| 01.104-168-101-28.cprapid.com/PayPaI/ | 104.168.101.28 | 200 OK | 39 kB |
URL User Request GET HTTP/1.101.104-168-101-28.cprapid.com/PayPaI/ IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectcpcalendars.01.104-168-101-28.cprapid.com Fingerprint19:95:8C:C8:7E:ED:38:32:D9:4E:61:D0:C1:0B:1A:EF:BE:81:45:D2 ValidityWed, 08 May 2024 06:39:32 GMT - Tue, 06 Aug 2024 06:39:31 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (583) Hash0782ee710c1d8e22cc981429b70a7f14 79ede7429ea4fcbfffa7f6b9bda6edc283156186 a4350658efad40568c6cedfdf1c9d1801250f4e2dcc1c91d40af4ccb94c45e60
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - PayPal |
GET /PayPaI/ HTTP/1.1
Host: 01.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:38:02 GMT
Server: Apache
Set-Cookie: COOKIE_KEY=171520068247; expires=Sat, 06-May-2034 20:38:02 GMT; Max-Age=315360000
COOKIE_KEY=171520068237; expires=Sat, 06-May-2034 20:38:02 GMT; Max-Age=315360000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| 01.104-168-101-28.cprapid.com/PayPaI/jquery-3.5.1.min.js | 104.168.101.28 | 200 OK | 90 kB |
URL GET HTTP/1.101.104-168-101-28.cprapid.com/PayPaI/jquery-3.5.1.min.js IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerLet's Encrypt Subjectcpcalendars.01.104-168-101-28.cprapid.com Fingerprint19:95:8C:C8:7E:ED:38:32:D9:4E:61:D0:C1:0B:1A:EF:BE:81:45:D2 ValidityWed, 08 May 2024 06:39:32 GMT - Tue, 06 Aug 2024 06:39:31 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - PayPal |
GET /PayPaI/jquery-3.5.1.min.js HTTP/1.1
Host: 01.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/PayPaI/
Cookie: COOKIE_KEY=171520068237
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:38:02 GMT
Server: Apache
Last-Modified: Tue, 10 Nov 2020 02:33:54 GMT
Accept-Ranges: bytes
Content-Length: 89476
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| 01.104-168-101-28.cprapid.com/PayPaI/asset/modernizr-2.6.1.js.download | 104.168.101.28 | 200 OK | 3.8 kB |
URL GET HTTP/1.101.104-168-101-28.cprapid.com/PayPaI/asset/modernizr-2.6.1.js.download IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerLet's Encrypt Subjectcpcalendars.01.104-168-101-28.cprapid.com Fingerprint19:95:8C:C8:7E:ED:38:32:D9:4E:61:D0:C1:0B:1A:EF:BE:81:45:D2 ValidityWed, 08 May 2024 06:39:32 GMT - Tue, 06 Aug 2024 06:39:31 GMT
File typeJavaScript source, ASCII text, with very long lines (3807), with no line terminators Hasha635a55ddb6339a3d0d01c641f670753 a6dee4a1df6c51b82ce2e67323514e7de4e165d4 a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - PayPal |
GET /PayPaI/asset/modernizr-2.6.1.js.download HTTP/1.1
Host: 01.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/PayPaI/
Cookie: COOKIE_KEY=171520068237
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:38:02 GMT
Server: Apache
Last-Modified: Sat, 09 Apr 2022 02:10:34 GMT
Accept-Ranges: bytes
Content-Length: 3807
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| 01.104-168-101-28.cprapid.com/PayPaI/asset/contextualLoginElementalUI.css | 104.168.101.28 | 200 OK | 127 kB |
URL GET HTTP/1.101.104-168-101-28.cprapid.com/PayPaI/asset/contextualLoginElementalUI.css IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerLet's Encrypt Subjectcpcalendars.01.104-168-101-28.cprapid.com Fingerprint19:95:8C:C8:7E:ED:38:32:D9:4E:61:D0:C1:0B:1A:EF:BE:81:45:D2 ValidityWed, 08 May 2024 06:39:32 GMT - Tue, 06 Aug 2024 06:39:31 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size127 kB (127348 bytes) Hashf955847d72fd5d05f67c2b1c1149d754 f361a049f83f89318dc70625f8e423f5240100f3 01d22d817734af994105ec6ab2a7c0682792b9360d81a5f6f80171e7d78f5e89
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - PayPal |
GET /PayPaI/asset/contextualLoginElementalUI.css HTTP/1.1
Host: 01.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/PayPaI/
Cookie: COOKIE_KEY=171520068237
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:38:02 GMT
Server: Apache
Last-Modified: Sun, 10 Apr 2022 05:55:48 GMT
Accept-Ranges: bytes
Content-Length: 127348
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2 | 192.229.221.25 | 200 OK | 25 kB |
URL GET HTTP/2www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2 IP192.229.221.25:443
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerDigiCert Inc Subjectwww.paypal.com Fingerprint4B:C0:E1:F0:16:B3:A4:B3:63:08:41:DF:F2:EF:8D:65:54:1D:30:B1 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 31 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 25368, version 1.6553 Hash186b9e5be0671c3c941a2a4966beb47a 0255bf2f48460eb212c93242740f5bef01e858c4 1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
GET /paypal-ui/fonts/PayPalSansBig-Regular.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://01.104-168-101-28.cprapid.com
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/font-woff2
date: Wed, 08 May 2024 20:38:03 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271cda-6318"
expires: Wed, 08 May 2024 21:38:03 GMT
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
paypal-debug-id: 68b1b20cb6d40
server: ECAcc (ska/F744)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000068b1b20cb6d40-6559e47b7df8266a-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 25368
X-Firefox-Spdy: h2
|
|
| 01.104-168-101-28.cprapid.com/PayPaI/logo2.png | 104.168.101.28 | 200 OK | 4.7 kB |
URL GET HTTP/1.101.104-168-101-28.cprapid.com/PayPaI/logo2.png IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerLet's Encrypt Subjectcpcalendars.01.104-168-101-28.cprapid.com Fingerprint19:95:8C:C8:7E:ED:38:32:D9:4E:61:D0:C1:0B:1A:EF:BE:81:45:D2 ValidityWed, 08 May 2024 06:39:32 GMT - Tue, 06 Aug 2024 06:39:31 GMT
File typePNG image data, 109 x 108, 8-bit/color RGBA, non-interlaced Hash0945b9897ed56b0fa23657a498e95cbb a2e7dfaee066f87974260df7db70e31ed083f6cd f94bbcdc85550617ce6a1a0a7fbbac21916203913dfc34f3d964c26c6f289a16
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - PayPal |
GET /PayPaI/logo2.png HTTP/1.1
Host: 01.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/PayPaI/
Cookie: COOKIE_KEY=171520068237
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:38:03 GMT
Server: Apache
Last-Modified: Sun, 10 Apr 2022 05:53:22 GMT
Accept-Ranges: bytes
Content-Length: 4655
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| 01.104-168-101-28.cprapid.com/PayPaI/logo.png | 104.168.101.28 | 200 OK | 20 kB |
URL GET HTTP/1.101.104-168-101-28.cprapid.com/PayPaI/logo.png IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerLet's Encrypt Subjectcpcalendars.01.104-168-101-28.cprapid.com Fingerprint19:95:8C:C8:7E:ED:38:32:D9:4E:61:D0:C1:0B:1A:EF:BE:81:45:D2 ValidityWed, 08 May 2024 06:39:32 GMT - Tue, 06 Aug 2024 06:39:31 GMT
File typePNG image data, 640 x 640, 8-bit/color RGBA, non-interlaced Hashb1c4022aba2457bec56a7ccd156ccc82 158db9d9f77feb05bd76711e7799414726f39965 0f3865cc6457d894803208cf37a85c77316b841d42a27d054826e416c9404349
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - PayPal |
GET /PayPaI/logo.png HTTP/1.1
Host: 01.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/PayPaI/
Cookie: COOKIE_KEY=171520068237
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 May 2024 20:38:03 GMT
Server: Apache
Last-Modified: Sun, 10 Apr 2022 05:48:36 GMT
Accept-Ranges: bytes
Content-Length: 20290
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| 01.104-168-101-28.cprapid.com/favicon.ico | 104.168.101.28 | 404 Not Found | 315 B |
URL GET HTTP/1.101.104-168-101-28.cprapid.com/favicon.ico IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerLet's Encrypt Subjectcpcalendars.01.104-168-101-28.cprapid.com Fingerprint19:95:8C:C8:7E:ED:38:32:D9:4E:61:D0:C1:0B:1A:EF:BE:81:45:D2 ValidityWed, 08 May 2024 06:39:32 GMT - Tue, 06 Aug 2024 06:39:31 GMT
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - PayPal |
GET /favicon.ico HTTP/1.1
Host: 01.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/PayPaI/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Wed, 08 May 2024 20:38:03 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff | 192.229.221.25 | 200 OK | 47 kB |
URL GET HTTP/2www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff IP192.229.221.25:443
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerDigiCert Inc Subjectwww.paypal.com Fingerprint4B:C0:E1:F0:16:B3:A4:B3:63:08:41:DF:F2:EF:8D:65:54:1D:30:B1 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 31 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format, TrueType, length 47339, version 1.0 Hash20f0f192de040edc17e47e61752e142f 713967babdefbc54dceacb052776c67527aada22 ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
GET /webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://01.104-168-101-28.cprapid.com
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: font/woff
date: Wed, 08 May 2024 20:38:05 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "560b6e70-b8eb"
expires: Wed, 08 May 2024 21:38:05 GMT
last-modified: Wed, 30 Sep 2015 05:09:04 GMT
paypal-debug-id: 479eff554e0ed
server: ECAcc (ska/F6A4)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000479eff554e0ed-4102b07eb51875b1-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 47339
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2 | 192.229.221.25 | 200 OK | 18 kB |
URL GET HTTP/2www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2 IP192.229.221.25:443
Requested byhttps://01.104-168-101-28.cprapid.com/PayPaI/ CertificateIssuerDigiCert Inc Subjectwww.paypal.com Fingerprint4B:C0:E1:F0:16:B3:A4:B3:63:08:41:DF:F2:EF:8D:65:54:1D:30:B1 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 31 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18508, version 1.6553 Hash57518c06c06d691bd2def8d51db1f1c2 dab349042885997d8d08db8dc38d0b4907635e2e 2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
GET /paypal-ui/fonts/PayPalSansBig-Medium.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://01.104-168-101-28.cprapid.com
DNT: 1
Connection: keep-alive
Referer: https://01.104-168-101-28.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/font-woff2
date: Wed, 08 May 2024 20:38:05 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271cda-484c"
expires: Wed, 08 May 2024 21:38:05 GMT
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
paypal-debug-id: 6b7a53e8c47b2
server: ECAcc (ska/F74B)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006b7a53e8c47b2-ccfb246c86d3bb75-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 18508
X-Firefox-Spdy: h2
|
|