Report - paidnew.com/

Report Overview

Submitted URL
paidnew.com/
IP
209.126.127.196
ASN
#30083 AS-30083-GO-DADDY-COM-LLC
Submitted
2022-11-27 23:14:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
paidnew.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	215 kB	209.126.127.196
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	305 B	34 kB	142.250.74.106
ocsp.starfieldtech.com	6616	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	692 B	4.7 kB	192.124.249.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www8.afsanalytics.com	679944	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	4.3 kB	192.99.104.202
dev.visualwebsiteoptimizer.com	5085	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.5 kB	34.96.102.137
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.42.74.230
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-27	medium	paidnew.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	paidnew.com/	1.1 kB	2023-03-07	2023-11-07
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:59 Last Seen2023-11-07 07:45:14 Times Seen5 Hash 608c1a7720761b02ae9aea6c39530cbd 01d766dd24ade53e85996e9b6b08604b99935c2f 29daa08f188de8f8c73373b1bccc1f90887e5421012b3600eb105ce5de70ff82 Loading...

	paidnew.com/	1.3 kB	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 5665139f6f75c35042456cc6e3648159 b6a13d38f0a9f78f38567a92d8fc9ee108d75545 cd516c068ae63056fde0896fac680b1cb7688c69bd2efdfb6e9933cf238d1f4a Loading...

	paidnew.com/	1.2 kB	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 1ada5d3ea65489137e1b74a25744da7b 3c59c3d2d0cbc21a13dc54a7f96c9cf6e9e3ef8d 184fbb727e6f803d9f6920ecbee96e3d428bde89a8ca8e6b88cb13cc42f5e8f6 Loading...

	www8.afsanalytics.com/cgi-bin/afstracka.cgi?usr=00831233	1.6 kB	2023-03-08	2023-03-11
Pretty URL www8.afsanalytics.com/cgi-bin/afstracka.cgi?usr=00831233 IP 192.99.104.202 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:33:36 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 106f20f3263c3ffad104fd7890e30461 be14ba6527384ca2238d1b34e2a6d30055d3dde4 ce41efbdbe071037208d01533010259cbb13bb6668d8574595574059a73bfb9c Loading...

	paidnew.com/	1.1 kB	2023-03-07	2023-11-07
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:59 Last Seen2023-11-07 07:45:14 Times Seen3 Hash 223de28e1d159439f486b4772154a0f8 acd7f6b1ac4bf1f26e9bc61a5f7695a69540c02d cff2b804b16544681cfa785d2dbb50fbdf4560b7dcdb70f5b4be95f50f3d29bf Loading...

	paidnew.com/	1.5 kB	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 6a81b59f863471dad5b1800980870df0 1a35d9abf3b35fca8a27791a3b6fe055ef74c75c a3b0d57c31fc4160e9ee7e8cb3e4e85cba8427fcf49ba1465bb1565b292d5ccc Loading...

	paidnew.com/	724 B	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 6d0c704a90c67cdb7bcc2b64cebb3109 544f478996cc8e15d8b45d0ebd7fd67f7922efdb 9dc7fe5791158d90308ea1e578429dd5e874ec2b41a6db36e113526e9c9c894e Loading...

	paidnew.com/	245 B	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:37:25 Last Seen2023-03-11 21:37:25 Times Seen1 Hash afb3f40b075eb2dbedd45937eed796a2 dd44ef2ecd481eb878c77bb9efcb71806c420330 895ee380a90e500131ef88d6e0cd82adb09ab505837fade3cb4bfc3b2211bc2f Loading...

	dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801	2.7 kB	2023-03-11	2023-03-11
Pretty URL dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801 IP 34.96.102.137 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:37:25 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 1f400e6d3d038b19f81f68c9ca95cdd7 e836b96d4248a38970f1fa65773e743c4aa2985c fc54c503096aaf1212532e1c90a9c7817d2bd5549ce33c7544370cd8214fdf4e Loading...

	paidnew.com/	1.2 kB	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 42d4a8a450b88cf62863fb0f4d6e276a 57d0a4a49ed41e9b373b5b22827352e2f26171e4 af02dc9d086cf399645b53295df11a33aee2b96472c6216cbc361c3ed0878894 Loading...

	paidnew.com/	517 B	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash f475cc907b4a78ac1d71f19695ef4b9b 7f70f0a48da91a07b9e7a6fe7324f10a0587d268 9b480b90d9c2337d84c5c99447dda9c38206ec40e90183a6814cee3507f564c9 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js	94 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-24 01:16:50 Times Seen10467 Hash ddb84c1587287b2df08966081ef063bf 9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f 88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd Loading...

	paidnew.com/	555 B	2023-03-07	2023-11-07
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:59 Last Seen2023-11-07 07:45:14 Times Seen5 Hash d439f069eb504e18cb13a15c50c96316 cc7675a85a3cc86ab3656b94a0aa28c8813567e9 59524546626d39e958a2400fb8cc3c38c1797042176f70b739f47e70f4e45de4 Loading...

	paidnew.com/	1.5 kB	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 1a70a095961819152c62c9a9c7dad2a0 90364e906f2f9064ff99937e77a13a0e08fd5595 d51ff5f20fbe89f7d8ac1315d90c83757e20a5f4f71723494a96c067e930475a Loading...

	paidnew.com/	1.0 kB	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash d4bf9d1c8bc06a477457bbb49ef5f748 37c7a9fcb14213940bb3cf24a19ff2fb2e20f743 f9fd470371038bac372bfb3d9b4faeb269ff0850e06140a1ef9743bc5a57b47c Loading...

	paidnew.com/	776 B	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash e290f2e983882c74184ead473c939c0f a7ad9986c08488e2239dbe9d7088189668c0ebea 38c4a9d07549722b16271f4d4061d73fc47686c0bc14dd1a8867e99aa7a1da99 Loading...

	paidnew.com/	737 B	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash d2b40022d0fdae5f3f174d0962db3151 ef840c816175da2854092ac9804c2f8ed0c80af5 51df24e575f422c0190ee8554cacda01b10c935c083155d57c565eeff57d91f5 Loading...

	paidnew.com/	1.3 kB	2023-03-11	2023-03-11
Pretty URL paidnew.com/ IP 209.126.127.196 ASN #30083 AS-30083-GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:28:33 Last Seen2023-03-11 21:37:25 Times Seen1 Hash f8af1db712a9b600fb35a2abb00cb4db e34058417896f8356c3568d53da3454b6918f58e 31b8b84db50626fb21f4f3fc9d8046e188d57a2fb6fe2eb32e41559e3698ca35 Loading...

		Size	First Seen	Last Seen
	#1 Write - 26636dafca4aee2bddcdc4d398cc2904	25 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 19:19:44 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 26636dafca4aee2bddcdc4d398cc2904 d50706f47657ef5f23918aaaf16dd62236705bd8 f22f9e435241315ad4f9200e26f1429172dc81d53f74ec328bcf53ecaa482ca6 Loading...

	#2 Write - a1acc4e8f28972fae7393715652ca1ee	25 B	2023-03-11	2023-03-12
Pretty Observations First Seen2023-03-11 21:37:25 Last Seen2023-03-12 07:04:22 Times Seen1 Hash a1acc4e8f28972fae7393715652ca1ee aa7c00d4a2d85839c61ade7fb0907246c72978a9 c80e13824e137db4a685919f751a2e6fd58d350959ef1e6d5c0e47b9603703a3 Loading...

	#3 Write - 797ec4f517e3075f6bdb212a08f4f72a	27 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 20:24:30 Last Seen2023-03-11 21:37:25 Times Seen1 Hash 797ec4f517e3075f6bdb212a08f4f72a 95ae99c724842ea3f6547b0c2ca397ff56dc841c c60bc87153d72e5dc892b0e73dd1242d3f21df87d047744bf223fe4cb44b0c18 Loading...

HTTP Transactions (39)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8275
Expires: Mon, 28 Nov 2022 01:31:52 GMT
Date: Sun, 27 Nov 2022 23:13:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5898
Cache-Control: max-age=132934
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 23:13:57 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:09:31 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7085
Expires: Mon, 28 Nov 2022 01:12:02 GMT
Date: Sun, 27 Nov 2022 23:13:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 22:19:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3271
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: f0+N94zw+8DnaOLhtd59929IK5yfJSd1UATm7qfX9dgZlz06w+akI4lQcPpPKjPi4d/pe7ha3MYxFxFVS70vdQ==
x-amz-request-id: YDM5D2NF1ETB5QCA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 22:41:49 GMT
age: 1928
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 23:13:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

paidnew.com/

209.126.127.196

200 OK

12 kB

URL HTTP/1.1
paidnew.com/
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (721), with CRLF line terminators
Size
12 kB (12277 bytes)
Hash
9d19dc81332dc97a4c8c9da34ece81b2
3b09da00cf1f964a0eabaaa967c929c0eedbe1b5
fd177d5d13bbaea62f813d3e0cf41feca79c7e8187fee170e8e4d9e32307641f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:57 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12277
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

