| https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/ | 81.177.165.131 | 403 Forbidden | 592 B |
URL User Request GET HTTP/1.1https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/ IP 81.177.165.131:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (504), with no line terminators Hashf87a84c6321648091e45721b7943b28d f00ff8b890ef4ae2a1fc0dd011da57bda92a72ba cab55a9f0f425c2becdde45e26c62f111f2bc039fb7d3b600dfa141fb32e10d1
NIDS | Severity | Alert | suricata | medium | ET PHISHING Possible Paypal Phishing Domain Mar 14 2016 | suricata | medium | ET PHISHING Possible Paypal Phishing Domain Mar 14 2016 |
GET / HTTP/1.1
Host: https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 23 May 2024 15:19:16 GMT
Content-Type: text/html
Content-Length: 592
Connection: keep-alive
|
|
| parking-static.jino.ru/static/main.js | 195.161.41.160 | 200 OK | 39 kB |
URL GET HTTP/1.1parking-static.jino.ru/static/main.js IP 195.161.41.160:80
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53321) Hashf3e7770f95acfe58ad1e4fca05385e07 76b9bdf69fe87b6183aac01d00c49890d6a911a2 18662c6edffb3875965f8d4b01357fd333ec481444eea2594b8c591b48cbda1b
GET /static/main.js HTTP/1.1
Host: parking-static.jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Thu, 23 May 2024 15:19:17 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"1dc09d84-1b86c"
Content-Encoding: gzip
|
|
| parking-static.jino.ru/static/payment.js?0a5ca721392a9b15437e | 195.161.41.160 | 200 OK | 49 kB |
URL GET HTTP/1.1parking-static.jino.ru/static/payment.js?0a5ca721392a9b15437e IP 195.161.41.160:80
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (43057) Hash6f09fe28630f5c13fa637de8750d84a0 302972b485cbaa263928cf02976c5c0f9c9217c1 5bebe9a3d314a08c31d2d7857d4a989fef26598f604e51a44851b03018fac9d2
GET /static/payment.js?0a5ca721392a9b15437e HTTP/1.1
Host: parking-static.jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Thu, 23 May 2024 15:19:17 GMT
Content-Type: application/javascript
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"1dc09d84-1eb87"
Content-Encoding: gzip
|
|
| parking-static.jino.ru/static/components/page/logo.svg | 195.161.41.160 | 200 OK | 1.2 kB |
URL GET HTTP/1.1parking-static.jino.ru/static/components/page/logo.svg IP 195.161.41.160:80
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
File typeSVG Scalable Vector Graphics image Hashcdf756532b9e3f96056ccd9a809d8e7f 1a7946e02b68b831ffbf6b47987e4e36ee0b4f2b cbddb47fe51730b469878fb7dbcabc8834cb0a30ba2607b529ea35a94de2bc19
GET /static/components/page/logo.svg HTTP/1.1
Host: parking-static.jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Thu, 23 May 2024 15:19:17 GMT
Content-Type: image/svg+xml
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"1dc09d84-a26"
Content-Encoding: gzip
|
|
| parking-static.jino.ru/static/components/page/icons/page_money.svg | 195.161.41.160 | 200 OK | 532 B |
URL GET HTTP/1.1parking-static.jino.ru/static/components/page/icons/page_money.svg IP 195.161.41.160:80
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
File typeSVG Scalable Vector Graphics image Hashc43644be137f92a9517766332417bf3f 6d8dd1dce4594b9a34e3f6388ad6e84616b6299b 3b5d6f8eb3795b6ccb70218ac1c5fd1f47f6c28c12c06648751080ddc09512fe
GET /static/components/page/icons/page_money.svg HTTP/1.1
Host: parking-static.jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Thu, 23 May 2024 15:19:17 GMT
Content-Type: image/svg+xml
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"1dc09d84-555"
Content-Encoding: gzip
|
|
| jino.ru/static/lib/fonts/ptsans-sub/ptsans-regular.woff2 | 195.161.41.61 | 200 OK | 62 kB |
URL GET HTTP/2jino.ru/static/lib/fonts/ptsans-sub/ptsans-regular.woff2 IP 195.161.41.61:443
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/ CertificateIssuerGlobalSign nv-sa Subject*.jino.ru FingerprintB6:3F:EE:82:3F:06:B1:1F:F6:B6:3F:34:02:3A:77:97:5A:5C:06:A2 ValidityThu, 01 Jun 2023 14:48:13 GMT - Tue, 02 Jul 2024 14:48:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 61600, version 2.328 Hash5d12c58fffdb5ac7fd41f05ee0180a8e b147b184608a46e13bd50c9f7b2e9bede4eba085 84baa1b0c5914a65ef3b6049d5d06cd64c44eb35151e6558940d505b9c5ad8af
GET /static/lib/fonts/ptsans-sub/ptsans-regular.woff2 HTTP/1.1
Host: jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-type: application/octet-stream
date: Thu, 23 May 2024 15:19:17 GMT
etag: "664c3f63-f0a0"
expires: Fri, 23 May 2025 15:19:17 GMT
last-modified: Tue, 21 May 2024 06:29:55 GMT
server: nginx/1.14.2
content-length: 61600
X-Firefox-Spdy: h2
|
|
| jino.ru/static/lib/fonts/ptsans-sub/ptsans-bold.woff2 | 195.161.41.61 | 200 OK | 65 kB |
URL GET HTTP/2jino.ru/static/lib/fonts/ptsans-sub/ptsans-bold.woff2 IP 195.161.41.61:443
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/ CertificateIssuerGlobalSign nv-sa Subject*.jino.ru FingerprintB6:3F:EE:82:3F:06:B1:1F:F6:B6:3F:34:02:3A:77:97:5A:5C:06:A2 ValidityThu, 01 Jun 2023 14:48:13 GMT - Tue, 02 Jul 2024 14:48:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64688, version 2.328 Hashd9c1b50aaa270ee8db756550b1db087a b6e9f4bdadf34d026adc9e347aea5e3a517a56e6 5417217722baa6f09ac21cc56eda3521dd08cc00b3fcecbb80ca764748f63578
GET /static/lib/fonts/ptsans-sub/ptsans-bold.woff2 HTTP/1.1
Host: jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-type: application/octet-stream
date: Thu, 23 May 2024 15:19:17 GMT
etag: "664c3f63-fcb0"
expires: Fri, 23 May 2025 15:19:17 GMT
last-modified: Tue, 21 May 2024 06:29:55 GMT
server: nginx/1.14.2
content-length: 64688
X-Firefox-Spdy: h2
|
|
| api.jino.ru/parking/v1/getDomainPaymentDetailsAsList?domain=https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru | 195.161.41.61 | 200 OK | 783 B |
URL GET HTTP/2api.jino.ru/parking/v1/getDomainPaymentDetailsAsList?domain=https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru IP 195.161.41.61:443
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/ CertificateIssuerGlobalSign nv-sa Subject*.jino.ru FingerprintB6:3F:EE:82:3F:06:B1:1F:F6:B6:3F:34:02:3A:77:97:5A:5C:06:A2 ValidityThu, 01 Jun 2023 14:48:13 GMT - Tue, 02 Jul 2024 14:48:12 GMT
Hashec30414bb9419f7ecf3fd60dff8c96ad 4a273b7be62dab5007c4cd47fb642e141433cc8f f9236b7737538fd4fd2b5491188b24b9be02ab54670026752ec115076ebc59d8
GET /parking/v1/getDomainPaymentDetailsAsList?domain=https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru HTTP/1.1
Host: api.jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Origin: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
content-type: application/json
date: Thu, 23 May 2024 15:19:17 GMT
server: TwistedWeb/19.10.0
content-length: 783
X-Firefox-Spdy: h2
|
|
| https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/favicon.ico | 81.177.165.131 | 403 Forbidden | 592 B |
