Report - t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a

Report Overview

Submitted URL
t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a
IP
104.18.20.51
ASN
#13335 CLOUDFLARENET
Submitted
2022-09-13 20:14:01
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
dd7tel2830j4w.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	674 B	143.204.42.22
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.0 kB	13 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	161 kB	142.250.74.72
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.7 kB	54.230.245.110
s.comparesoft.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	7.5 kB	54.230.111.127
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	75 kB	34.120.237.76
t.sidekickopen08.com	55178	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	6.3 kB	104.18.20.51
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
d1muf25xaso8hp.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	72 kB	54.230.245.141
api.hubspot.com	5214	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	632 B	1.8 kB	104.19.155.83
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	891 B	874 B	142.250.74.3
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	906 B	873 B	142.250.74.34
js.hs-banner.com	2426	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	345 B	1.7 kB	172.64.154.85
cdn.oribi.io	16680	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	354 B	378 B	143.204.55.82
t.comparesoft.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	521 B	34.249.120.72
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	163 kB	142.250.74.163
js-na1.hs-scripts.com	8274	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.1 kB	104.17.214.204
js.hscollectedforms.net	5697	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	1.2 kB	104.17.128.171
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	524 B	746 B	142.250.74.10
forms.hubspot.com	3593	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	1.3 kB	104.19.155.83
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	773 B	6.7 kB	104.17.24.14
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.40.161.235
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.21.226
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	964 B	104.18.32.68
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	21 kB	142.250.74.174
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	16 kB	142.250.74.164
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
notify.bubble.is	139122	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	528 B	127 B	52.35.44.78
js.hs-scripts.com	2571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	346 B	620 B	104.17.212.204
s3.amazonaws.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	846 B	1.6 MB	52.217.87.190
js.usemessages.com	5634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	359 B	1.1 kB	104.17.239.204
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
forms.hsforms.com	5160	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	9.8 kB	104.16.87.5
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	726 B	557 B	216.239.32.36
zoidii.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	998 kB	104.19.240.93
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	71 kB	151.101.85.229
js.hs-analytics.net	2411	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	21 kB	104.17.71.176
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	579 B	702 B	142.251.1.154
js.hsforms.net	7264	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	1.3 kB	104.17.183.73
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.33.119.27
secure.iron0walk.com	504834	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	302 B	51.11.20.152

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-13	medium	zoidii.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js	Phishing
2022-09-13	medium	zoidii.com/api/1.1/init/data?location=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership	Phishing
2022-09-13	medium	zoidii.com/package/run_js/69717bdd0d62ae5c8a57da4e4e2b66645c475028c040fc03302d80630a09c586/xfalse/x17/run.js	Phishing
2022-09-13	medium	zoidii.com/package/static_js/a9a65750494dd11e829e3ac5ed91328ab8e4d029bdf8367bf168b75e9949f4e8/version6/live/blogpost/xnull/xfalse/xfalse/xfalse/static.js	Phishing
2022-09-13	medium	zoidii.com/package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js	Phishing
2022-09-13	medium	zoidii.com/bug/client_log	Phishing
2022-09-13	medium	zoidii.com/static/fonts/fontawesome-webfont.woff2	Phishing
2022-09-13	medium	zoidii.com/user/hi	Phishing
2022-09-13	medium	zoidii.com/elasticsearch/msearch	Phishing
2022-09-13	medium	zoidii.com/elasticsearch/mget	Phishing
2022-09-13	medium	zoidii.com/elasticsearch/msearch	Phishing
2022-09-13	medium	zoidii.com/elasticsearch/bulk_watch	Phishing
2022-09-13	medium	zoidii.com/user/apm	Phishing
2022-09-13	medium	zoidii.com/user/m	Phishing
2022-09-13	medium	zoidii.com/elasticsearch/bulk_watch	Phishing
2022-09-13	medium	zoidii.com/frg	Phishing
2022-09-13	medium	zoidii.com/frg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (52)

	URL	Size	First Seen	Last Seen
	zoidii.com/blogpost/maintenance-leadership	137 B	2023-03-07	2023-07-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-07-01 16:18:31 Times Seen22 Hash ecd10bcf19bd6ef53aff115796fcfb55 64a771b41d327ca9be76d5cca81cc6806311951c e1b3df1255a29c0b3a00bd5dbb504e1ac08fb329a09bc7ef3859869347118698 Loading...

	zoidii.com/blogpost/maintenance-leadership	155 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash fe2f5bb1ce814461bae528a61ba34682 89538aa5bd5f54679d4188e66f4d695237c94670 27a0a98a245e36f6f5c3525f8e77326771fc8eb7e2f9a3aee816dbbb334bc474 Loading...

	zoidii.com/blogpost/maintenance-leadership	353 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 7db3d9125a11caa48849e4f48f47e941 7a5eb91b210229f9c7c2a0f5526c8aef41f740b8 7b82fb092de9a2e18929802a48366ea46c57a5b62a925ef53aa5206b14ce18b6 Loading...

	zoidii.com/blogpost/maintenance-leadership	739 B	2023-03-07	2023-03-17
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-03-17 11:24:59 Times Seen1 Hash af85ed057051f334446d6f120762ac33 824e7988cb7fa528bff8b9a88365fa5a5aa40da6 79793ad2458aa5e2158bbf89a60c0789ace0b5a7e1104c00a8ac597d1097a1fa Loading...

	cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.bundle.min.js	226 kB	2023-03-07	2024-02-19
Pretty URL cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.bundle.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:56:23 Last Seen2024-02-19 14:10:32 Times Seen55 Hash 86cc8cd0eb5d5a2b42c1fa46b922d338 27bb069b16de670d2ba795ce1ff17cdabb621e31 4d0abce315fabe4c11d10b35a87e400e43fe32f1f45bef44ed374726ca084223 Loading...

	zoidii.com/blogpost/maintenance-leadership	134 B	2023-03-07	2023-07-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-07-01 16:18:31 Times Seen22 Hash 612fb6dc697335c5aa16c18a4ce39947 18249c45f53757c0c1ee637d6357500d98d3fec1 fb6e1aff77981386dbc580fdd1927806cffd3abf8e6f9ac6b59f509733491e82 Loading...

	zoidii.com/blogpost/maintenance-leadership	138 B	2023-03-07	2023-07-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-07-01 16:18:31 Times Seen22 Hash 296776024b53794bd9c3678a91f755c8 e2eece9e6ba6483515c4b291f6a1b7aeb7ef4ce6 b4481cd3c7399b1ac9be11f25e1ced1fba0db4904a49c979a1720f573f625076 Loading...

	www.googletagmanager.com/gtag/js?id=UA-182951249-1	108 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-182951249-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 0bf0c2c409e00928a50e1d26ce2a74c0 4559c5c6d0a254e56932f40dd2604ea0a6fc6d51 79fda08d235d258fc25ddb064b0bcd4e029c44b626618a1fd4fe7aad18316be0 Loading...

	zoidii.com/blogpost/maintenance-leadership	657 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 2e04b0b1032eb76129b87cbe2779bb25 076940cc3f63b35740b1ee5b67258aa18af2c3e8 77edf6ee96be3586dd4af62259a4ebf725ee98f0df10beb260f20589c0d980dd Loading...

	zoidii.com/blogpost/maintenance-leadership	43 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 7727bd20c36a75d5a9a57995c60413f7 ac3b7efc32a2dac4c466d878a3acaa6a21ef04a1 42122ecb1397d4e3d5d8b33226c3b16aace7395528dd925587b03f5d2c0b6eed Loading...

	zoidii.com/package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js	277 kB	2023-03-07	2023-03-07
Pretty URL zoidii.com/package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js IP 104.19.240.93 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 05cae3446f7af935c138d70311290e98 c6955bd48f5725dac0850f17c8473ce4444dfdc2 339aba6895e4bb95b5d3f66fc13eb5b3951e4113ecde5a039387ebbca0f74c26 Loading...

	zoidii.com/blogpost/maintenance-leadership	137 B	2023-03-07	2023-07-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-07-01 16:18:31 Times Seen22 Hash 0fd13a4243a3531d330b80a68ce28231 e947a1cc269999a5a3aecb84366cfcfa1875fad2 9144a31679b877a6029317154b8317bc81525074bd3cbbea6e1a50a4a80f706d Loading...

	www.googletagmanager.com/gtag/js?id=G-HXB3FK446M&l=dataLayer&cx=c	214 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-HXB3FK446M&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash cca4158bfdb3775095546ffa21a7115f b035d0b1fd3d97855d9bf1f1b1c2f9b2fe5d8003 068a32cb1e8c6534f3f46f4d23bc001b7baa1c76609e990eed0fe60e96bd5788 Loading...

	www.google.com/pagead/1p-conversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4	43 B	2023-03-07	2024-04-08
Pretty URL www.google.com/pagead/1p-conversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:30 Last Seen2024-04-08 20:17:10 Times Seen63935 Hash ad8b6f08655797587cdec719a94efe59 182adf5a140796f81e930649d05654dbf22fd5b7 77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6 Loading...

	zoidii.com/blogpost/maintenance-leadership	133 B	2023-03-07	2023-07-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-07-01 16:18:31 Times Seen22 Hash d93e1464ee08cf65e485c1077b0a7fba df8a993f8ac063c8c6a32b558b1eb548058a8422 de6eb8fb0a6d8c9792bcd98885cbaa57b7936e5df9bad507c61e431fad38cd43 Loading...

	cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js	5.5 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:39 Last Seen2024-04-18 13:34:26 Times Seen1489 Hash b36f28de584845317de40a7219c82b1c 6de8657c8782561bc023478ab708179ed846db1a ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09 Loading...

	js.hs-scripts.com/8770284.js	2.0 kB	2023-03-07	2023-03-07
Pretty URL js.hs-scripts.com/8770284.js IP 104.17.212.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 4bd61cff5bd77173f864a6b8d5d73f51 a53c51973b83762759beb6e2499c15f48eeaa3b5 e4065fe6f408402e313867d79ea08baa2a99453f0b659ec31e89d90f64970c8e Loading...

	js-na1.hs-scripts.com/8770284.js	2.0 kB	2023-03-07	2023-03-07
Pretty URL js-na1.hs-scripts.com/8770284.js IP 104.17.214.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 34a7afff9d4f5d3490f153ea61236f7b 8b104e42c89652217b427f4002b78e20fd7bffd1 238e102ba79447f57013c96d716baa60cc90d0504cdf079af01de58e89254472 Loading...

	www.googletagmanager.com/gtag/js?id=G-SMYZWM2YCC	212 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-SMYZWM2YCC IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash cb81928538acdd27dff6e4ec1aac071a 1b6b765f4781b929ce7622105f654c7d296bafc6 5fc12ba99add4006088c6e9ec5b0ab2b7c4ec2100d67ebfcb9be2795160fe2ca Loading...

	zoidii.com/blogpost/maintenance-leadership	114 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 50cf5690909aaeb968e24e249b07cb41 7dcc0ecb139ae01365f3a7cc6ee02808ce450090 4627b057a98764be613c2513374970d6e4ee8f2e2210851b4a40f95f41a91879 Loading...

	www.googletagmanager.com/gtag/js?id=UA-189321130-1	108 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-189321130-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash b27b6a9a607c64ea1c1cc15fc26d0fc8 269d6dbcecab3732b9b2611593f8cdc886b6e083 2621d812b4bd172591e7a613dfb8c451ca39724ec1ae0d6abfe9d3185f3f0be7 Loading...

	zoidii.com/blogpost/maintenance-leadership	134 B	2023-03-07	2023-07-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-07-01 16:18:31 Times Seen22 Hash 00e4576571cbe57ee06c67b776360824 4a8de8ab66cbeb5ae03287e8944bf4d59387c80e 3263c2ff1327b5313772c40d5c8616661951da942c4df7875c3d1b09f7768bb4 Loading...

	zoidii.com/blogpost/maintenance-leadership	1.1 kB	2023-03-07	2023-03-17
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-03-17 11:24:59 Times Seen1 Hash dcc2c2103fe5c46309da73d25af25719 3ff8b94943050fd34f8d21e1817a3451117a9d15 665bd3dac52ab7594695d55e0c659e7886dcd3ecc4f20bb936db71071c57d308 Loading...

	zoidii.com/blogpost/maintenance-leadership	341 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 262baea0b3b1b545666e3d802c51cb2d 12543ec962f1812b2a04896b0197af324a50fae6 6328d327dc42b0e57e3031d5e1bfa0b366dd6fc21a9f674f7e85d234c75825a1 Loading...

	cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js	4.6 kB	2023-03-07	2024-04-06
Pretty URL cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:18 Last Seen2024-04-06 08:37:17 Times Seen812 Hash d4f159a37ec89a69879032ef278f90e8 b4cdc1702e78dccbba3327dfe53341d5f7540dea 190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0 Loading...

	zoidii.com/blogpost/maintenance-leadership	58 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash b0bc075a4a915dafbc279295403c9d0d caad07b3621045b4fbc878fabfa783c9f1daa860 ec39040c13b6248f6d811c19dcdb8c0f2cbcbf97d2237dd145b536f11656b3fd Loading...

	dd7tel2830j4w.cloudfront.net/f1502334450110x444047561846673500/console.js	58 B	2023-03-07	2024-01-25
Pretty URL dd7tel2830j4w.cloudfront.net/f1502334450110x444047561846673500/console.js IP 143.204.42.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2024-01-25 10:29:23 Times Seen5 Hash 505ff652b36a924730920ab9aa860fd5 834dbe59097d768a3dc497955460ab2a7b1ac20f f766dc61996165593e50c1fdb4f8e567c5a745833bc232ba38066ca86ea33570 Loading...

	secure.iron0walk.com/js/208082.js	16 B	2023-03-07	2023-03-07
Pretty URL secure.iron0walk.com/js/208082.js IP 51.11.20.152 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 8b88628892b6be3a137a2e12e7eae2df ea021516706f5aebf2ffebd73d0581910c99f8c9 0a51079f4ad3dd8fde0226cf8e1bd3ed0c46d4c1a6f459199b6b11dd40e5f7e4 Loading...

	zoidii.com/blogpost/maintenance-leadership	69 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 4c4fb30a35e80998d8fcd35d6cac8ff2 76af2efe2650e106292fb4cbbfd18b02cf86d06f 82a049e09bd74b95b54c4ee655fc4332b027e3aade1c3ae4502f97f398232839 Loading...

	zoidii.com/blogpost/maintenance-leadership	357 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 3f8a0c98fad8dc0799fc9e598327cda7 c761ac287c04cd81f1fc10889c96f5e2bd37e826 b9acde7a57df271599fe9663f20cd3454620a8c2c6d4cbbaf7aa7bd35ca9d908 Loading...

	zoidii.com/blogpost/maintenance-leadership	31 B	2023-03-07	2024-04-18
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2024-04-18 11:58:53 Times Seen120 Hash 489b91aaa0120808137e02a249c6efe1 c6994a3a0793e439ec1a50eed5c76ee88f13fedf 8e2ef1bd46c4a6fb833dfb7711ff187d1d52bcfa437e07dea6057d6651f7d8c5 Loading...

	js.usemessages.com/conversations-embed.js	75 kB	2023-03-07	2023-03-17
Pretty URL js.usemessages.com/conversations-embed.js IP 104.17.239.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2023-03-17 12:54:02 Times Seen1 Hash be054c0d1ce8e9f928e051e15475d755 897e9a4dc794aaa9da1b22e06ba74694dec39862 bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4 Loading...

	zoidii.com/blogpost/maintenance-leadership	155 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 3bd8e99175645f257ac9a2781e7b7110 2d31484ffe0405b5e819ea60320f15da7f16856c 20b0d1936ff9d648e6b42eaa79bd07a3fbcd92672a48fafe52287c5d9a2fd8e9 Loading...

	zoidii.com/blogpost/maintenance-leadership	143 B	2023-03-07	2023-07-29
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-07-29 08:11:24 Times Seen7 Hash e5dc606a8bdf12beac99fa497fa68cdd fed9f18e79cf46cfb8134d65d4a6d08a313f0ad9 a61ca9ddea07b0fed418ecb6b00fa88e8fe323a5bc44799bd3ab854518e7c228 Loading...

	zoidii.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js	24 kB	2023-03-07	2023-05-09
Pretty URL zoidii.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js IP 104.19.240.93 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-05-09 18:21:08 Times Seen21 Hash 178caedf1bdc662c33ca927df2e7ba65 c5e6ed1620c0ff5be2d0d8081d2897c67a6f840f 5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-13
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-13 18:55:10 Times Seen838 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	js.hs-analytics.net/analytics/1663099800000/8770284.js	64 kB	2023-03-07	2023-03-07
Pretty URL js.hs-analytics.net/analytics/1663099800000/8770284.js IP 104.17.71.176 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 3c4f6d11a1ad21450e18ba608e52e858 5df2359e508207160230ebcc77415c0c9c935bf4 c031ed74f73e800da4ebbaf8f74b708730cf3c045a5dc79c0f439de5cb203813 Loading...

	zoidii.com/blogpost/maintenance-leadership	136 B	2023-03-07	2023-07-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-07-01 16:18:31 Times Seen22 Hash f37f39b8779f5536e615efcdde2fdee8 bbf311dbfe1747a7a7105d4482ef3baf312b9a12 93a8abcdb1196aee0442ba06545dfcfce29fbd68cd8229261566814a5b666b24 Loading...

	js.hs-banner.com/8770284.js	62 kB	2023-03-07	2023-03-07
Pretty URL js.hs-banner.com/8770284.js IP 172.64.154.85 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash 24f84b24c9b8212968fb14d351fcacd6 28f1283ffe55af8f7e8eadeb98037198affb8a4a 02eff7d51d1b85bc84abe91191d0db7eadfbb1af31cbe239264a0fd9f35e9cc8 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PQVXMBC	136 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PQVXMBC IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash ec99d0e1db8e1ac2aef8e53bad2b5fda b9b9ed4e5f99466a5c4e0c0ab20fcf1d6d6856bc 8013bae3d7829f3578bdeb4e04a8e74586d4d284b4b0b7336478bb6aabedb2bb Loading...

	zoidii.com/blogpost/maintenance-leadership	1.2 kB	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash cf437d39117ef692f6dd68308981cbdc 904f1697f2fa80e354fea4cf77ca0d6885d6a3d8 ae5f161676a55020d5eaa44ed48f5e23a3d93ebeaa3986f67e3d7043120c5c7e Loading...

	js.hscollectedforms.net/collectedforms.js	67 kB	2023-03-07	2023-03-17
Pretty URL js.hscollectedforms.net/collectedforms.js IP 104.17.128.171 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-17 12:54:02 Times Seen1 Hash 7a468b833be86c01bc8dfd455308f792 c6984552ec9934ce1657ce3f1f992fc3f887f959 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.google.com/pagead/conversion_async.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:19 Last Seen2023-03-17 12:30:23 Times Seen1 Hash 70049e468e315dbffce0c07753fca6f9 6c1cb5e25675de7746ed7dbb4d103aba9faabea0 94cc0d6d41e4b4bcde2f4f3d6292224215a698f20ffe7915c04cb55146537266 Loading...

	zoidii.com/blogpost/maintenance-leadership	201 B	2023-03-07	2024-02-29
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2024-02-29 10:08:09 Times Seen110 Hash b06417845cd67f6e42711ccd676f59ba 7e2ff8a5203f1aa52bf4562bbd721a5c685d97bc 4d6f7b2e5bef7d7a27fc5e0f02244f6a9cd3f8ad17a3381f621474487dd0826e Loading...

	s.comparesoft.com/prod/js/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb	22 kB	2023-03-07	2023-03-07
Pretty URL s.comparesoft.com/prod/js/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb IP 54.230.111.127 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash a4bdaa66e05d4ab31c36c882c79e88d0 8f041cac6d3a71db7f5f7851c9355aa59debb83c 3b9e245f8cfa59e20ffff4ecaf78fa8a2fcf861ec5e34ab660845cb8f7983664 Loading...

	cdn.oribi.io/XzgzOTE3NzI1MA/oribi.js	3 B	2023-03-07	2024-04-18
Pretty URL cdn.oribi.io/XzgzOTE3NzI1MA/oribi.js IP 143.204.55.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-04-18 18:04:00 Times Seen39034 Hash 8a80554c91d9fca8acb82f023de02f11 5f36b2ea290645ee34d943220a14b54ee5ea5be5 ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Loading...

	zoidii.com/blogpost/maintenance-leadership	153 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash e427b0dfc264dacd8fc281217387d4ec 280c307d3e623668bb44561e6322e2d876a29651 38641cf3d9114f2092a4bd907aa399bec4f11a66eca53b01087731a962c92a8a Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 18:23:25 Times Seen36946730 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	zoidii.com/blogpost/maintenance-leadership	2.0 kB	2023-03-07	2024-01-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2024-01-01 08:16:15 Times Seen14 Hash ae06af118459adb3546ca6b8ba8e857b 0515249a7df11f5abdad86db3553a8325022ddd1 9fa514805944eec802868d9564006fd9a1ddda029bca0574d7abb82bdb2efbc0 Loading...

	js.hsforms.net/forms/shell.js	599 kB	2023-03-07	2023-03-17
Pretty URL js.hsforms.net/forms/shell.js IP 104.17.183.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:19:46 Last Seen2023-03-17 12:44:43 Times Seen1 Hash f889349e82887a8dc0de8f5ff4475404 eca9e627e46e52c94afaf7090b04a7ed689d69a6 d6390dbf4e23a532fa3efad24c99004e967138772cf0d435bbdeca8bc5f60daa Loading...

	zoidii.com/blogpost/maintenance-leadership	133 B	2023-03-07	2023-07-01
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:52:38 Last Seen2023-07-01 16:18:31 Times Seen22 Hash 3e346e0c3a0c1c92ad138cb02b564ae8 f17acca4a4785bcbe9b0869a00f93417e549435b 1473a6f40c6fad227aeb5c8fe999c89bc36d99ecd39f24824ec40057a892e1d3 Loading...

	zoidii.com/blogpost/maintenance-leadership	143 B	2023-03-07	2023-03-07
Pretty URL zoidii.com/blogpost/maintenance-leadership IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:58:35 Last Seen2023-03-07 15:58:35 Times Seen1 Hash a94fe1f3187ed8552f04e9e1ed6d6030 36c3caf74f3d7905b0a372b1f2a1e8ecb3880602 34fdc58cc4898d0588cc654a5f4dd8ecdcd32f44c317e7275d874a2deb446bb9 Loading...

HTTP Transactions (108)

URL IP Response Size

t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a

104.18.20.51

301 Moved Permanently

0 B

URL HTTP/1.1
t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a
IP
104.18.20.51:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a HTTP/1.1
Host: t.sidekickopen08.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 20:13:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 21:13:50 GMT
Location: https://t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a38bb56ffc0af6-OSL

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 20:08:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vhetn1zteMSZZsCF-imiF-Hc2M9FD85XQnd2wDmTj_LfZyiluo3MkQ==
Age: 297

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Tue, 13 Sep 2022 22:28:15 GMT
Date: Tue, 13 Sep 2022 20:13:50 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VVMCgO5qIapLuGqMB3CbwxooYFXgDpzVBpQC0xrOkEmzps3TdMDJ9Q==
age: 56316
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 20:13:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 20:03:22 GMT
Expires: Tue, 13 Sep 2022 20:52:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KGStYXA--MCdg1Dbi6-UJIN9hz2cJXO5qAhDF1q1MRvoXp5apcYP7Q==
Age: 629

104.18.20.51

307 Temporary Redirect

5.1 kB

URL HTTP/2
t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a
IP
104.18.20.51:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
5.1 kB (5101 bytes)
Hash
5952e398569e8eb79db3a44fc6965361
2ca62a0a2eec063938afda6c683ab4dce5826962
ace90ef10d4ad8f9a2dc0a9af981f2c3b844d0a4959635931565430e505788d5

HTTP Headers

GET /s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a HTTP/1.1
Host: t.sidekickopen08.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 307 Temporary Redirect
date: Tue, 13 Sep 2022 20:13:50 GMT
location: https://zoidii.com/blogpost/maintenance-leadership
set-cookie: _hetc=cc4d93fd-cc33-4e6b-9123-415cfdf7c464|1663100030648|ACOD57cwLQIUSgnqP30Gca0/Yi/BpUqcPHBf/UICFQCXIRrisJKQPkBUiNpCpaSpVTvqBQ==;Version=1;Comment=;Domain=t.sidekickopen08.com;Path=/;Max-Age=31536000
x-robots-tag: none
link: <https://zoidii.com/blogpost/maintenance-leadership>; rel="canonical"
referrer-policy: no-referrer
x-hubspot-correlation-id: ee1e4aad-3727-4283-8c81-8e317e115b18
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a38bb70a18b529-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Last-Modified: Tue, 13 Sep 2022 18:28:13 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

zoidii.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js

104.19.240.93

200 OK

8.9 kB

URL HTTP/1.1
zoidii.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (1366)
Size
8.9 kB (8877 bytes)
Hash
df64263bf2f18cb0cd1d0c3fac763335
fa45547b1031668d8a1951a7e2c6270d7e405986
48b73cc17c235d8812e8d93389c06a3a031840001931d7c94e3950ca444d6204

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":15,"percents":{"top":{"bubble_cpu":24.1,"block":64.9,"capacity_rl":0,"other_pause":0,"pre_fiber":6.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":34.9,"fiber_queue":25.3,"capacity_wait":6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":542891,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.008 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: HIT
Server: cloudflare
CF-RAY: 74a38bbbab3a0afa-OSL
Content-Encoding: br

cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css

104.17.24.14

200 OK

2.7 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6454), with CR line terminators
Size
2.7 kB (2672 bytes)
Hash
dd0c975ac6cf18356e3a64a9e09c5d66
fb70cfe7308a9e4c162d7cbdb01ba7ceff8137ea
8524ee13d851584493788f99f936112522ed17b1829e2a3409715899c8831a06

HTTP Headers

GET /ajax/libs/toastr.js/latest/toastr.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: text/css; charset=utf-8
content-length: 2672
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffe-1a55"
last-modified: Mon, 04 May 2020 16:17:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1811478
expires: Sun, 03 Sep 2023 20:13:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMS1ashu86VDyMV6wWhpXhv%2F74ALZ8iZ%2BVQ7ymrXUf1iGG0Us%2FxmioUTSl6vHRnpdfS9Imk422g8CvvRG%2FrhFXufBxnmNRFhYbbq1fT22nIpD4GYO%2BrBTNjQQLqHUuhKtJiDLpDl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a38bbc0dabb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js

104.17.24.14

200 OK

1.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5215)
Size
1.9 kB (1885 bytes)
Hash
b3cd1197cd16cf84e2e4313f2ba15142
5b83415c62121e0967d874ad7b12b93e059cee18
ed2fb5b46a4b7e540ddbe08f457d1c2bce74880a8a4298c8b2799039c3297328

HTTP Headers

GET /ajax/libs/toastr.js/latest/toastr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1885
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffe-15a1"
last-modified: Mon, 04 May 2020 16:17:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 829480
expires: Sun, 03 Sep 2023 20:13:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eWh2SEXednTjUVNv5TCnURXOt8mU0WSiZhuLJNnxEYExG25RzKneWeOxN0ilYYqF8BJKLbdiKg8yLBbh4AIbEy6gaQ2SiesJnE6jorfFRgLo0jbAeCEhoYuNhuG3oXJ888y0U3w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a38bbc1dc4b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

dd7tel2830j4w.cloudfront.net/f1502334450110x444047561846673500/console.js

143.204.42.22

200 OK

58 B

URL HTTP/2
dd7tel2830j4w.cloudfront.net/f1502334450110x444047561846673500/console.js
IP
143.204.42.22:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
505ff652b36a924730920ab9aa860fd5
834dbe59097d768a3dc497955460ab2a7b1ac20f
f766dc61996165593e50c1fdb4f8e567c5a745833bc232ba38066ca86ea33570

HTTP Headers

GET /f1502334450110x444047561846673500/console.js HTTP/1.1
Host: dd7tel2830j4w.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 58
date: Fri, 09 Sep 2022 00:16:29 GMT
last-modified: Thu, 10 Aug 2017 03:07:31 GMT
etag: "505ff652b36a924730920ab9aa860fd5"
x-amz-meta-appname: meta
cache-control: public,max-age=290304000
x-amz-meta-app-version: live
x-amz-version-id: MDq4HJ2bEsP3aUOY7JUBeCXqQqhyy68Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pT2C1Yl52LDrTwYOm1BipR8KkdVLmfLdab1aSr86I8GLuQ0eqsPLJA==
age: 417443
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.bundle.min.js

151.101.85.229

200 OK

70 kB

URL HTTP/2
cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.bundle.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65414)
Size
70 kB (70055 bytes)
Hash
d80b0af0aa03c9c591980a22667bfada
d2dd207058a0f612de38c1ed298ccb03888ceb57
80a4e8b19247fa74a2f2dc59441caa1e8abb2745d07187c44249146df12203d8

HTTP Headers

GET /npm/chart.js@2.9.3/dist/Chart.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.9.3
x-jsd-version-type: version
etag: W/"373b3-J7sGmxbeZw0rp5XOH/F82rtiHjE"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 20:13:51 GMT
age: 1196168
x-served-by: cache-fra19145-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70055
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
a5cc40b044445ac62c4ec391edde053d
d0b6e3199a8bc019be5ff97d66f0e0f4db6ab5cb
d829ee9c05e5cdbc05122639c1e17cf24fe0f2287acb12270cc084e3887bcb7a

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3C67358BA8C305E6AE5C44E91DCE1D64D4458B5A"
Expires: Wed, 14 Sep 2022 07:00:00 GMT
Last-Modified: Tue, 13 Sep 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2802
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a38bbcca7f1c0a-OSL

www.googletagmanager.com/gtag/js?id=UA-182951249-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-182951249-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
42 kB (42156 bytes)
Hash
ad690dfd1195852bcc202e725fee436b
81ad9c3bb36dabb5515d5ff635f3cb43c56e6377
a5b9c6f125d52549080eb52a9baa51e2db89c0d0d6283f2b7629168099a9d228

HTTP Headers

GET /gtag/js?id=UA-182951249-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 20:13:51 GMT
expires: Tue, 13 Sep 2022 20:13:51 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42156
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-189321130-1

142.250.74.72

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-189321130-1
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1615)
Size
42 kB (42158 bytes)
Hash
cb7b7e40f9021c84f8096ea854d7833f
a3567607a8bd156b8276ce7046030a0850c00472
78417e3c31052bbf94fa6bf49c7d111c5b23bcd23457cbdda8f1156a4c671340

HTTP Headers

GET /gtag/js?id=UA-189321130-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 20:13:51 GMT
expires: Tue, 13 Sep 2022 20:13:51 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-SMYZWM2YCC

142.250.74.72

200 OK

75 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-SMYZWM2YCC
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (17807)
Size
75 kB (74627 bytes)
Hash
fb1833153c5bb6c45030c9016ca15134
bdf03209b65c33d08256be6a56c8b583071fa5d8
1d86a78a9c54eed12bc02550c4e263f76e5dd69764ea14889f1281818a654fc7

HTTP Headers

GET /gtag/js?id=G-SMYZWM2YCC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 20:13:51 GMT
expires: Tue, 13 Sep 2022 20:13:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

secure.iron0walk.com/js/208082.js

51.11.20.152

200 OK

16 B

URL HTTP/1.1
secure.iron0walk.com/js/208082.js
IP
51.11.20.152:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
8b88628892b6be3a137a2e12e7eae2df
ea021516706f5aebf2ffebd73d0581910c99f8c9
0a51079f4ad3dd8fde0226cf8e1bd3ed0c46d4c1a6f459199b6b11dd40e5f7e4

HTTP Headers

GET /js/208082.js HTTP/1.1
Host: secure.iron0walk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: text/javascript
Content-Length: 16
Connection: keep-alive
Server: Kestrel
Cache-Control: no-store, must-revalidate
Pragma: no-cache
Expires: 0
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9939587aef90d732ebd2942ec44120e3
218c3a6c637eece45bf2f32408a6bb55357f900d
351b5b1cead475b70db2dbdc4e3eff2858605c041d3ecf8bc4f7ccba5fa244d5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:51 GMT
Last-Modified: Tue, 13 Sep 2022 19:55:27 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dtd10V50XmhlG-FHcO-YWYXSX-8135MY9PzQoFA3-maABQGLQmlpmA==
Age: 1104

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4a68e0856575d52f7778bc821b5c881b
0956533f660fd0e7096540292f9b60451f60f148
0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zoidii.com/package/run_css/83905403bc6961835552218c519cbf2d8bfcb88cb39698b9100ce86921d48591/version6/live/blogpost/xfalse/xfalse/run.css

104.19.240.93

200 OK

15 kB

URL HTTP/1.1
zoidii.com/package/run_css/83905403bc6961835552218c519cbf2d8bfcb88cb39698b9100ce86921d48591/version6/live/blogpost/xfalse/xfalse/run.css
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (558)
Size
15 kB (14851 bytes)
Hash
d1c22a71e44cbde3d5b9170ddaf6e58a
d7344ac37cae0240a6ccf996bceef86a6a741489
9608974e755af1edc6a3f7a39b5a70a99d52f9d148fc6f795b0e49d0cd6565c1

HTTP Headers

GET /package/run_css/83905403bc6961835552218c519cbf2d8bfcb88cb39698b9100ce86921d48591/version6/live/blogpost/xfalse/xfalse/run.css HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":44.6,"percents":{"top":{"bubble_cpu":33,"block":65.6,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":4.5,"pp_wait_userdb":0,"http_request":0,"serverjson":31.8,"appserver_cache_misses_time":0,"redis":62.5,"fiber_queue":4.1,"capacity_wait":11}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":26,"fiber_queue":23,"blocks":22},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":8212507,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.126 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 74a38bbbdbdb0b45-OSL
Content-Encoding: br

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zoidii.com/api/1.1/init/data?location=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership

104.19.240.93

200 OK

13 kB

URL HTTP/1.1
zoidii.com/api/1.1/init/data?location=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (13118), with no line terminators
Size
13 kB (13130 bytes)
Hash
92cc31da2cebe6d51de83d3456155c18
b58695b171c92e874b7fdc489cd69a0da1febb6c
939caf4d9a2dc97e284ce5111b757fb6807c01d7a55bb26e4e017e0db17aab13

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /api/1.1/init/data?location=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
x-bubble-perf: {"total":44.6,"percents":{"top":{"bubble_cpu":34.5,"block":64.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":9,"pp_wait_userdb":0,"http_request":0,"serverjson":34.9,"appserver_cache_misses_time":0,"redis":41,"fiber_queue":10,"capacity_wait":2}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":6,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":18,"fiber_queue":20,"blocks":19},"misc":{"userdb_results":2,"userdb_data":24700,"spent_time":4311961,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.066 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bbc1bd20afa-OSL

push.services.mozilla.com/

52.40.161.235

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.40.161.235:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3bRncmwzmBYmzbINt2+DRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KQyatLJiDLsrYF3M5tciQJwWJOQ=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 42170
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2

142.250.74.163

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17660, version 1.0\012- data
Size
18 kB (17660 bytes)
Hash
cfdce67a2e07ba6cf05e0292d7f3f9b7
dcad1b9e50f8ef49ec4600fe88c68c165d9b7e61
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c

HTTP Headers

GET /s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 15:46:57 GMT
expires: Sat, 09 Sep 2023 15:46:57 GMT
cache-control: public, max-age=31536000
age: 361614
last-modified: Mon, 11 Jul 2022 21:02:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.163

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:10:21 GMT
expires: Wed, 13 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 11010
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2

142.250.74.163

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20960, version 1.0\012- data
Size
21 kB (20960 bytes)
Hash
d312d179276a175029c56c50e9bc9d0b
aa9285dd6183c696fc39ec31c221581e2d4959c1
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80

HTTP Headers

GET /s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 00:05:42 GMT
expires: Thu, 07 Sep 2023 00:05:42 GMT
cache-control: public, max-age=31536000
age: 590889
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

142.250.74.163

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Size
18 kB (17820 bytes)
Hash
3d5107abaf7bf4df5478bd04625c0929
b04d394caabf6ea3e500b74781dc2bfd54f3c18d
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31

HTTP Headers

GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 19:07:15 GMT
expires: Tue, 12 Sep 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 90396
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/telex/v14/ieVw2Y1fKWmIO-fUDVs.woff2

142.250.74.163

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/telex/v14/ieVw2Y1fKWmIO-fUDVs.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14432, version 1.0\012- data
Size
14 kB (14432 bytes)
Hash
5a6b42aa82fce5706171ae77564a2210
6a339335bb334cfdf826c6d8a7e90387c6324bd7
24658289a63f5cd6e3d89e2f2c2ec255563ee905a68654047be886b99ab856d7

HTTP Headers

GET /s/telex/v14/ieVw2Y1fKWmIO-fUDVs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 16:46:59 GMT
expires: Mon, 11 Sep 2023 16:46:59 GMT
cache-control: public, max-age=31536000
age: 185212
last-modified: Wed, 27 Apr 2022 15:52:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

zoidii.com/package/run_js/69717bdd0d62ae5c8a57da4e4e2b66645c475028c040fc03302d80630a09c586/xfalse/x17/run.js

104.19.240.93

200 OK

615 kB

URL HTTP/1.1
zoidii.com/package/run_js/69717bdd0d62ae5c8a57da4e4e2b66645c475028c040fc03302d80630a09c586/xfalse/x17/run.js
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32030)
Size
615 kB (614706 bytes)
Hash
c78e7e3ce7916e770899f74b776fe374
b1e75b20bffa3ea21f549ec3144b3f82c581b963
e052b1eab1cccb02a43317fb7966dfae4353ed18ba2f1a0aba9e0526af0eb521

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /package/run_js/69717bdd0d62ae5c8a57da4e4e2b66645c475028c040fc03302d80630a09c586/xfalse/x17/run.js HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":16,"percents":{"top":{"bubble_cpu":20.1,"block":73.4,"capacity_rl":0,"other_pause":0,"pre_fiber":2.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":41,"fiber_queue":22.3,"capacity_wait":11.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":482112,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.007 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 74a38bbbea2ab505-OSL
Content-Encoding: br

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7877
Expires: Tue, 13 Sep 2022 22:25:08 GMT
Date: Tue, 13 Sep 2022 20:13:51 GMT
Connection: keep-alive

s.comparesoft.com/prod/js/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb

54.230.111.127

200 OK

7.0 kB

URL HTTP/1.1
s.comparesoft.com/prod/js/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb
IP
54.230.111.127:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (22492), with no line terminators
Size
7.0 kB (6983 bytes)
Hash
5920e71d6f1c596ff5bc169f9ae2041f
1e8f18a0d75bc1cd641dfdf8d7b610aa36993d1b
e723e1186e67938be08515d0de6875f9359262db5958e3521020353c348c3407

HTTP Headers

GET /prod/js/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb HTTP/1.1
Host: s.comparesoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 13 Sep 2022 20:13:51 GMT
x-amzn-RequestId: a6a129a6-58de-41fb-ba6b-0e9c7204e87d
x-amz-apigw-id: Yaij-HCpjoEFTNg=
X-Amzn-Trace-Id: Root=1-6320e47f-024cc45e2f1d03a26fc57968;Sampled=0
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T3SNcVGKBf-PIRmebCtkTyaUek6KtvLyINSyq1CnVRZ7STbvIBaPow==

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7877
Expires: Tue, 13 Sep 2022 22:25:08 GMT
Date: Tue, 13 Sep 2022 20:13:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9815 bytes)
Hash
239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 80290
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8799 bytes)
Hash
c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 81119
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10407 bytes)
Hash
557695ec8ffeebb0272c099542a14ace
ad627b434e1c3b693d8636675bcea0f8794e0dc2
4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 9d4f8b01-c36c-4378-9c9d-5660084b781f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxNlNGmZIAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63105c87-33f69c990fc7a6073eb5a63a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 07:17:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E3cLpeRf1RAA79G5O1p1xmgDHk_o9Ba-F9KnZqS_X_2kr1543CwnMg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 09:02:59 GMT
age: 40252
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9945 bytes)
Hash
c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 43wWNADffkA0e8T-SYvAMjp266nAE5hrDjNMQQsuYeT0i6xQt7wLVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:34 GMT
age: 80297
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10849 bytes)
Hash
838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TeasWs7Qh6T3oV8vJsu5JM_EApUJEGGWIvUC6Pfd41u18v8RlcPQpg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:19 GMT
age: 80192
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9466 bytes)
Hash
6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 03:17:04 GMT
age: 61007
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

zoidii.com/package/static_js/a9a65750494dd11e829e3ac5ed91328ab8e4d029bdf8367bf168b75e9949f4e8/version6/live/blogpost/xnull/xfalse/xfalse/xfalse/static.js

104.19.240.93

200 OK

195 kB

URL HTTP/1.1
zoidii.com/package/static_js/a9a65750494dd11e829e3ac5ed91328ab8e4d029bdf8367bf168b75e9949f4e8/version6/live/blogpost/xnull/xfalse/xfalse/xfalse/static.js
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (23458)
Size
195 kB (195036 bytes)
Hash
1b2ca45cd7e6ae35900ddd05190c1c5e
f3a8af567e231bcc5b45ea8806e25ef3847df928
20917a5fae46fadead14d2eaae51b445a0d5b3ed4cd8a7167d23dfa32f235200

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /package/static_js/a9a65750494dd11e829e3ac5ed91328ab8e4d029bdf8367bf168b75e9949f4e8/version6/live/blogpost/xnull/xfalse/xfalse/xfalse/static.js HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":232.5,"percents":{"top":{"bubble_cpu":28.7,"block":71.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":25.3,"appserver_cache_misses_time":0,"redis":31.2,"fiber_queue":1.7,"capacity_wait":0.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":37,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":59,"fiber_queue":57,"blocks":56},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":10016840,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.154 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 74a38bbbeb720afa-OSL
Content-Encoding: br

zoidii.com/package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js

104.19.240.93

200 OK

38 kB

URL HTTP/1.1
zoidii.com/package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
exported SGML document, Unicode text, UTF-8 text, with very long lines (57222)
Size
38 kB (38512 bytes)
Hash
8d073d386b39d239b897032969398d68
0b6cc5e23284e84af4df8a6c1fc653f7399b6dca
85fa2bf55b004718218c45b70d2644a1c8372c4ed71514c8c34bf12784a97a74

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":185.1,"percents":{"top":{"bubble_cpu":5.1,"block":91.6,"capacity_rl":0,"other_pause":0,"pre_fiber":3.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":11.8,"fiber_queue":2.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1428848,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.022 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 74a38bbbef45b4f9-OSL
Content-Encoding: br

forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk=

104.16.87.5

200 OK

18 B

URL HTTP/2
forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk=
IP
104.16.87.5:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879

HTTP Headers

OPTIONS /embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://zoidii.com/
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2B437E4AF0CCE2ED7921AA95FA36ADA979BD2EA410000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
x-hubspot-correlation-id: c1d8c416-d699-46d5-a219-92309b3dee64
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: x-requested-with
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bc1ede2b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
764117af7cd36b7fc61bc63b72af7c6c
39aa0348f94840805964134c644baffdd9f17bcf
156087e03df57802d2d9e2e6022a06c5ee0aad49ab90865f6978aba21a2760ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:52 GMT
Last-Modified: Tue, 13 Sep 2022 19:30:44 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9VbD1j1bL5f34moeuRaPRZD-8cCxvsW3fZKw7gV2RNijmclZAJcFmA==
Age: 2588

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
764117af7cd36b7fc61bc63b72af7c6c
39aa0348f94840805964134c644baffdd9f17bcf
156087e03df57802d2d9e2e6022a06c5ee0aad49ab90865f6978aba21a2760ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:52 GMT
Last-Modified: Tue, 13 Sep 2022 19:21:39 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1Ptvu2tWuBjUpub4d_jqp2EsJkvs-yd5MdwfwFHr7pFQYskBO9EK-g==
Age: 3134

cdn.oribi.io/XzgzOTE3NzI1MA/oribi.js

143.204.55.82

200 OK

3 B

URL HTTP/2
cdn.oribi.io/XzgzOTE3NzI1MA/oribi.js
IP
143.204.55.82:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
3 B (3 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /XzgzOTE3NzI1MA/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
content-length: 3
date: Tue, 13 Sep 2022 20:13:52 GMT
cache-control: public, max-age=60
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AWPOuWh4Zt70HZVTeJPpdjUQd-OaHwjgIxZZFx5AKAS2Ca6p5dR7jw==
X-Firefox-Spdy: h2

js-na1.hs-scripts.com/8770284.js

104.17.214.204

200 OK

556 B

URL HTTP/2
js-na1.hs-scripts.com/8770284.js
IP
104.17.214.204:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (539)
Size
556 B (556 bytes)
Hash
6667dd04afadce9d2296e4a877351f38
c2da0d5fa448bd2b212d6ed652877ad1582db01c
09ca62efe1f2bdb4b5c504da39f6d45e84f2e73046223a277adff48d4b8defc1

HTTP Headers

GET /8770284.js HTTP/1.1
Host: js-na1.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B6D8D7AEE3A5B8C404D8E4CA88C3E78AD0CC63AB8000000000000000000
cache-control: public, max-age=30
vary: Accept-Encoding
x-hubspot-correlation-id: 690accad-92ab-451d-8b3e-20a75ca2491f
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://zoidii.com
last-modified: Tue, 13 Sep 2022 12:07:55 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 74a38bbc48f0b523-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
40de8141ba27bcb1c11b6ce5f590cf4c
3579a85514edb6cae4acceb8d4a64b3d1c3b2b73
ed71fdd2b3fad2bf47259e7463e71b768f06b97bdb880a954c6ba5f88eba0879

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 01:47:59 GMT
Expires: Tue, 20 Sep 2022 01:47:58 GMT
Etag: "3579a85514edb6cae4acceb8d4a64b3d1c3b2b73"
Cache-Control: max-age=537845,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bc34b111c0a-OSL

t.comparesoft.com/prod/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb

34.249.120.72

200 OK

22 B

URL HTTP/2
t.comparesoft.com/prod/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb
IP
34.249.120.72:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
bcdb9df7b322b251d2948bb2b5b23561
526c9ca9949218b1705c3511c571a7bb8e7a1d4d
387fe73d9abe7e6c32a0eb6113efea98dea609edefe9c3b4c9788fcaaef1603b

HTTP Headers

POST /prod/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb HTTP/1.1
Host: t.comparesoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
Authorization: Basic null
Origin: https://zoidii.com
Content-Length: 132
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/json
content-length: 22
x-amzn-requestid: 26c855b0-6198-40f8-9001-2357b1fca0e7
access-control-allow-origin: https://zoidii.com
access-control-allow-headers: content-type,cookie,authorization
x-amz-apigw-id: YaikHH-WDoEFk8A=
vary: Origin
access-control-allow-methods: OPTIONS,GET,POST
x-amzn-trace-id: Root=1-6320e480-65c05ac31dd484670bd38ef4;Sampled=0
access-control-allow-credentials: true
X-Firefox-Spdy: h2

notify.bubble.is/

52.35.44.78

101 Switching Protocols

0 B

URL HTTP/1.1
notify.bubble.is/
IP
52.35.44.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: notify.bubble.is
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://zoidii.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Pv9XH4Liw1l7nYf7vPEmJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: KMCDITNJTkeoNZYnybXlnkyWHpI=

zoidii.com/bug/client_log

104.19.240.93

200 OK

8 B

URL HTTP/1.1
zoidii.com/bug/client_log
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
4b5a89da866343fceb1b700746e0242f
22b3b29145586b1c0cd145d264e76c5e29ffbb42
3000a60b8e7a15e3bd63bbc0519d6eb04c6b31d6493d8d1a10e36be6fcfebb7a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /bug/client_log HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100019234x483507465518214660
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 9563
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 20
x-bubble-perf: {"total":20.5,"percents":{"top":{"bubble_cpu":15.3,"block":76.2,"capacity_rl":0,"other_pause":0,"pre_fiber":2.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":39.5,"fiber_queue":17.6,"capacity_wait":20}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":469369,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.007 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bc34e50b505-OSL
Content-Encoding: br

zoidii.com/static/fonts/fontawesome-webfont.woff2

104.19.240.93

200 OK

77 kB

URL HTTP/1.1
zoidii.com/static/fonts/fontawesome-webfont.woff2
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zoidii.com/package/run_css/83905403bc6961835552218c519cbf2d8bfcb88cb39698b9100ce86921d48591/version6/live/blogpost/xfalse/xfalse/run.css
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/octet-stream
Content-Length: 77160
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
etag: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-bubble-perf: {"total":13,"percents":{"top":{"bubble_cpu":25,"block":70.1,"capacity_rl":0,"other_pause":0,"pre_fiber":3.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":46.5,"fiber_queue":6.4,"capacity_wait":16.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":485577,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.007 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74a38bc36e150afa-OSL

forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk=

104.16.87.5

200 OK

7.2 kB

URL HTTP/2
forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk=
IP
104.16.87.5:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (8435), with no line terminators
Size
7.2 kB (7223 bytes)
Hash
8156a20cde995d03807036e1fa3c8c04
1d5ea05abd54821e697ebb8c4907db0c0157f4f2
da62e808764a66205a708b84934385f27cebb80724b367dd4594458043e545b5

HTTP Headers

GET /embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/json;charset=utf-8
x-trace: 2BECD0BC8F0B20C9044D92669AFC68CB73FDDC7FB2000000000000000000
x-origin-hublet: na1
vary: Accept-Encoding
x-hubspot-correlation-id: ff814458-e24d-4ee5-b58c-37de43476a27
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: *
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bc469afb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608027720222x942664286886657900%2FFavicon%2520New.png?w=128&h=&auto=compress&dpr=1&fit=max

54.230.245.141

200 OK

4.8 kB

URL HTTP/2
d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608027720222x942664286886657900%2FFavicon%2520New.png?w=128&h=&auto=compress&dpr=1&fit=max
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
PNG image data, 128 x 126, 8-bit colormap, non-interlaced\012- data
Size
4.8 kB (4757 bytes)
Hash
bb397a4e326b00466af55262d112a804
b36b637753efa5f2aaca927f98b0e2d415bbe071
cb8cb309017f54d0442065ef184e91c99d1b01ef5d0f339b275c64eb52b30681

HTTP Headers

GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608027720222x942664286886657900%2FFavicon%2520New.png?w=128&h=&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 4757
last-modified: Tue, 13 Sep 2022 12:58:56 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 596da47ed622482e3dd6ba80016d47fbb465490c
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 15:52:00 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10048-SJC, cache-hhn4043-HHN
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w5M1a4qV5qBIDiQHGBW0VUZmy1NDI3sGtWtrW14LvioD9OebrKBLcA==
age: 26096
X-Firefox-Spdy: h2

d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1646827209302x289617586874104640%2FInnovatech-Winners-Logo-2022.png?w=192&h=171&auto=compress&dpr=1&fit=max

54.230.245.141

200 OK

10 kB

URL HTTP/2
d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1646827209302x289617586874104640%2FInnovatech-Winners-Logo-2022.png?w=192&h=171&auto=compress&dpr=1&fit=max
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
PNG image data, 192 x 171, 8-bit colormap, non-interlaced\012- data
Size
10 kB (10196 bytes)
Hash
f8d715399007ec37e45fa0edfbe6370f
e9eb8806d785514c00e157e08f3e03dcb1efaea0
19b4a5ea37c207b5ebc796cec865ae8e177686b76738039de616140567a33219

HTTP Headers

GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1646827209302x289617586874104640%2FInnovatech-Winners-Logo-2022.png?w=192&h=171&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 10196
last-modified: Tue, 13 Sep 2022 14:49:16 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 9834b995c75d200aa9e5c2ecc8d9ede5274ff0df
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 18:01:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10050-SJC, cache-fra19179-FRA
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ttjb4zkqK04VzDiIBqvKQosssA40voJuwnTBKMSbSa9IB2eTdFesDA==
age: 19475
X-Firefox-Spdy: h2

d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608062690671x915427267022548100%2FFavicon%2520New.png?w=192&h=&auto=compress&dpr=1&fit=max

54.230.245.141

200 OK

6.3 kB

URL HTTP/2
d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608062690671x915427267022548100%2FFavicon%2520New.png?w=192&h=&auto=compress&dpr=1&fit=max
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
PNG image data, 192 x 190, 8-bit colormap, non-interlaced\012- data
Size
6.3 kB (6280 bytes)
Hash
ec210a0e28073fed1cea68c2cab179c6
9123e4aca9bc7383b055adb0ac8b3a5d8bd3ec30
d2ba8899fa172cffabd259ccae56ab2d6cdedcd5b2599d6fe3e2cc38407f46f9

HTTP Headers

GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608062690671x915427267022548100%2FFavicon%2520New.png?w=192&h=&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
content-length: 6280
last-modified: Tue, 13 Sep 2022 19:31:29 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: f81db429f047707ce55bb5f2d1292a07f3f1527e
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:53 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10027-SJC, cache-hhn4061-HHN
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gozc6_zvsuIfl9E_X8JDhWSjGqQLPjL2K5OCCsSHxgBWjjAB6VM_TA==
age: 2543
X-Firefox-Spdy: h2

zoidii.com/user/hi

104.19.240.93

200 OK

61 B

URL HTTP/1.1
zoidii.com/user/hi
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
66c9bc5ddc057d4a101e44e6be4705a9
8d1a8f20539972c682e23bce2e365fdd3469b961
3b4d5be4e4f14c8701835d41f1843738051a6d5a32b4045beea609626a36c310

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /user/hi HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100019738x925818602759415700
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 2
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
set-cookie: version6_u1main=1663100030884x409874015639473540; path=/; domain=zoidii.com; secure
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 11
x-bubble-perf: {"total":10.8,"percents":{"top":{"bubble_cpu":30.5,"block":62.4,"capacity_rl":0,"other_pause":0,"pre_fiber":7.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":27.1,"appserver_cache_misses_time":0,"redis":60.8,"fiber_queue":5.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":492917,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.008 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bc66c81b505-OSL
Content-Encoding: br

js.hs-analytics.net/analytics/1663099800000/8770284.js

104.17.71.176

200 OK

20 kB

URL HTTP/2
js.hs-analytics.net/analytics/1663099800000/8770284.js
IP
104.17.71.176:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (63804)
Size
20 kB (20078 bytes)
Hash
da6627b435eac7dd382ba1a81d785d6a
68cbc9eca47df209081e92dc686a8270ac03a591
890fbd482ebb7de78e1ba078851b473269b10719f731136560a5940e0ca80a1a

HTTP Headers

GET /analytics/1663099800000/8770284.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:53 GMT
content-type: text/javascript
x-amz-id-2: pQ5/wF+VPymb5aBbXTn4gmB+ujIj7nDLEa6sL9lJ2pW5o3aBG+AaeCB0Cg1jHKRX7C5ylfgO7AA6cKxCmQkHBA==
x-amz-request-id: 5EQ67PAFMP2FMD15
last-modified: Wed, 31 Aug 2022 12:48:35 GMT
etag: W/"3c4f6d11a1ad21450e18ba608e52e858"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
expires: Tue, 13 Sep 2022 20:18:53 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a38bc5e898b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2

api.hubspot.com/livechat-public/v1/message/public?portalId=8770284&conversations-embed=static-1.10632&mobile=false&messagesUtk=e29c92ef59a6494489940ef8b44c4e2a&traceId=e29c92ef59a6494489940ef8b44c4e2a

104.19.155.83

200 OK

225 B

URL HTTP/2
api.hubspot.com/livechat-public/v1/message/public?portalId=8770284&conversations-embed=static-1.10632&mobile=false&messagesUtk=e29c92ef59a6494489940ef8b44c4e2a&traceId=e29c92ef59a6494489940ef8b44c4e2a
IP
104.19.155.83:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
225 B (225 bytes)
Hash
1420665dac9028dcb52d9f64e2bba064
08523555abbff46b538e11244389f11be3366cac
e6bd2908c1acf2666b575e85c658ab2864f7f37f1d790fce37b815482ac633fe

HTTP Headers

GET /livechat-public/v1/message/public?portalId=8770284&conversations-embed=static-1.10632&mobile=false&messagesUtk=e29c92ef59a6494489940ef8b44c4e2a&traceId=e29c92ef59a6494489940ef8b44c4e2a HTTP/1.1
Host: api.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
X-HubSpot-Messages-Uri: https://zoidii.com/blogpost/maintenance-leadership
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:53 GMT
content-type: application/json;charset=utf-8
content-length: 225
cf-ray: 74a38bc83ebbb517-OSL
access-control-allow-origin: https://zoidii.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-hubspot-correlation-id: e7ddeedf-29be-44f8-8d47-b0d43ab0a232
x-trace: 2B2991DE51AFE09115FF7F49D70DA725F67160B405000000000000000000
set-cookie: __cf_bm=XfNydChQ1NdJzFuw.WmVPR4nqBQo.n1Np_KT7Mo4Byg-1663100033-0-Ad/oxa2IqY0vQS73fC4UE7/nvU0coun0tHNxUn4rXFypRDIY30woUyXh15EYFMtn5gdTiPTMu1HJbFv5TNKxgeI=; path=/; expires=Tue, 13-Sep-22 20:43:53 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfSyYZPI0WePjtGup%2FC2Oj0HFJHMkZTsXPPcTYnFv0IyzxSC1DM90znTe7NwNB3F%2BaM%2FhfoJg0%2Fp7ycLugnUCAUI%2BjGugnWvvzZCyxWbdckWTSYxDuPyVKOM8ndqM%2BpqmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zoidii.com/elasticsearch/msearch

104.19.240.93

200 OK

4.5 kB

URL HTTP/1.1
zoidii.com/elasticsearch/msearch
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (12562), with no line terminators
Size
4.5 kB (4457 bytes)
Hash
d9113c5f62bab79b9717e87dd1b57342
4e7bbc2fbfa83f5e8b7ff9c00f2edc240a531486
c8d4d2613e839ad8773b8c192cd5e415dcef0216dea4eb1a3f6eddf2b366db6e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /elasticsearch/msearch HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100019951x998234873750258000
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 838
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 30
x-bubble-perf: {"total":30.4,"percents":{"top":{"bubble_cpu":22.5,"block":74.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.9},"sub":{"pp_userdb":13.1,"pp_wait_userdb":0,"http_request":0,"serverjson":29.1,"appserver_cache_misses_time":0,"redis":50.6,"fiber_queue":12.8,"capacity_wait":7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":2,"userdb_data":24700,"spent_time":3025984,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.047 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bc7feedb505-OSL
Content-Encoding: br

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 18:41:12 GMT
expires: Tue, 13 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 5561
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
78f8bae58862d8be3437cfe9e927011d
fb01a9cfd346f2c9b7694276c72a76e213887b06
389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/conversion_async.js

142.250.74.164

200 OK

16 kB

URL HTTP/2
www.google.com/pagead/conversion_async.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1623)
Size
16 kB (15687 bytes)
Hash
4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a

HTTP Headers

GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Sep 2022 20:13:53 GMT
expires: Tue, 13 Sep 2022 20:13:53 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b743089bdff5635e2f7c38d20c1910f6
f1874493bc88c2d9ba4a95a43e810da1cb452abd
3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 18:53:39 GMT
expires: Tue, 12 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 91214
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-SMYZWM2YCC&gtm=2oe9c0&_p=203516083&cid=1766233665.1663100020&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663100020&sct=1&seg=0&dl=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&dt=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-SMYZWM2YCC&gtm=2oe9c0&_p=203516083&cid=1766233665.1663100020&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663100020&sct=1&seg=0&dl=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&dt=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-SMYZWM2YCC&gtm=2oe9c0&_p=203516083&cid=1766233665.1663100020&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663100020&sct=1&seg=0&dl=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&dt=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://zoidii.com
date: Tue, 13 Sep 2022 20:13:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

zoidii.com/elasticsearch/mget

104.19.240.93

200 OK

583 B

URL HTTP/1.1
zoidii.com/elasticsearch/mget
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (1287), with no line terminators
Size
583 B (583 bytes)
Hash
23a1adeb29f06bd986ccfd803cab8872
511275a2602a324e7cc2a4f4c74345ec0b66e4ba
0ee6e6a3b932c69728417f26c036987b11d89d7e31f7240757815bd24b3aed33

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /elasticsearch/mget HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100020453x616449793463028700
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 30
x-bubble-perf: {"total":29.7,"percents":{"top":{"bubble_cpu":22.6,"block":74.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":20.2,"pp_wait_userdb":0,"http_request":0,"serverjson":9,"appserver_cache_misses_time":0,"redis":43.6,"fiber_queue":11.3,"capacity_wait":4.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":1,"userdb_data":1353,"spent_time":2008760,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.031 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcaec3ab505-OSL
Content-Encoding: br

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6d4f4e95f7fa5c73ba923617c60d4814
dac6cb0c3374b442fe396190844d44cbaf4644e0
2d43e8f3eaf6ef9a9c0815187c2266c99a6e46fbfe67b0318e8c559f74260fef

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:53 GMT
Last-Modified: Tue, 13 Sep 2022 18:57:31 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k5uKTboPCOOC33XWvw90OdH4Y1vCIzd1hmBeRrBEdsYjpuJxqfYXUQ==
Age: 4582

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6d4f4e95f7fa5c73ba923617c60d4814
dac6cb0c3374b442fe396190844d44cbaf4644e0
2d43e8f3eaf6ef9a9c0815187c2266c99a6e46fbfe67b0318e8c559f74260fef

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:53 GMT
Last-Modified: Tue, 13 Sep 2022 19:39:55 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iUpGPPj_QTm0DzA_VwFKuuSHweHz8yZR8mTof9JTHWXLL20nP0ZS0A==
Age: 2038

zoidii.com/elasticsearch/msearch

104.19.240.93

200 OK

11 kB

URL HTTP/1.1
zoidii.com/elasticsearch/msearch
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (36592), with no line terminators
Size
11 kB (11169 bytes)
Hash
ee3f978e2dd89c73f952c83dff69fa3b
c442ee47541fdeb83a39a14d143c0485ed0c9347
1b39d33c3474f2cc3ebe3badb51d213ffb65a574bd1d4d0bd32e732d58491916

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /elasticsearch/msearch HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100020494x326546074830429800
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 922
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 34
x-bubble-perf: {"total":33.9,"percents":{"top":{"bubble_cpu":19.7,"block":75.9,"capacity_rl":0,"other_pause":0,"pre_fiber":1.6},"sub":{"pp_userdb":23.6,"pp_wait_userdb":0,"http_request":0,"serverjson":21.5,"appserver_cache_misses_time":0,"redis":32.8,"fiber_queue":11.2,"capacity_wait":11.6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":6,"userdb_data":72332,"spent_time":4002138,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.062 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcb2fa40afa-OSL
Content-Encoding: br

zoidii.com/elasticsearch/bulk_watch

104.19.240.93

200 OK

71 B

URL HTTP/1.1
zoidii.com/elasticsearch/bulk_watch
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
71 B (71 bytes)
Hash
0d450f32b3ed42fe05ef8365499ceea1
01d404169d7018f6406817973ffb84854376812d
9f62029fc19a2bfccb3b60189cb34b454eb0c7acecac486212ca9000ab929a2e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /elasticsearch/bulk_watch HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100020516x574133838417246400
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 754
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 50
x-bubble-perf: {"total":50.2,"percents":{"top":{"bubble_cpu":16.4,"block":82.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":17.6,"appserver_cache_misses_time":0,"redis":50.8,"fiber_queue":19.1,"capacity_wait":6.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1237970,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.019 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcb488ab4f9-OSL
Content-Encoding: br

zoidii.com/user/apm

104.19.240.93

200 OK

8 B

URL HTTP/1.1
zoidii.com/user/apm
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
4b5a89da866343fceb1b700746e0242f
22b3b29145586b1c0cd145d264e76c5e29ffbb42
3000a60b8e7a15e3bd63bbc0519d6eb04c6b31d6493d8d1a10e36be6fcfebb7a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /user/apm HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100020852x464166507028596100
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 18384
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 24
x-bubble-perf: {"total":24.4,"percents":{"top":{"bubble_cpu":28.5,"block":67.9,"capacity_rl":0,"other_pause":0,"pre_fiber":3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":46.5,"fiber_queue":17.3,"capacity_wait":4.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1042763,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.016 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcd6ab90afa-OSL
Content-Encoding: br

zoidii.com/user/m

104.19.240.93

200 OK

8 B

URL HTTP/1.1
zoidii.com/user/m
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
4b5a89da866343fceb1b700746e0242f
22b3b29145586b1c0cd145d264e76c5e29ffbb42
3000a60b8e7a15e3bd63bbc0519d6eb04c6b31d6493d8d1a10e36be6fcfebb7a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /user/m HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100020845x580169466339592800
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 534
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 67
x-bubble-perf: {"total":67.1,"percents":{"top":{"bubble_cpu":6.6,"block":87.8,"capacity_rl":0,"other_pause":0,"pre_fiber":5.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":45.2,"fiber_queue":36.4,"capacity_wait":8.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":666555,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.01 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcd593fb505-OSL
Content-Encoding: br

s3.amazonaws.com/appforest_uf/f1631613667340x105836428588560690/richtext_content.png

52.217.87.190

200 OK

208 kB

URL HTTP/1.1
s3.amazonaws.com/appforest_uf/f1631613667340x105836428588560690/richtext_content.png
IP
52.217.87.190:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1920 x 974, 8-bit/color RGB, non-interlaced\012- data
Size
208 kB (208458 bytes)
Hash
1e588ef4a363e488e3b375455303109b
4b66e406ddfc89976171758e26680c1b518c34c1
7d07d443785c2186b14db01d54a9d152c1347933c7b57a06dea46e1f58bbc499

HTTP Headers

GET /appforest_uf/f1631613667340x105836428588560690/richtext_content.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: nX2MNcdzEv+UZrg7M3zlGdOHy40Z2zEDvJwNM7vKxxX9bjyPF19zZy+Qn7GinrE9jr+iplBrCAo=
x-amz-request-id: TMSCY83T8MVKSY70
Date: Tue, 13 Sep 2022 20:13:55 GMT
Last-Modified: Tue, 14 Sep 2021 10:01:08 GMT
ETag: "1e588ef4a363e488e3b375455303109b"
x-amz-meta-appname: version6
Cache-Control: public,max-age=86400
x-amz-meta-app-version: live
x-amz-version-id: r.ODFqxhvlkzvzXNHCVZz2hOv7nR.nK1
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 208458

zoidii.com/elasticsearch/bulk_watch

104.19.240.93

200 OK

71 B

URL HTTP/1.1
zoidii.com/elasticsearch/bulk_watch
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
71 B (71 bytes)
Hash
1584f272e773362fdfafbb3ec5322c78
2dcc7141102da590b48481f685a1079ee13cf2c2
09497109a956cf842a41cb5abc9b0def8d27d4143330f85fee9248d331b23fd9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /elasticsearch/bulk_watch HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100020962x311726620164056500
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 774
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 43
x-bubble-perf: {"total":43.4,"percents":{"top":{"bubble_cpu":16,"block":83.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":15.9,"appserver_cache_misses_time":0,"redis":54.2,"fiber_queue":9.6,"capacity_wait":11.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1039246,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.016 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bce1db5b4f9-OSL
Content-Encoding: br

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-182951249-1&cid=1766233665.1663100020&jid=343096972&gjid=1630131054&_gid=30743660.1663100020&_u=YADAAUAAAAAAAC~&z=101097902

142.251.1.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-182951249-1&cid=1766233665.1663100020&jid=343096972&gjid=1630131054&_gid=30743660.1663100020&_u=YADAAUAAAAAAAC~&z=101097902
IP
142.251.1.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-182951249-1&cid=1766233665.1663100020&jid=343096972&gjid=1630131054&_gid=30743660.1663100020&_u=YADAAUAAAAAAAC~&z=101097902 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://zoidii.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Sep 2022 20:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-conversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0

142.250.74.3

200 OK

63 B

URL HTTP/2
www.google.no/pagead/1p-conversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26

HTTP Headers

GET /pagead/1p-conversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 20:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
89dc4294d8e50675a5cb111e84d38452
993b0be337e43de62b8a33bef20c972881c8a646
27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&fmt=3&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1

142.250.74.34

200 OK

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&fmt=3&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&fmt=3&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 20:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Sep-2022 20:28:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a44521d3957cdba57b0fc21915252110
e04f70e8f3271d219d22be1a0c54f7a047abdd55
aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1630664052198x286123631823571360%2Fstandard%2520operating%2520procedure.png?w=512&h=282&auto=compress&dpr=1&fit=max

54.230.245.141

200 OK

13 kB

URL HTTP/2
d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1630664052198x286123631823571360%2Fstandard%2520operating%2520procedure.png?w=512&h=282&auto=compress&dpr=1&fit=max
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 422x282, components 3\012- data
Size
13 kB (13057 bytes)
Hash
0fa15090a496c8dfc19569399f09d48c
5b8e26289e216123c357f8e90db5616133575cd8
1f3f1c56f8499f713b87aaf91e69521476327e73b8ec7942c21a28caf2480807

HTTP Headers

GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1630664052198x286123631823571360%2Fstandard%2520operating%2520procedure.png?w=512&h=282&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 13057
last-modified: Tue, 13 Sep 2022 06:02:14 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 65ac13999949119b7cdb19e6e225a2beee08c627
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:54 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10080-SJC, cache-fra19162-FRA
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HqXRkdOBI0bkpRzj8W6koXtTliEpAoG2UEAYvvqoq-M1ti9O2BEtxw==
age: 51100
X-Firefox-Spdy: h2

s3.amazonaws.com/appforest_uf/f1631614300509x828472587309110500/richtext_content.png

52.217.87.190

200 OK

1.4 MB

URL HTTP/1.1
s3.amazonaws.com/appforest_uf/f1631614300509x828472587309110500/richtext_content.png
IP
52.217.87.190:0
ASN
#16509 AMAZON-02

File type
PNG image data, 1000 x 688, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 MB (1352173 bytes)
Hash
89f7ff4a8c9982f9abc948987892139e
700d815753c237db45bc37a38f16547af46fcb16
ac34cc6ce0b8f69a2a0f7407dd200a5aacc07aaccd684e8ba99dd53dbc8b36de

HTTP Headers

GET /appforest_uf/f1631614300509x828472587309110500/richtext_content.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: xW/Vwt+ZxCWxDvSpPwjdJO5h3mPaMm5y8fFb87qf0JWrvRmUB9kmfi79jDCvYDKrZsA8h3Vw5/4=
x-amz-request-id: TMS8YR3RBXEWS8EZ
Date: Tue, 13 Sep 2022 20:13:55 GMT
Last-Modified: Tue, 14 Sep 2021 10:11:42 GMT
ETag: "89f7ff4a8c9982f9abc948987892139e"
x-amz-meta-appname: version6
Cache-Control: public,max-age=86400
x-amz-meta-app-version: live
x-amz-version-id: .Xghypa7IkuqWsUr1JKSkAh1eK2LPsJt
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1352173

d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1616604713500x647382999250518640%2FJeff_on_Stool%25202.png?w=64&h=&auto=compress&dpr=1&fit=max

54.230.245.141

200 OK

1.1 kB

URL HTTP/2
d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1616604713500x647382999250518640%2FJeff_on_Stool%25202.png?w=64&h=&auto=compress&dpr=1&fit=max
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 64x64, components 3\012- data
Size
1.1 kB (1147 bytes)
Hash
2bd18d8de4772683dd54782a40b0cf5f
1397d427182be79c487d293968c1a09088a1d05e
6d40b29ea6365c5aa813938802e8d689cd11e83d392a9526099239de4314fac5

HTTP Headers

GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1616604713500x647382999250518640%2FJeff_on_Stool%25202.png?w=64&h=&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 1147
last-modified: Tue, 13 Sep 2022 20:13:54 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 2e92a5c4b26e8efe8615d5191ec78efab2d49a9e
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:54 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10058-SJC, cache-hhn4020-HHN
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _sgme9bcOambftCMU_du4nZ2kgc1zgc_uvOFIskt-6NMBRFUUJuSmQ==
age: 0
X-Firefox-Spdy: h2

d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1642774927424x269603925889663420%2FCMMS%2520Software%2520Business%2520Case.jpg?w=512&h=282&auto=compress&dpr=1&fit=max

54.230.245.141

200 OK

18 kB

URL HTTP/2
d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1642774927424x269603925889663420%2FCMMS%2520Software%2520Business%2520Case.jpg?w=512&h=282&auto=compress&dpr=1&fit=max
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 422x282, components 3\012- data
Size
18 kB (18080 bytes)
Hash
49a578af2b3d9cceb70190ffd1d194d7
487959a9448dee88f9013f214d71f61f82a5b0c7
59dcc550796fc6ee41d929e031bcc8efae8e19ec6941bafa82c1880b30f20b19

HTTP Headers

GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1642774927424x269603925889663420%2FCMMS%2520Software%2520Business%2520Case.jpg?w=512&h=282&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 18080
last-modified: Tue, 13 Sep 2022 20:13:55 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: d2493ed34b175012baafae07a4123fa8ba00037b
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-hhn4029-HHN
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iYbRDpAt162maWSJSOpdpoBtdvzEXtWbbxAgZ09q6OILxyil1Vesig==
age: 0
X-Firefox-Spdy: h2

d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1644853301286x573129070570085760%2Fcytonn-photography-n95VMLxqM2I-unsplash.jpg?w=512&h=282&auto=compress&dpr=1&fit=max

54.230.245.141

200 OK

14 kB

URL HTTP/2
d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1644853301286x573129070570085760%2Fcytonn-photography-n95VMLxqM2I-unsplash.jpg?w=512&h=282&auto=compress&dpr=1&fit=max
IP
54.230.245.141:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 422x282, components 3\012- data
Size
14 kB (13781 bytes)
Hash
55b8d5fc707416d0a00f32427e1a1cd1
5836438efd01fbc1f320ec36871d4e4b8df55f7f
20b578c151a701e53b996c1f427d3867d789054d1fbf4d63f02f0ab931031f61

HTTP Headers

GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1644853301286x573129070570085760%2Fcytonn-photography-n95VMLxqM2I-unsplash.jpg?w=512&h=282&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 13781
last-modified: Tue, 13 Sep 2022 20:13:56 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 80778080679e7dd0d8cd84222c054bf1ba2e5ee9
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:56 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10026-SJC, cache-hhn4024-HHN
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XeJ8p_LyvCrn1bK9kSxLk3CBvMUePSHjsqBzLP2z7ESfp5PgTVnUWg==
age: 0
X-Firefox-Spdy: h2

zoidii.com/frg

104.19.240.93

200 OK

8 B

URL HTTP/1.1
zoidii.com/frg
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
74db34246981a148adc44193d895bf70
97e73919a730cee3e26610367856401a2febe0b6
f5bf681c38cc8a068b5cae7b7e4795b0f2d93134d363860b7210030f0f0eac82

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /frg HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100023848x298881689292389900
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 75
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:57 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 19
x-bubble-perf: {"total":19.4,"percents":{"top":{"bubble_cpu":19.2,"block":78.4,"capacity_rl":0,"other_pause":0,"pre_fiber":3.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":36.3,"fiber_queue":17.4,"capacity_wait":26.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":557427,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.009 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38be01c78b505-OSL
Content-Encoding: br

zoidii.com/frg

104.19.240.93

200 OK

8 B

URL HTTP/1.1
zoidii.com/frg
IP
104.19.240.93:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
4b5a89da866343fceb1b700746e0242f
22b3b29145586b1c0cd145d264e76c5e29ffbb42
3000a60b8e7a15e3bd63bbc0519d6eb04c6b31d6493d8d1a10e36be6fcfebb7a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /frg HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100024155x325046520728608960
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 106260
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:58 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 518
x-bubble-perf: {"total":518.3,"percents":{"top":{"bubble_cpu":1.3,"block":95.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0.5,"appserver_cache_misses_time":0,"redis":1.9,"fiber_queue":0.7,"capacity_wait":0.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1041417,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.016 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38be20f8ab505-OSL
Content-Encoding: br

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8485 bytes)
Hash
e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:43 GMT
age: 80175
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

js.usemessages.com/conversations-embed.js

104.17.239.204

200 OK

0 B

URL HTTP/2
js.usemessages.com/conversations-embed.js
IP
104.17.239.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /conversations-embed.js HTTP/1.1
Host: js.usemessages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Aug 2022 02:10:32 UTC
etag: W/"be054c0d1ce8e9f928e051e15475d755"
x-amz-server-side-encryption: AES256
x-amz-version-id: 3C1npQH0ys7YIJipkKSW0mB3OJD1A1US
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: CCaIeFlcY3FKQHuvMW_xkmPK_IXi4cIu8ufdKJtOzoD_KwKhhipDpQ==
age: 189
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10632/bundles/project.js&cfRay=745bcef5de010afe-IAD
x-hs-target-asset: conversations-embed/static-1.10632/bundles/project.js
x-hs-cache-status: EXPIRED
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 74a38bc239d20b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.hscollectedforms.net/collectedforms.js

104.17.128.171

200 OK

0 B

URL HTTP/2
js.hscollectedforms.net/collectedforms.js
IP
104.17.128.171:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /collectedforms.js HTTP/1.1
Host: js.hscollectedforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
etag: W/"7a468b833be86c01bc8dfd455308f792"
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: _HBxZntXTe7cWTk6-LMi49Ddc-Fg73bG1JSwdR8qnewHJ8pwecU_lw==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74a0c3ee78c598fa-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 74a38bc22ff00b02-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.hs-banner.com/8770284.js

172.64.154.85

200 OK

0 B

URL HTTP/2
js.hs-banner.com/8770284.js
IP
172.64.154.85:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /8770284.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: vVN+7Qki0Uy5f5RE1VVE52keiLtSlDyzE/stVHwESkbJxOiLJ9X73YYDs14IvQgdVTA/PDdzRX0=
x-amz-request-id: P2TKWRP30YXK4XDR
last-modified: Tue, 30 Aug 2022 22:11:10 GMT
etag: W/"24f84b24c9b8212968fb14d351fcacd6"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: bdwTQiAiUNAwMeAAR_pGtlJrMBIlRbiL
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:18:52 GMT
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a38bc23ad50b39-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.hsforms.net/forms/shell.js

104.17.183.73

200 OK

0 B

URL HTTP/2
js.hsforms.net/forms/shell.js
IP
104.17.183.73:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /forms/shell.js HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Sep 2022 01:58:44 UTC
etag: W/"f889349e82887a8dc0de8f5ff4475404"
x-amz-server-side-encryption: AES256
x-amz-version-id: n0sO2MPByZbH.n7MGFzmNFa5l5r50miz
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: sL1nBTAQjlIYGcM80C1vCPVeViHXhutLqgewISdDYFr7wGuivH0u-w==
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.530/bundles/project_with_deps.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 432
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p487dg0lixWFTAETHJ9VBN8lM44lGTCigMfd2txgRBstG0un7OVFwyMrEsFeHlhtkamCQmBzNq%2BMo83bu6KVucBztNIoOSORlI6drqyZjlvLBOIL0hTtOEuqKPPy2gwa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bbc58a20b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

js.hs-scripts.com/8770284.js

104.17.212.204

200 OK

0 B

URL HTTP/2
js.hs-scripts.com/8770284.js
IP
104.17.212.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /8770284.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B4DFE4AC9B151934CD5E4723D15749916828D9F2E000000000000000000
cache-control: public, max-age=60
vary: Accept-Encoding
x-hubspot-correlation-id: ddd7b4c7-71ae-410d-b0b9-c2903c298024
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://zoidii.com
last-modified: Tue, 13 Sep 2022 18:01:18 GMT
cf-cache-status: EXPIRED
expires: Tue, 13 Sep 2022 20:14:51 GMT
server: cloudflare
cf-ray: 74a38bbc4d87b521-OSL
content-encoding: br
X-Firefox-Spdy: h2

forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk=

104.16.87.5

200 OK

0 B

URL HTTP/2
forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk=
IP
104.16.87.5:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/json;charset=utf-8
x-trace: 2BFEE73825BF369CD82438C623CF19BB0A6A26CEA6000000000000000000
x-origin-hublet: na1
vary: Accept-Encoding
x-hubspot-correlation-id: 20928e0f-dc16-4ead-b6af-59e4fd7b0402
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: *
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bc2cf45b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Barlow:500%7CInter:600%7CLato:regular%7COpen+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700%7COpen+Sans:italic%7COpen+Sans:regular%7CTelex:regular

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Barlow:500%7CInter:600%7CLato:regular%7COpen+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700%7COpen+Sans:italic%7COpen+Sans:regular%7CTelex:regular
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Barlow:500%7CInter:600%7CLato:regular%7COpen+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700%7COpen+Sans:italic%7COpen+Sans:regular%7CTelex:regular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 20:13:51 GMT
date: Tue, 13 Sep 2022 20:13:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

forms.hubspot.com/collected-forms/v1/config/json?portalId=8770284&utk=f90a475cd6af5e1825fc0e8daa688bac

104.19.155.83

200 OK

0 B

URL HTTP/2
forms.hubspot.com/collected-forms/v1/config/json?portalId=8770284&utk=f90a475cd6af5e1825fc0e8daa688bac
IP
104.19.155.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /collected-forms/v1/config/json?portalId=8770284&utk=f90a475cd6af5e1825fc0e8daa688bac HTTP/1.1
Host: forms.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:53 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-hubspot-correlation-id: 50f03e69-002d-42a4-92b5-5800213d5326
access-control-allow-credentials: false
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=e5t_XtFcsaLOaDnOXS9BWnkc8zKh.A5ttlOmca6aJc8-1663100033-0-AVTpxQpcfe3yVmC2b9ET/ncucXNRoUMnWWCi9v1Wc0taHXiNdgNxYhEL2f9OSfcJttYUQeBmQpvE96nK/PY2mbg=; path=/; expires=Tue, 13-Sep-22 20:43:53 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HVCbj4l%2Bh%2Fl1tEO9AqfxeR7kI0Cmqm2kNdQ2oC57WsUOPbNEAnYFVIB2ihOlsKCRywI8NBSSUiRdfZ0IXUPTHWN%2BX0rZo2k%2Ff2vMTIeG%2FGWE8ZxJsCiBTFNhi9LIPHr6HQc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bc84ed3b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (52)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations