| 20.104-168-101-28.cprapid.com/PayPal/login.php | 104.168.101.28 | 200 OK | 29 kB |
URL User Request GET HTTP/1.120.104-168-101-28.cprapid.com/PayPal/login.php IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
CertificateIssuerLet's Encrypt Subjectcpcontacts.20.104-168-101-28.cprapid.com Fingerprint6F:5C:4C:E3:A4:80:AE:51:C7:70:DD:1B:C9:EF:FF:42:F3:8F:DC:2E ValidityWed, 17 Apr 2024 10:05:38 GMT - Tue, 16 Jul 2024 10:05:37 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1093) Hash17de2595d933ff49d87bae688260a799 6ea893988b193347d2bd8ff6750976c64e376351 2e1ec2f13ee660e85b2e915aa09d110f2b3886dd086914b49d9d73b957039fc5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /PayPal/login.php HTTP/1.1
Host: 20.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 08:58:58 GMT
Server: Apache
Set-Cookie: COOKIE_KEY=171351713823; expires=Mon, 17-Apr-2034 08:58:58 GMT; Max-Age=315360000
COOKIE_KEY=171351713833; expires=Mon, 17-Apr-2034 08:58:58 GMT; Max-Age=315360000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
|
|
| 20.104-168-101-28.cprapid.com/PayPal/Accedi%20al%20tuo%20conto%20PayPal_files/contextualLoginElementalUIv2.css | 104.168.101.28 | 200 OK | 152 kB |
URL GET HTTP/1.120.104-168-101-28.cprapid.com/PayPal/Accedi%20al%20tuo%20conto%20PayPal_files/contextualLoginElementalUIv2.css IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
Requested byhttps://20.104-168-101-28.cprapid.com/PayPal/login.php CertificateIssuerLet's Encrypt Subjectcpcontacts.20.104-168-101-28.cprapid.com Fingerprint6F:5C:4C:E3:A4:80:AE:51:C7:70:DD:1B:C9:EF:FF:42:F3:8F:DC:2E ValidityWed, 17 Apr 2024 10:05:38 GMT - Tue, 16 Jul 2024 10:05:37 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size152 kB (151721 bytes) Hash7b31b59397453daf77e24239c697131c aaa16260469b34a558ab163549b07cd0b18dc05f 4f3ce6ed02764246b3431d0a8e1aeec9ea10915d801a4b48957ed264d98a28dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /PayPal/Accedi%20al%20tuo%20conto%20PayPal_files/contextualLoginElementalUIv2.css HTTP/1.1
Host: 20.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20.104-168-101-28.cprapid.com/PayPal/login.php
Cookie: COOKIE_KEY=171351713833
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 08:58:59 GMT
Server: Apache
Last-Modified: Mon, 09 Oct 2023 21:18:26 GMT
Accept-Ranges: bytes
Content-Length: 151721
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| 20.104-168-101-28.cprapid.com/favicon.ico | 104.168.101.28 | 404 Not Found | 315 B |
URL GET HTTP/1.120.104-168-101-28.cprapid.com/favicon.ico IP104.168.101.28:443 ASN#36352 AS-COLOCROSSING
Requested byhttps://20.104-168-101-28.cprapid.com/PayPal/login.php CertificateIssuerLet's Encrypt Subjectcpcontacts.20.104-168-101-28.cprapid.com Fingerprint6F:5C:4C:E3:A4:80:AE:51:C7:70:DD:1B:C9:EF:FF:42:F3:8F:DC:2E ValidityWed, 17 Apr 2024 10:05:38 GMT - Tue, 16 Jul 2024 10:05:37 GMT
File typeHTML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - US Postal Service | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 20.104-168-101-28.cprapid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20.104-168-101-28.cprapid.com/PayPal/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 19 Apr 2024 08:58:59 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2 | 192.229.221.25 | 200 OK | 25 kB |
URL GET HTTP/2www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2 IP192.229.221.25:443
Requested byhttps://20.104-168-101-28.cprapid.com/PayPal/login.php CertificateIssuerDigiCert Inc Subjectwww.paypal.com Fingerprint4B:C0:E1:F0:16:B3:A4:B3:63:08:41:DF:F2:EF:8D:65:54:1D:30:B1 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 31 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 25368, version 1.6553 Hash186b9e5be0671c3c941a2a4966beb47a 0255bf2f48460eb212c93242740f5bef01e858c4 1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
GET /paypal-ui/fonts/PayPalSansBig-Regular.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://20.104-168-101-28.cprapid.com
DNT: 1
Connection: keep-alive
Referer: https://20.104-168-101-28.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/font-woff2
date: Fri, 19 Apr 2024 08:58:59 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271cda-6318"
expires: Fri, 19 Apr 2024 09:58:59 GMT
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
paypal-debug-id: 68b1b20cb6d40
server: ECAcc (ska/F744)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000068b1b20cb6d40-6559e47b7df8266a-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 25368
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg | 192.229.221.25 | 200 OK | 548 B |
URL GET HTTP/2www.paypalobjects.com/paypal-ui/logos/svg/paypal-mark-color.svg IP192.229.221.25:443
Requested byhttps://20.104-168-101-28.cprapid.com/PayPal/login.php CertificateIssuerDigiCert Inc Subjectwww.paypal.com Fingerprint4B:C0:E1:F0:16:B3:A4:B3:63:08:41:DF:F2:EF:8D:65:54:1D:30:B1 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 31 Oct 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha3554959a54374d577eaa8c43ee24c49 a7cb0383beb6c338d9ad384d9542caf350b497e3 f9035e34f5734e89ddb03b601b1c0fd58323a93f176c5c7e220d7aa7a2062ed5
GET /paypal-ui/logos/svg/paypal-mark-color.svg HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20.104-168-101-28.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/svg+xml
date: Fri, 19 Apr 2024 08:58:59 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"62aa5e30-436"
expires: Fri, 19 Apr 2024 09:58:59 GMT
last-modified: Wed, 15 Jun 2022 22:33:20 GMT
paypal-debug-id: ce17e6d7adad6
server: ECAcc (ska/F686)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000ce17e6d7adad6-8a91de907aba95a6-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 548
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2 | 192.229.221.25 | 200 OK | 18 kB |
URL GET HTTP/2www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Medium.woff2 IP192.229.221.25:443
Requested byhttps://20.104-168-101-28.cprapid.com/PayPal/login.php CertificateIssuerDigiCert Inc Subjectwww.paypal.com Fingerprint4B:C0:E1:F0:16:B3:A4:B3:63:08:41:DF:F2:EF:8D:65:54:1D:30:B1 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 31 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18508, version 1.6553 Hash57518c06c06d691bd2def8d51db1f1c2 dab349042885997d8d08db8dc38d0b4907635e2e 2ae6779c6c3579643ab6deb5cfb822e843bf637d006a4ec25d9857ec7fb6d8c1
GET /paypal-ui/fonts/PayPalSansBig-Medium.woff2 HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://20.104-168-101-28.cprapid.com
DNT: 1
Connection: keep-alive
Referer: https://20.104-168-101-28.cprapid.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
content-type: application/font-woff2
date: Fri, 19 Apr 2024 08:58:59 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271cda-484c"
expires: Fri, 19 Apr 2024 09:58:59 GMT
last-modified: Sat, 13 Feb 2021 00:27:06 GMT
paypal-debug-id: 6b7a53e8c47b2
server: ECAcc (ska/F74B)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000006b7a53e8c47b2-ccfb246c86d3bb75-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 18508
X-Firefox-Spdy: h2
|
|
| www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png | 192.229.221.25 | 200 OK | 110 kB |
URL GET HTTP/2www.paypalobjects.com/webstatic/mktg/icons/sprite_countries_flag4.png IP192.229.221.25:443
Requested byhttps://20.104-168-101-28.cprapid.com/PayPal/login.php CertificateIssuerDigiCert Inc Subjectwww.paypal.com Fingerprint4B:C0:E1:F0:16:B3:A4:B3:63:08:41:DF:F2:EF:8D:65:54:1D:30:B1 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 31 Oct 2024 23:59:59 GMT
File typePNG image data, 22 x 7296, 8-bit/color RGBA, interlaced Size110 kB (110177 bytes) Hash7dd4d2c768276d0408abd27e2ffc9f61 bf2004fa43ade4af35d789e1d0b385b39e7f8214 21f89c7c27f0eab13388645aea1eedb4a342c06333a14d74c1a10dfca04d6455
GET /webstatic/mktg/icons/sprite_countries_flag4.png HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://20.104-168-101-28.cprapid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-type: image/png
date: Fri, 19 Apr 2024 08:58:59 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "60271d86-1ae61"
expires: Fri, 19 Apr 2024 09:58:59 GMT
last-modified: Sat, 13 Feb 2021 00:29:58 GMT
paypal-debug-id: 69f19aff5383c
server: ECAcc (ska/F6B3)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000069f19aff5383c-b36241f9af5cd94a-01
x-cache: HIT
x-content-type-options: nosniff
content-length: 110177
X-Firefox-Spdy: h2
|
|