URL GET HTTP/1.1https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/favicon.ico IP 81.177.165.131:80
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
File typeHTML document, Unicode text, UTF-8 text, with very long lines (504), with no line terminators Hashf87a84c6321648091e45721b7943b28d f00ff8b890ef4ae2a1fc0dd011da57bda92a72ba cab55a9f0f425c2becdde45e26c62f111f2bc039fb7d3b600dfa141fb32e10d1
GET /favicon.ico HTTP/1.1
Host: https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Thu, 23 May 2024 15:19:17 GMT
Content-Type: text/html
Content-Length: 592
Connection: keep-alive
|
|
| parking-static.jino.ru/static/components/payment/clock.svg | 195.161.41.160 | 200 OK | 305 B |
URL GET HTTP/1.1parking-static.jino.ru/static/components/payment/clock.svg IP 195.161.41.160:80
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
File typeSVG Scalable Vector Graphics image Hashd79b1f8ae32ab1df6beb97bf77b2ca38 29d7f3f31b9b0c74da38e12f715f8edbdf00773e c3a86fff6ac8f27c422fbd672cb5aeeabf58ce640dc338864fd62176706164db
GET /static/components/payment/clock.svg HTTP/1.1
Host: parking-static.jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.0
Date: Thu, 23 May 2024 15:19:17 GMT
Content-Type: image/svg+xml
Content-Length: 305
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Connection: keep-alive
ETag: "1dc09d84-131"
Accept-Ranges: bytes
|
|
| media.jino.ru/payment/methods/cardsb@2x.png | 81.177.136.121 | 200 OK | 5.2 kB |
URL GET HTTP/1.1media.jino.ru/payment/methods/cardsb@2x.png IP 81.177.136.121:443
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/ CertificateIssuerLet's Encrypt Subjectmedia.jino.ru Fingerprint4A:D2:95:20:C1:FD:ED:0D:62:96:F9:2E:11:84:06:6B:85:33:D3:A7 ValidityFri, 10 May 2024 16:02:17 GMT - Thu, 08 Aug 2024 16:02:16 GMT
File typePNG image data, 248 x 160, 8-bit/color RGBA, non-interlaced Hash2ddd3792d132ddaffa9ad1b71d8c929a 0a5dbaff1b044dd51da375e6b6b4dfbf2e032d65 1563ccb503dfdf91742d903c7fae6c3ed3a2f3ed5cc27411efcb4d3dd9fe2437
GET /payment/methods/cardsb@2x.png HTTP/1.1
Host: media.jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 May 2024 15:19:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Last-Modified: Mon, 26 Apr 2021 11:30:24 GMT
ETag: "1464-5c0de78ba4667"
Accept-Ranges: bytes
Content-Length: 5220
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| media.jino.ru/payment/methods/sms@2x.png | 81.177.136.121 | 200 OK | 2.6 kB |
URL GET HTTP/1.1media.jino.ru/payment/methods/sms@2x.png IP 81.177.136.121:443
Requested byhttp://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/ CertificateIssuerLet's Encrypt Subjectmedia.jino.ru Fingerprint4A:D2:95:20:C1:FD:ED:0D:62:96:F9:2E:11:84:06:6B:85:33:D3:A7 ValidityFri, 10 May 2024 16:02:17 GMT - Thu, 08 Aug 2024 16:02:16 GMT
File typePNG image data, 248 x 160, 8-bit colormap, non-interlaced Hashe5bfe3f89b9391cd436e002fd23776c8 9b1cec51accb8d11231f00b27ceb45526bd1953f b59d335d3995d3ed9e37e9341621cb22b4f205c22b09a64b0c7d98e6fc19d39a
GET /payment/methods/sms@2x.png HTTP/1.1
Host: media.jino.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://https.www.paypal.com.ttlart2012ttcysu.aylandirow.tmf.org.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 23 May 2024 15:19:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Last-Modified: Mon, 26 Apr 2021 11:30:24 GMT
ETag: "a1f-5c0de78c0f169"
Accept-Ranges: bytes
Content-Length: 2591
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|