
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221675069034600%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Mon, 30 Jan 2023 11:02:03 GMT
age: 1990
last-modified: Mon, 30 Jan 2023 08:57:14 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1674595012490&_since=%221662044085942%22 | 35.241.9.150 | 200 OK | 4.3 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1674595012490&_since=%221662044085942%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (4318), with no line terminators Hashd2da10d4238679967f2f1b3c1b9b23c4 975faf29a2f3f3e7033760e2dbcfaedacdf10df0 06f2f6e989845778d3804554769b028d9d95378aafbeffd125c1f977a64b82d3
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1674595012490&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 4318
via: 1.1 google
date: Mon, 30 Jan 2023 10:54:13 GMT
age: 2460
last-modified: Tue, 24 Jan 2023 21:16:52 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| pazpal.top/Billing.php?cmd=_account-details&session=8597e904ea4e60c871e1f35cd500f0f1&dispatch=ae7978f9ff1137bdae9025467704caf46d8acab0 | 188.114.96.1 | 200 OK | 0 B |
URL HTTP/2pazpal.top/Billing.php?cmd=_account-details&session=8597e904ea4e60c871e1f35cd500f0f1&dispatch=ae7978f9ff1137bdae9025467704caf46d8acab0 IP188.114.96.1:0
Analyzer | Verdict | Alert | openphish | PayPal Inc. | | quad9 | Sinkholed | |
GET /Billing.php?cmd=_account-details&session=8597e904ea4e60c871e1f35cd500f0f1&dispatch=ae7978f9ff1137bdae9025467704caf46d8acab0 HTTP/1.1
Host: pazpal.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 11:35:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYCKwxTLVEdwf8G2VG4CtDGCglNddvezJi4O5YbdwMQ2U9wCVqWsFFtSpGu499JcaLy44SC9nK3cp4V9M9Bf5Icy%2B0IKAtxBi7G%2BhHrNUpTdxryOlEdiZmLgve4t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7919e717fa7f0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocdn.ks-ekspert.pl/ec5e6f559ed6864199e7536b9ab90a3210bf897c/PhotoFrameStudio-setup-KS.exe?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=1N9JO8WE3K7SLRY8BPXR/20230130/ocdn/s3/aws4_request&X-Amz-Date=20230130T113243Z&X-Amz-SignedHeaders=host&X-Amz-Expires=7200&X-Amz-Signature=fb0b7faae8a34d241b9d6a5407abe0e7831bc5cc0727ea77d8f65367ceda14e9 | 54.230.111.39 | 200 OK | 0 B |
URL HTTP/1.1ocdn.ks-ekspert.pl/ec5e6f559ed6864199e7536b9ab90a3210bf897c/PhotoFrameStudio-setup-KS.exe?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=1N9JO8WE3K7SLRY8BPXR/20230130/ocdn/s3/aws4_request&X-Amz-Date=20230130T113243Z&X-Amz-SignedHeaders=host&X-Amz-Expires=7200&X-Amz-Signature=fb0b7faae8a34d241b9d6a5407abe0e7831bc5cc0727ea77d8f65367ceda14e9 IP54.230.111.39:0
NIDS | Severity | Alert | suricata | medium | ET POLICY Executable served from Amazon S3 | suricata | high | ET POLICY PE EXE or DLL Windows file download HTTP |
GET /ec5e6f559ed6864199e7536b9ab90a3210bf897c/PhotoFrameStudio-setup-KS.exe?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=1N9JO8WE3K7SLRY8BPXR/20230130/ocdn/s3/aws4_request&X-Amz-Date=20230130T113243Z&X-Amz-SignedHeaders=host&X-Amz-Expires=7200&X-Amz-Signature=fb0b7faae8a34d241b9d6a5407abe0e7831bc5cc0727ea77d8f65367ceda14e9 HTTP/1.1
Host: ocdn.ks-ekspert.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 85873352
Connection: keep-alive
Date: Mon, 30 Jan 2023 11:33:16 GMT
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 14 Nov 2018 14:52:48 GMT
ETag: "4dc81ec9b08d41f322744be83dffef80-9"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-meta-sync-priority: skip
x-amz-version-id: E0yNmwrKHHB49rsU3owaiFhE.XmkOCJM
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cYZtu2Ly5xNvpTb7QXawrw0iZUT6JAzYBRCfv35oP8BqHo31botKuA==
Age: 117
|
|