142.250.74.106

200 OK

33 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
33 kB (33333 bytes)
Hash
18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0

HTTP Headers

GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 08:31:18 GMT
Expires: Wed, 22 Nov 2023 08:31:18 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 484959

paidnew.com/biz_style.css

209.126.127.196

200 OK

1.5 kB

URL HTTP/1.1
paidnew.com/biz_style.css
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (407)
Size
1.5 kB (1542 bytes)
Hash
e8794fb2c66198cf28a485f0b9b282b9
f95a4506cff148b9a93589aa160e9348dcf90014
6b0b73afea12e68b9b11fa967cf82134b8381a1af5636dbb82ffcb38cb48bc0a

HTTP Headers

GET /biz_style.css HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:57 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:28:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1542
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

paidnew.com/top1fb-ohd.png

209.126.127.196

200 OK

3.9 kB

URL HTTP/1.1
paidnew.com/top1fb-ohd.png
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
PNG image data, 350 x 23, 8-bit/color RGBA, non-interlaced\012- data
Size
3.9 kB (3916 bytes)
Hash
d22a8e9cff1a126d115089c4cf2c16a4
7aabcc273ac80c0bcf1794fc17eea9d3dfefbe2e
47505f97cf9529a2f95e92f3dbeaf9449fcea64c1da849086acb38932950590f

HTTP Headers

GET /top1fb-ohd.png HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:57 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:32:00 GMT
Accept-Ranges: bytes
Content-Length: 3916
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

paidnew.com/newslogo.gif

209.126.127.196

200 OK

802 B

URL HTTP/1.1
paidnew.com/newslogo.gif
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
GIF image data, version 89a, 106 x 20\012- data
Size
802 B (802 bytes)
Hash
7956eaf89ab589b0b376f469927ba44a
6b1d447d8e88d0713916a81bf9a7263ee3d013c4
057fa335f42280674ec7215c9b2968876894c6d36485fc54ae78c39bdd291ce1

HTTP Headers

GET /newslogo.gif HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:57 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:39:03 GMT
Accept-Ranges: bytes
Content-Length: 802
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 23:08:54 GMT
cache-control: public,max-age=3600
age: 304
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

paidnew.com/index_r6_c1.gif

209.126.127.196

200 OK

7.5 kB

URL HTTP/1.1
paidnew.com/index_r6_c1.gif
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
GIF image data, version 89a, 1100 x 48\012- data
Size
7.5 kB (7513 bytes)
Hash
83fc56e7318af01f3b60505edf8b5096
f734f61710737010eb13d61749fc9d97ebc2ae11
4a08a9d407ce88772e00e8128ca53286a680cc7aba415f323b90308f6143cc1e

HTTP Headers

GET /index_r6_c1.gif HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:33:00 GMT
Accept-Ranges: bytes
Content-Length: 7513
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif

paidnew.com/nataliecomputer.jpg

209.126.127.196

200 OK

8.3 kB

URL HTTP/1.1
paidnew.com/nataliecomputer.jpg
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 174x111, components 3\012- data
Size
8.3 kB (8321 bytes)
Hash
d35f36c15768065229d9582c544d6344
02aeac2ac99075f50f6ced7c32c7fbaea2c6f948
59d94fea9cd1bf952caeebe76c5a35549538c93c8caa737f2565bdac51ce359b

HTTP Headers

GET /nataliecomputer.jpg HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:33:24 GMT
Accept-Ranges: bytes
Content-Length: 8321
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

paidnew.com/avatar-new.png

209.126.127.196

200 OK

2.0 kB

URL HTTP/1.1
paidnew.com/avatar-new.png
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1956 bytes)
Hash
d4c66641cdd359951671de6e97cab56b
5a8f174bd5736b8a21442aa277e8b46ff7bca3b3
8fb54eb42a4942f937eeca27b31ddc7bd5cb7ee2a9fe7310af46656105fbbd8d

HTTP Headers

GET /avatar-new.png HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:34:27 GMT
Accept-Ranges: bytes
Content-Length: 1956
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

paidnew.com/article-check.jpg

209.126.127.196

200 OK

26 kB

URL HTTP/1.1
paidnew.com/article-check.jpg
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 506x336, components 3\012- data
Size
26 kB (25471 bytes)
Hash
6785250e4a8e98018fcae12e412312b6
d8891f9945d4bcc7affaa15f72dba67ae60c4d8b
cd99014e2053c882ce2c525b506292b4a1cb05412999f94bf0c3b4d1afcccfd6

HTTP Headers

GET /article-check.jpg HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:33:47 GMT
Accept-Ranges: bytes
Content-Length: 25471
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

paidnew.com/article-screenshot2.jpg

209.126.127.196

200 OK

35 kB

URL HTTP/1.1
paidnew.com/article-screenshot2.jpg
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 506x259, components 3\012- data
Size
35 kB (34988 bytes)
Hash
7206aaa1e4f57418abb05f3781dc276c
07dc6cadffbe29f58c9cafca30eeceb0bac00a40
285383510ab68fed5ca44b3c5772e9b4a1702720ac7f2b8fd319302c2ddff681

HTTP Headers

GET /article-screenshot2.jpg HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:34:05 GMT
Accept-Ranges: bytes
Content-Length: 34988
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

paidnew.com/mort.png

209.126.127.196

200 OK

36 kB

URL HTTP/1.1
paidnew.com/mort.png
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
PNG image data, 250 x 261, 8-bit/color RGB, non-interlaced\012- data
Size
36 kB (36304 bytes)
Hash
729db22fb84fc358edfa81913869c54e
3a349f1dff120c1c4aa28de36019a9dc22d88d84
620a3fb104868b76edaf7167101b1276139d89a63ae5f3a1818ae0707c4d3d03

HTTP Headers

GET /mort.png HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:38:36 GMT
Accept-Ranges: bytes
Content-Length: 36304
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

www8.afsanalytics.com/cgi-bin/afstracka.cgi?usr=00831233

192.99.104.202

200 OK

1.6 kB

URL HTTP/1.1
www8.afsanalytics.com/cgi-bin/afstracka.cgi?usr=00831233
IP
192.99.104.202:0
ASN
#16276 OVH SAS

File type
HTML document, ASCII text
Size
1.6 kB (1592 bytes)
Hash
106f20f3263c3ffad104fd7890e30461
be14ba6527384ca2238d1b34e2a6d30055d3dde4
ce41efbdbe071037208d01533010259cbb13bb6668d8574595574059a73bfb9c

HTTP Headers

GET /cgi-bin/afstracka.cgi?usr=00831233 HTTP/1.1
Host: www8.afsanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:14:00 GMT
Server: Apache
Expires: Tue, 20 Aug 1996 14:25:27 GMT
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript;charset=UTF-8

paidnew.com/mom-221.jpg

209.126.127.196

200 OK

20 kB

URL HTTP/1.1
paidnew.com/mom-221.jpg
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 242x287, components 3\012- data
Size
20 kB (20003 bytes)
Hash
3ff8ee8671306f3e1d241c72df4db0a1
d61861aad490cd6ec6e91bfdcba9023ffc180b5b
b5310385a67dcb529e1a09efb363e8f6dc7bcd41dc2e5a844590ae245e070434

HTTP Headers

GET /mom-221.jpg HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:37:36 GMT
Accept-Ranges: bytes
Content-Length: 20003
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

paidnew.com/cfr_header.jpg

209.126.127.196

200 OK

59 kB

URL HTTP/1.1
paidnew.com/cfr_header.jpg
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 980x99, components 3\012- data
Size
59 kB (58621 bytes)
Hash
0c070950852a38e38e1bccad97b15051
f0e726a23281022574435ea150fbdf4f837d16b6
c73666c7df674c971abb69928e8fda2b3125e07b96b9a248438444396c7f06d0

HTTP Headers

GET /cfr_header.jpg HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Last-Modified: Mon, 18 Mar 2019 08:32:36 GMT
Accept-Ranges: bytes
Content-Length: 58621
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2936
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 23:13:58 GMT
Last-Modified: Sun, 27 Nov 2022 22:25:02 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801

34.96.102.137

301 Moved Permanently

166 B

URL HTTP/1.1
dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801
IP
34.96.102.137:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
166 B (166 bytes)
Hash
3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691

HTTP Headers

GET /j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/

HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 23:13:58 GMT
Content-Type: text/html
Content-Length: 166
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;
Location: https://dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801
server: gams1
Timing-Allow-Origin: *
Via: 1.1 google

www8.afsanalytics.com/cgi-bin/connect.cgi?usr=00831233Pauto&js=1&title=Work%20At%20Home%20Special%20Report!&url=http%3A%2F%2Fpaidnew.com%2F&refer=&rua=0&resolution=1280x1024&color=24&Tips=0.3443669194429272

192.99.104.202

200 OK

1.9 kB

URL HTTP/1.1
www8.afsanalytics.com/cgi-bin/connect.cgi?usr=00831233Pauto&js=1&title=Work%20At%20Home%20Special%20Report!&url=http%3A%2F%2Fpaidnew.com%2F&refer=&rua=0&resolution=1280x1024&color=24&Tips=0.3443669194429272
IP
192.99.104.202:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 90 x 36\012- data
Size
1.9 kB (1893 bytes)
Hash
d309084efd0f08302f5bcee107fb5a3a
fe33e3e11df6a0b4ccb38dbab5cfc5b5f9c12dc9
d7a6becc3e77680b2cab64738ae22dd6b7bdcaa75f30cd0f18a0287df2324aa6

HTTP Headers

GET /cgi-bin/connect.cgi?usr=00831233Pauto&js=1&title=Work%20At%20Home%20Special%20Report!&url=http%3A%2F%2Fpaidnew.com%2F&refer=&rua=0&resolution=1280x1024&color=24&Tips=0.3443669194429272 HTTP/1.1
Host: www8.afsanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/

HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 23:14:01 GMT
Server: Apache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: X-Forwarded-For, Forwarded-For, X-Client-IP, Client-IP, X-Real-IP, X-Requested-With, Content-Type,withCredentials
Access-Control-Max-Age: 3600
P3P: CP="ADMa OUR UNI NID DSP NOI COR"
Cache-Control: max-age=0
Expires: Sun, 27 Nov 2022 23:14:01 GMT
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/gif

paidnew.com/favicon.ico

209.126.127.196

404 Not Found

315 B

URL HTTP/1.1
paidnew.com/favicon.ico
IP
209.126.127.196:0
ASN
#30083 AS-30083-GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: paidnew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://paidnew.com/
Cookie: PHPSESSID=64cad79f12cfacb889af7eb0226a3276

HTTP/1.1 404 Not Found
Date: Sun, 27 Nov 2022 23:13:58 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.starfieldtech.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
a32f7391d9d1c57a8de8e38913ce2f6c
6d8334a916c64274210fcb6c348c1052bb101189
07d494c31cd0277fd68dd61d3029cb26fef5cfa1cbe003c62fed3dbe7b17ab21

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 27 Nov 2022 23:13:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 27 Nov 2022 20:21:47 GMT
Expires: Mon, 28 Nov 2022 20:21:47 GMT
ETag: "6d8334a916c64274210fcb6c348c1052bb101189"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

push.services.mozilla.com/

52.42.74.230

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.74.230:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UqX8tKiSSpQGiB6/lebOQA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0fI0NwkhGnsUsHN1dj8YLs24TTA=

ocsp.starfieldtech.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.starfieldtech.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1845 bytes)
Hash
a32f7391d9d1c57a8de8e38913ce2f6c
6d8334a916c64274210fcb6c348c1052bb101189
07d494c31cd0277fd68dd61d3029cb26fef5cfa1cbe003c62fed3dbe7b17ab21

HTTP Headers

POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 27 Nov 2022 23:13:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 27 Nov 2022 20:21:47 GMT
Expires: Mon, 28 Nov 2022 20:21:47 GMT
ETag: "6d8334a916c64274210fcb6c348c1052bb101189"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=7443&d=paidnew.com&u=D8EB843EBF3099107B239E40D1CDCAC6C&h=41818882fe28e555b98f63625e876f9a&t=false&r=0.4444244989173849

34.96.102.137

200 OK

35 B

URL HTTP/2
dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=7443&d=paidnew.com&u=D8EB843EBF3099107B239E40D1CDCAC6C&h=41818882fe28e555b98f63625e876f9a&t=false&r=0.4444244989173849
IP
34.96.102.137:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /v.gif?cd=0&a=7443&d=paidnew.com&u=D8EB843EBF3099107B239E40D1CDCAC6C&h=41818882fe28e555b98f63625e876f9a&t=false&r=0.4444244989173849 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://paidnew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 27 Nov 2022 23:13:58 GMT
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
expires: Mon, 10 Jan 2005 00:00:01 GMT
pragma: no-cache
x-content-type-options: nosniff
content-length: 35
server: gnv1c
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11183
Expires: Mon, 28 Nov 2022 02:20:22 GMT
Date: Sun, 27 Nov 2022 23:13:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11183
Expires: Mon, 28 Nov 2022 02:20:22 GMT
Date: Sun, 27 Nov 2022 23:13:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11183
Expires: Mon, 28 Nov 2022 02:20:22 GMT
Date: Sun, 27 Nov 2022 23:13:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4254 bytes)
Hash
300ba2bd11eefb4b5b9ba5b9d56c6cca
55c9d2899b16945f329d0dacc021161038629988
a866abff0b6b5c6ed6758f1208f106d8f00c7f16fa07f2a676301cce8301e964

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4254
x-amzn-requestid: 9c63d2a1-e805-4114-8875-fc1dc022c047
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHopoAMFq0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-395ca7b76b364c11172fbdd6;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tFKbj-Jui_NW_73l_-W1Ja9sHqNKCSA3P8O3IZR38idkSAACjsnIMw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:49 GMT
etag: "55c9d2899b16945f329d0dacc021161038629988"
content-type: image/jpeg
age: 4630
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8517 bytes)
Hash
577b69fd08ad8368ea5a94fe41476c1c
9442f111d329f721ddc55100cd246586d8204048
bdafc5068032dcf5e207cf2685a1b9350dbe8d990ba181520ff47889524532f2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1f41832-bc78-4527-a3e7-8099266ecb52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8517
x-amzn-requestid: 12456791-0e7f-45d7-97ae-d663c8fa841d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvHHLoAMFVqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-54ed1ec101789247052c9ec8;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nultDXAkaHp6QxGLyEw4fwxN7pWlANJhy8lalSyZuJesPboNe9pFWg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 07:12:40 GMT
age: 57679
etag: "9442f111d329f721ddc55100cd246586d8204048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15639 bytes)
Hash
0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxNulyOR88nEcjtrXm1dECsulI-MsAxm2Zl0Y83uMz23lGh18d-ZBA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:55 GMT
age: 4624
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8568 bytes)
Hash
13f4c2b3410532b6c756990f1759da46
16096289cd354fada56dbb3f2d75d406ae8ab62f
9894d998a884f2b5637bd12b0cd3df556835ea7a3134eb0f516fc03e3d31c26c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8568
x-amzn-requestid: da2726a2-20ad-4201-b4e9-3de9be88a485
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7-BHcUIAMFieA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f3-370921803a9de7e627682c94;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MqWCYm26OnmydU-vE7YdPyUvmcS2Q9uqWJnG_0wOMymdkGJjI7tR6Q==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:19:39 GMT
age: 3260
etag: "16096289cd354fada56dbb3f2d75d406ae8ab62f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11255 bytes)
Hash
6e240caa3153ea25c34d07185b47f8a5
602e8ba5c6671ff947acfda757577ddc8ecec6ec
c2b37bf1ef003ceffaaf4612f2001b6f7998d5b95cd55b32c79fefcb24ccad7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11255
x-amzn-requestid: ce06e0cc-3874-4a3d-a6c5-5cc1cb342138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7w8EEOIAMF_6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99f-5ca652aa369ee1690b0d08cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0diXekmaxz0zbwy1wShePUxsvtC59YoEPcLJmS_ql6uKG0MtqbxbeQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:03:04 GMT
age: 4255
etag: "602e8ba5c6671ff947acfda757577ddc8ecec6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69fecdd0-f203-4856-9306-7df6eb537732.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7444 bytes)
Hash
515b38218003c32df1ae80c1028ca88c
1b129f9794cbee796ec6321c52d062a58e3c26ab
acc804008b482ba917a113be5361f5172b973db477947b3da749d3287774980f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69fecdd0-f203-4856-9306-7df6eb537732.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7444
x-amzn-requestid: 71662fef-ed42-4596-ae11-80d8fc05f7fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGNloAMFjZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-4fd8cdaa43d66ba20286e4ed;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OzmdUPtDp11ymTQ4BfzdNELHeUhpm96MiMjAdCPY2xgFoNoLVLvDww==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:40 GMT
etag: "1b129f9794cbee796ec6321c52d062a58e3c26ab"
content-type: image/jpeg
age: 4639
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801

34.96.102.137

200 OK

0 B

URL HTTP/2
dev.visualwebsiteoptimizer.com/j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801
IP
34.96.102.137:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /j.php?a=7443&u=http%3A%2F%2Fpaidnew.com%2F&r=0.06107923943281801 HTTP/1.1
Host: dev.visualwebsiteoptimizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://paidnew.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 27 Nov 2022 23:13:58 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=0, no-cache, must-revalidate
server: gams1
timing-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations