| t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a | 104.18.20.51 | 301 Moved Permanently | 0 B |
URL HTTP/1.1t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a IP104.18.20.51:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a HTTP/1.1
Host: t.sidekickopen08.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 20:13:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 21:13:50 GMT
Location: https://t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a38bb56ffc0af6-OSL
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashb593eb39329cfe060d55be5e4a5405e2 78e46c1028e9f94f8569303ad2d90d7df13a059a 08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 20:08:53 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Vhetn1zteMSZZsCF-imiF-Hc2M9FD85XQnd2wDmTj_LfZyiluo3MkQ==
Age: 297
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashbe88d3e043e3b95b52e41812e50fb634 0318ba1ce487817ea7cba61dd9413bed29213800 b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8065
Expires: Tue, 13 Sep 2022 22:28:15 GMT
Date: Tue, 13 Sep 2022 20:13:50 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VVMCgO5qIapLuGqMB3CbwxooYFXgDpzVBpQC0xrOkEmzps3TdMDJ9Q==
age: 56316
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 20:13:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 20:03:22 GMT
Expires: Tue, 13 Sep 2022 20:52:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KGStYXA--MCdg1Dbi6-UJIN9hz2cJXO5qAhDF1q1MRvoXp5apcYP7Q==
Age: 629
|
|
| t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a | 104.18.20.51 | 307 Temporary Redirect | 5.1 kB |
URL HTTP/2t.sidekickopen08.com/s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a IP104.18.20.51:0
Hash5952e398569e8eb79db3a44fc6965361 2ca62a0a2eec063938afda6c683ab4dce5826962 ace90ef10d4ad8f9a2dc0a9af981f2c3b844d0a4959635931565430e505788d5
GET /s3t/c/5/f18dQhb0S7kF8bWDtPW27wT4959hl3kW7_k2841CX6NGN36PYCpsMSD3W2RpvRt194k97f197v5Y04?te=W3R5hFj4cm2zwW4tB1m63S_7NtW43T4NR3ZZn7gW43WJGN3_R594W4fGC1m41QtfmW3ZVbTj3K8R4C39TX2&si=8000000023602175&pi=3ed2a377adcc697aec32a55360ef616a HTTP/1.1
Host: t.sidekickopen08.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Tue, 13 Sep 2022 20:13:50 GMT
location: https://zoidii.com/blogpost/maintenance-leadership
set-cookie: _hetc=cc4d93fd-cc33-4e6b-9123-415cfdf7c464|1663100030648|ACOD57cwLQIUSgnqP30Gca0/Yi/BpUqcPHBf/UICFQCXIRrisJKQPkBUiNpCpaSpVTvqBQ==;Version=1;Comment=;Domain=t.sidekickopen08.com;Path=/;Max-Age=31536000
x-robots-tag: none
link: <https://zoidii.com/blogpost/maintenance-leadership>; rel="canonical"
referrer-policy: no-referrer
x-hubspot-correlation-id: ee1e4aad-3727-4283-8c81-8e317e115b18
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74a38bb70a18b529-OSL
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe96dbe1b54932c8f447bbbfc9d31cfb0 b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd 427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Last-Modified: Tue, 13 Sep 2022 18:28:13 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
|
|
| zoidii.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js | 104.19.240.93 | 200 OK | 8.9 kB |
URL HTTP/1.1zoidii.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js IP104.19.240.93:0
File typeUnicode text, UTF-8 text, with very long lines (1366) Hashdf64263bf2f18cb0cd1d0c3fac763335 fa45547b1031668d8a1951a7e2c6270d7e405986 48b73cc17c235d8812e8d93389c06a3a031840001931d7c94e3950ca444d6204
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":15,"percents":{"top":{"bubble_cpu":24.1,"block":64.9,"capacity_rl":0,"other_pause":0,"pre_fiber":6.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":34.9,"fiber_queue":25.3,"capacity_wait":6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":542891,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.008 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: HIT
Server: cloudflare
CF-RAY: 74a38bbbab3a0afa-OSL
Content-Encoding: br
|
|
| cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css | 104.17.24.14 | 200 OK | 2.7 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.css IP104.17.24.14:0
File typeASCII text, with very long lines (6454), with CR line terminators Hashdd0c975ac6cf18356e3a64a9e09c5d66 fb70cfe7308a9e4c162d7cbdb01ba7ceff8137ea 8524ee13d851584493788f99f936112522ed17b1829e2a3409715899c8831a06
GET /ajax/libs/toastr.js/latest/toastr.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: text/css; charset=utf-8
content-length: 2672
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffe-1a55"
last-modified: Mon, 04 May 2020 16:17:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1811478
expires: Sun, 03 Sep 2023 20:13:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMS1ashu86VDyMV6wWhpXhv%2F74ALZ8iZ%2BVQ7ymrXUf1iGG0Us%2FxmioUTSl6vHRnpdfS9Imk422g8CvvRG%2FrhFXufBxnmNRFhYbbq1fT22nIpD4GYO%2BrBTNjQQLqHUuhKtJiDLpDl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a38bbc0dabb4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js | 104.17.24.14 | 200 OK | 1.9 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (5215) Hashb3cd1197cd16cf84e2e4313f2ba15142 5b83415c62121e0967d874ad7b12b93e059cee18 ed2fb5b46a4b7e540ddbe08f457d1c2bce74880a8a4298c8b2799039c3297328
GET /ajax/libs/toastr.js/latest/toastr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1885
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffe-15a1"
last-modified: Mon, 04 May 2020 16:17:02 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 829480
expires: Sun, 03 Sep 2023 20:13:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eWh2SEXednTjUVNv5TCnURXOt8mU0WSiZhuLJNnxEYExG25RzKneWeOxN0ilYYqF8BJKLbdiKg8yLBbh4AIbEy6gaQ2SiesJnE6jorfFRgLo0jbAeCEhoYuNhuG3oXJ888y0U3w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a38bbc1dc4b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dd7tel2830j4w.cloudfront.net/f1502334450110x444047561846673500/console.js | 143.204.42.22 | 200 OK | 58 B |
URL HTTP/2dd7tel2830j4w.cloudfront.net/f1502334450110x444047561846673500/console.js IP143.204.42.22:0
File typeASCII text, with no line terminators Hash505ff652b36a924730920ab9aa860fd5 834dbe59097d768a3dc497955460ab2a7b1ac20f f766dc61996165593e50c1fdb4f8e567c5a745833bc232ba38066ca86ea33570
GET /f1502334450110x444047561846673500/console.js HTTP/1.1
Host: dd7tel2830j4w.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 58
date: Fri, 09 Sep 2022 00:16:29 GMT
last-modified: Thu, 10 Aug 2017 03:07:31 GMT
etag: "505ff652b36a924730920ab9aa860fd5"
x-amz-meta-appname: meta
cache-control: public,max-age=290304000
x-amz-meta-app-version: live
x-amz-version-id: MDq4HJ2bEsP3aUOY7JUBeCXqQqhyy68Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pT2C1Yl52LDrTwYOm1BipR8KkdVLmfLdab1aSr86I8GLuQ0eqsPLJA==
age: 417443
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc79a6d9219e52788c0288a4288601f0b a55c74c35279d08872bb4b0805d3f8ff684bc322 345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc79a6d9219e52788c0288a4288601f0b a55c74c35279d08872bb4b0805d3f8ff684bc322 345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.bundle.min.js | 151.101.85.229 | 200 OK | 70 kB |
URL HTTP/2cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.bundle.min.js IP151.101.85.229:0
File typeASCII text, with very long lines (65414) Hashd80b0af0aa03c9c591980a22667bfada d2dd207058a0f612de38c1ed298ccb03888ceb57 80a4e8b19247fa74a2f2dc59441caa1e8abb2745d07187c44249146df12203d8
GET /npm/chart.js@2.9.3/dist/Chart.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.9.3
x-jsd-version-type: version
etag: W/"373b3-J7sGmxbeZw0rp5XOH/F82rtiHjE"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 13 Sep 2022 20:13:51 GMT
age: 1196168
x-served-by: cache-fra19145-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70055
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc79a6d9219e52788c0288a4288601f0b a55c74c35279d08872bb4b0805d3f8ff684bc322 345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4a68e0856575d52f7778bc821b5c881b 0956533f660fd0e7096540292f9b60451f60f148 0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 | 104.18.21.226 | 200 OK | 1.5 kB |
URL HTTP/1.1ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 IP104.18.21.226:0
Hasha5cc40b044445ac62c4ec391edde053d d0b6e3199a8bc019be5ff97d66f0e0f4db6ab5cb d829ee9c05e5cdbc05122639c1e17cf24fe0f2287acb12270cc084e3887bcb7a
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3C67358BA8C305E6AE5C44E91DCE1D64D4458B5A"
Expires: Wed, 14 Sep 2022 07:00:00 GMT
Last-Modified: Tue, 13 Sep 2022 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2802
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a38bbcca7f1c0a-OSL
|
|
| www.googletagmanager.com/gtag/js?id=UA-182951249-1 | 142.250.74.72 | 200 OK | 42 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-182951249-1 IP142.250.74.72:0
File typeASCII text, with very long lines (1615) Hashad690dfd1195852bcc202e725fee436b 81ad9c3bb36dabb5515d5ff635f3cb43c56e6377 a5b9c6f125d52549080eb52a9baa51e2db89c0d0d6283f2b7629168099a9d228
GET /gtag/js?id=UA-182951249-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 20:13:51 GMT
expires: Tue, 13 Sep 2022 20:13:51 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42156
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-189321130-1 | 142.250.74.72 | 200 OK | 42 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-189321130-1 IP142.250.74.72:0
File typeASCII text, with very long lines (1615) Hashcb7b7e40f9021c84f8096ea854d7833f a3567607a8bd156b8276ce7046030a0850c00472 78417e3c31052bbf94fa6bf49c7d111c5b23bcd23457cbdda8f1156a4c671340
GET /gtag/js?id=UA-189321130-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 20:13:51 GMT
expires: Tue, 13 Sep 2022 20:13:51 GMT
cache-control: private, max-age=900
last-modified: Tue, 13 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-SMYZWM2YCC | 142.250.74.72 | 200 OK | 75 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=G-SMYZWM2YCC IP142.250.74.72:0
File typeASCII text, with very long lines (17807) Hashfb1833153c5bb6c45030c9016ca15134 bdf03209b65c33d08256be6a56c8b583071fa5d8 1d86a78a9c54eed12bc02550c4e263f76e5dd69764ea14889f1281818a654fc7
GET /gtag/js?id=G-SMYZWM2YCC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 20:13:51 GMT
expires: Tue, 13 Sep 2022 20:13:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| secure.iron0walk.com/js/208082.js | 51.11.20.152 | 200 OK | 16 B |
URL HTTP/1.1secure.iron0walk.com/js/208082.js IP51.11.20.152:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with no line terminators Hash8b88628892b6be3a137a2e12e7eae2df ea021516706f5aebf2ffebd73d0581910c99f8c9 0a51079f4ad3dd8fde0226cf8e1bd3ed0c46d4c1a6f459199b6b11dd40e5f7e4
GET /js/208082.js HTTP/1.1
Host: secure.iron0walk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: text/javascript
Content-Length: 16
Connection: keep-alive
Server: Kestrel
Cache-Control: no-store, must-revalidate
Pragma: no-cache
Expires: 0
Request-Context: appId=cid-v1:abe8a76f-f1a2-4b2e-9017-0ea36ffb5c20
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash9939587aef90d732ebd2942ec44120e3 218c3a6c637eece45bf2f32408a6bb55357f900d 351b5b1cead475b70db2dbdc4e3eff2858605c041d3ecf8bc4f7ccba5fa244d5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:51 GMT
Last-Modified: Tue, 13 Sep 2022 19:55:27 GMT
Server: ECS (dcb/7F81)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dtd10V50XmhlG-FHcO-YWYXSX-8135MY9PzQoFA3-maABQGLQmlpmA==
Age: 1104
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashc79a6d9219e52788c0288a4288601f0b a55c74c35279d08872bb4b0805d3f8ff684bc322 345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4a68e0856575d52f7778bc821b5c881b 0956533f660fd0e7096540292f9b60451f60f148 0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| zoidii.com/package/run_css/83905403bc6961835552218c519cbf2d8bfcb88cb39698b9100ce86921d48591/version6/live/blogpost/xfalse/xfalse/run.css | 104.19.240.93 | 200 OK | 15 kB |
URL HTTP/1.1zoidii.com/package/run_css/83905403bc6961835552218c519cbf2d8bfcb88cb39698b9100ce86921d48591/version6/live/blogpost/xfalse/xfalse/run.css IP104.19.240.93:0
File typeUnicode text, UTF-8 text, with very long lines (558) Hashd1c22a71e44cbde3d5b9170ddaf6e58a d7344ac37cae0240a6ccf996bceef86a6a741489 9608974e755af1edc6a3f7a39b5a70a99d52f9d148fc6f795b0e49d0cd6565c1
GET /package/run_css/83905403bc6961835552218c519cbf2d8bfcb88cb39698b9100ce86921d48591/version6/live/blogpost/xfalse/xfalse/run.css HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":44.6,"percents":{"top":{"bubble_cpu":33,"block":65.6,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":4.5,"pp_wait_userdb":0,"http_request":0,"serverjson":31.8,"appserver_cache_misses_time":0,"redis":62.5,"fiber_queue":4.1,"capacity_wait":11}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":26,"fiber_queue":23,"blocks":22},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":8212507,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.126 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 74a38bbbdbdb0b45-OSL
Content-Encoding: br
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| zoidii.com/api/1.1/init/data?location=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership | 104.19.240.93 | 200 OK | 13 kB |
URL HTTP/1.1zoidii.com/api/1.1/init/data?location=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership IP104.19.240.93:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (13118), with no line terminators Hash92cc31da2cebe6d51de83d3456155c18 b58695b171c92e874b7fdc489cd69a0da1febb6c 939caf4d9a2dc97e284ce5111b757fb6807c01d7a55bb26e4e017e0db17aab13
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /api/1.1/init/data?location=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
x-bubble-perf: {"total":44.6,"percents":{"top":{"bubble_cpu":34.5,"block":64.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.8},"sub":{"pp_userdb":9,"pp_wait_userdb":0,"http_request":0,"serverjson":34.9,"appserver_cache_misses_time":0,"redis":41,"fiber_queue":10,"capacity_wait":2}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":6,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":18,"fiber_queue":20,"blocks":19},"misc":{"userdb_results":2,"userdb_data":24700,"spent_time":4311961,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.066 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bbc1bd20afa-OSL
|
|
| push.services.mozilla.com/ | 52.40.161.235 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.40.161.235:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3bRncmwzmBYmzbINt2+DRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KQyatLJiDLsrYF3M5tciQJwWJOQ=
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.163 | 200 OK | 45 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data Hash565ce506190ad3af920b40baf1794cec ad3cba5d06100e09449a864d3b5e58403b478b3d 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 42170
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2 | 142.250.74.163 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 17660, version 1.0\012- data Hashcfdce67a2e07ba6cf05e0292d7f3f9b7 dcad1b9e50f8ef49ec4600fe88c68c165d9b7e61 048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c
GET /s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 15:46:57 GMT
expires: Sat, 09 Sep 2023 15:46:57 GMT
cache-control: public, max-age=31536000
age: 361614
last-modified: Mon, 11 Jul 2022 21:02:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 | 142.250.74.163 | 200 OK | 24 kB |
URL HTTP/2fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 17:10:21 GMT
expires: Wed, 13 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 11010
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2 | 142.250.74.163 | 200 OK | 21 kB |
URL HTTP/2fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 20960, version 1.0\012- data Hashd312d179276a175029c56c50e9bc9d0b aa9285dd6183c696fc39ec31c221581e2d4959c1 7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
GET /s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 00:05:42 GMT
expires: Thu, 07 Sep 2023 00:05:42 GMT
cache-control: public, max-age=31536000
age: 590889
last-modified: Tue, 19 Apr 2022 19:18:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 | 142.250.74.163 | 200 OK | 18 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data Hash3d5107abaf7bf4df5478bd04625c0929 b04d394caabf6ea3e500b74781dc2bfd54f3c18d 9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 19:07:15 GMT
expires: Tue, 12 Sep 2023 19:07:15 GMT
cache-control: public, max-age=31536000
age: 90396
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/telex/v14/ieVw2Y1fKWmIO-fUDVs.woff2 | 142.250.74.163 | 200 OK | 14 kB |
URL HTTP/2fonts.gstatic.com/s/telex/v14/ieVw2Y1fKWmIO-fUDVs.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 14432, version 1.0\012- data Hash5a6b42aa82fce5706171ae77564a2210 6a339335bb334cfdf826c6d8a7e90387c6324bd7 24658289a63f5cd6e3d89e2f2c2ec255563ee905a68654047be886b99ab856d7
GET /s/telex/v14/ieVw2Y1fKWmIO-fUDVs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 11 Sep 2022 16:46:59 GMT
expires: Mon, 11 Sep 2023 16:46:59 GMT
cache-control: public, max-age=31536000
age: 185212
last-modified: Wed, 27 Apr 2022 15:52:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| zoidii.com/package/run_js/69717bdd0d62ae5c8a57da4e4e2b66645c475028c040fc03302d80630a09c586/xfalse/x17/run.js | 104.19.240.93 | 200 OK | 615 kB |
URL HTTP/1.1zoidii.com/package/run_js/69717bdd0d62ae5c8a57da4e4e2b66645c475028c040fc03302d80630a09c586/xfalse/x17/run.js IP104.19.240.93:0
File typeASCII text, with very long lines (32030) Size615 kB (614706 bytes) Hashc78e7e3ce7916e770899f74b776fe374 b1e75b20bffa3ea21f549ec3144b3f82c581b963 e052b1eab1cccb02a43317fb7966dfae4353ed18ba2f1a0aba9e0526af0eb521
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /package/run_js/69717bdd0d62ae5c8a57da4e4e2b66645c475028c040fc03302d80630a09c586/xfalse/x17/run.js HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":16,"percents":{"top":{"bubble_cpu":20.1,"block":73.4,"capacity_rl":0,"other_pause":0,"pre_fiber":2.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":41,"fiber_queue":22.3,"capacity_wait":11.7}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":482112,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.007 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 74a38bbbea2ab505-OSL
Content-Encoding: br
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7877
Expires: Tue, 13 Sep 2022 22:25:08 GMT
Date: Tue, 13 Sep 2022 20:13:51 GMT
Connection: keep-alive
|
|
| s.comparesoft.com/prod/js/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb | 54.230.111.127 | 200 OK | 7.0 kB |
URL HTTP/1.1s.comparesoft.com/prod/js/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb IP54.230.111.127:0
File typeASCII text, with very long lines (22492), with no line terminators Hash5920e71d6f1c596ff5bc169f9ae2041f 1e8f18a0d75bc1cd641dfdf8d7b610aa36993d1b e723e1186e67938be08515d0de6875f9359262db5958e3521020353c348c3407
GET /prod/js/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb HTTP/1.1
Host: s.comparesoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 13 Sep 2022 20:13:51 GMT
x-amzn-RequestId: a6a129a6-58de-41fb-ba6b-0e9c7204e87d
x-amz-apigw-id: Yaij-HCpjoEFTNg=
X-Amzn-Trace-Id: Root=1-6320e47f-024cc45e2f1d03a26fc57968;Sampled=0
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T3SNcVGKBf-PIRmebCtkTyaUek6KtvLyINSyq1CnVRZ7STbvIBaPow==
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7877
Expires: Tue, 13 Sep 2022 22:25:08 GMT
Date: Tue, 13 Sep 2022 20:13:51 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash239262b6ab17cb19414c35cd4f761092 48eddcf9838e980e67cc8f9cbb05b475df2f0331 cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 80290
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc14088c4ca0d576e087feed41b7f1565 172b23f2ef39b6c3fdebb5441b10a95712206d0a 2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 81119
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash557695ec8ffeebb0272c099542a14ace ad627b434e1c3b693d8636675bcea0f8794e0dc2 4d79c7830caa73b921d6abaa97771ab1f4dc8fd709597f01ba04c268c03b6157
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bb76515-eb77-4f38-aae2-75a885833991.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10407
x-amzn-requestid: 9d4f8b01-c36c-4378-9c9d-5660084b781f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxNlNGmZIAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63105c87-33f69c990fc7a6073eb5a63a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 07:17:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E3cLpeRf1RAA79G5O1p1xmgDHk_o9Ba-F9KnZqS_X_2kr1543CwnMg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 09:02:59 GMT
age: 40252
etag: "ad627b434e1c3b693d8636675bcea0f8794e0dc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc9ab2ec10c79b91d15edb1d1e3dc763c 744fee4a0baa22ba3aa352d60620a916972b47dd f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 43wWNADffkA0e8T-SYvAMjp266nAE5hrDjNMQQsuYeT0i6xQt7wLVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:34 GMT
age: 80297
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash838f709437b2dfbede4ee15307afe217 2ab2ee20e720b78be6deb55f967ac0d8b7dad048 a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TeasWs7Qh6T3oV8vJsu5JM_EApUJEGGWIvUC6Pfd41u18v8RlcPQpg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:19 GMT
age: 80192
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6174529fff57758e958da5432344962f 05ec2076b32398d60ee77fab8c14345bc7dfe647 65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 03:17:04 GMT
age: 61007
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| zoidii.com/package/static_js/a9a65750494dd11e829e3ac5ed91328ab8e4d029bdf8367bf168b75e9949f4e8/version6/live/blogpost/xnull/xfalse/xfalse/xfalse/static.js | 104.19.240.93 | 200 OK | 195 kB |
URL HTTP/1.1zoidii.com/package/static_js/a9a65750494dd11e829e3ac5ed91328ab8e4d029bdf8367bf168b75e9949f4e8/version6/live/blogpost/xnull/xfalse/xfalse/xfalse/static.js IP104.19.240.93:0
File typeUnicode text, UTF-8 text, with very long lines (23458) Size195 kB (195036 bytes) Hash1b2ca45cd7e6ae35900ddd05190c1c5e f3a8af567e231bcc5b45ea8806e25ef3847df928 20917a5fae46fadead14d2eaae51b445a0d5b3ed4cd8a7167d23dfa32f235200
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /package/static_js/a9a65750494dd11e829e3ac5ed91328ab8e4d029bdf8367bf168b75e9949f4e8/version6/live/blogpost/xnull/xfalse/xfalse/xfalse/static.js HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":232.5,"percents":{"top":{"bubble_cpu":28.7,"block":71.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":25.3,"appserver_cache_misses_time":0,"redis":31.2,"fiber_queue":1.7,"capacity_wait":0.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":37,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":59,"fiber_queue":57,"blocks":56},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":10016840,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.154 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 74a38bbbeb720afa-OSL
Content-Encoding: br
|
|
| zoidii.com/package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js | 104.19.240.93 | 200 OK | 38 kB |
URL HTTP/1.1zoidii.com/package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js IP104.19.240.93:0
File typeexported SGML document, Unicode text, UTF-8 text, with very long lines (57222) Hash8d073d386b39d239b897032969398d68 0b6cc5e23284e84af4df8a6c1fc653f7399b6dca 85fa2bf55b004718218c45b70d2644a1c8372c4ed71514c8c34bf12784a97a74
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /package/dynamic_js/6df5434f20dd09c340fac2246b0159821bfa9ff18122af60df8f81f3e26c4654/version6/live/blogpost/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
vary: Accept-Encoding
x-bubble-perf: {"total":185.1,"percents":{"top":{"bubble_cpu":5.1,"block":91.6,"capacity_rl":0,"other_pause":0,"pre_fiber":3.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":11.8,"fiber_queue":2.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1428848,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.022 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Server: cloudflare
CF-RAY: 74a38bbbef45b4f9-OSL
Content-Encoding: br
|
|
| forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= | 104.16.87.5 | 200 OK | 18 B |
URL HTTP/2forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= IP104.16.87.5:0
File typeASCII text, with no line terminators Hashcc7fd95a87ea3721ce1853bf3c4dd75e 7f687f7881adf0fc407378d375a61b8f198c0912 0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879
OPTIONS /embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://zoidii.com/
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: text/plain; charset=utf-8
content-length: 18
x-trace: 2B437E4AF0CCE2ED7921AA95FA36ADA979BD2EA410000000000000000000
allow: HEAD,GET,OPTIONS
vary: Accept-Encoding
x-hubspot-correlation-id: c1d8c416-d699-46d5-a219-92309b3dee64
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: x-requested-with
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bc1ede2b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash764117af7cd36b7fc61bc63b72af7c6c 39aa0348f94840805964134c644baffdd9f17bcf 156087e03df57802d2d9e2e6022a06c5ee0aad49ab90865f6978aba21a2760ca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:52 GMT
Last-Modified: Tue, 13 Sep 2022 19:30:44 GMT
Server: ECS (dcb/7F17)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9VbD1j1bL5f34moeuRaPRZD-8cCxvsW3fZKw7gV2RNijmclZAJcFmA==
Age: 2588
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash764117af7cd36b7fc61bc63b72af7c6c 39aa0348f94840805964134c644baffdd9f17bcf 156087e03df57802d2d9e2e6022a06c5ee0aad49ab90865f6978aba21a2760ca
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:52 GMT
Last-Modified: Tue, 13 Sep 2022 19:21:39 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1Ptvu2tWuBjUpub4d_jqp2EsJkvs-yd5MdwfwFHr7pFQYskBO9EK-g==
Age: 3134
|
|
| cdn.oribi.io/XzgzOTE3NzI1MA/oribi.js | 143.204.55.82 | 200 OK | 3 B |
URL HTTP/2cdn.oribi.io/XzgzOTE3NzI1MA/oribi.js IP143.204.55.82:0
File typeJSON data\012- , ASCII text Hash8a80554c91d9fca8acb82f023de02f11 5f36b2ea290645ee34d943220a14b54ee5ea5be5 ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /XzgzOTE3NzI1MA/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
content-length: 3
date: Tue, 13 Sep 2022 20:13:52 GMT
cache-control: public, max-age=60
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AWPOuWh4Zt70HZVTeJPpdjUQd-OaHwjgIxZZFx5AKAS2Ca6p5dR7jw==
X-Firefox-Spdy: h2
|
|
| js-na1.hs-scripts.com/8770284.js | 104.17.214.204 | 200 OK | 556 B |
URL HTTP/2js-na1.hs-scripts.com/8770284.js IP104.17.214.204:0
File typeASCII text, with very long lines (539) Hash6667dd04afadce9d2296e4a877351f38 c2da0d5fa448bd2b212d6ed652877ad1582db01c 09ca62efe1f2bdb4b5c504da39f6d45e84f2e73046223a277adff48d4b8defc1
GET /8770284.js HTTP/1.1
Host: js-na1.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B6D8D7AEE3A5B8C404D8E4CA88C3E78AD0CC63AB8000000000000000000
cache-control: public, max-age=30
vary: Accept-Encoding
x-hubspot-correlation-id: 690accad-92ab-451d-8b3e-20a75ca2491f
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://zoidii.com
last-modified: Tue, 13 Sep 2022 12:07:55 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 74a38bbc48f0b523-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hash40de8141ba27bcb1c11b6ce5f590cf4c 3579a85514edb6cae4acceb8d4a64b3d1c3b2b73 ed71fdd2b3fad2bf47259e7463e71b768f06b97bdb880a954c6ba5f88eba0879
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 01:47:59 GMT
Expires: Tue, 20 Sep 2022 01:47:58 GMT
Etag: "3579a85514edb6cae4acceb8d4a64b3d1c3b2b73"
Cache-Control: max-age=537845,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bc34b111c0a-OSL
|
|
| t.comparesoft.com/prod/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb | 34.249.120.72 | 200 OK | 22 B |
URL HTTP/2t.comparesoft.com/prod/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb IP34.249.120.72:0
File typeJSON data\012- , ASCII text, with no line terminators Hashbcdb9df7b322b251d2948bb2b5b23561 526c9ca9949218b1705c3511c571a7bb8e7a1d4d 387fe73d9abe7e6c32a0eb6113efea98dea609edefe9c3b4c9788fcaaef1603b
POST /prod/1244b899-4fa5-4a4a-a7e7-2476af2ce9fb HTTP/1.1
Host: t.comparesoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
Authorization: Basic null
Origin: https://zoidii.com
Content-Length: 132
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/json
content-length: 22
x-amzn-requestid: 26c855b0-6198-40f8-9001-2357b1fca0e7
access-control-allow-origin: https://zoidii.com
access-control-allow-headers: content-type,cookie,authorization
x-amz-apigw-id: YaikHH-WDoEFk8A=
vary: Origin
access-control-allow-methods: OPTIONS,GET,POST
x-amzn-trace-id: Root=1-6320e480-65c05ac31dd484670bd38ef4;Sampled=0
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| notify.bubble.is/ | 52.35.44.78 | 101 Switching Protocols | 0 B |
IP52.35.44.78:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: notify.bubble.is
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://zoidii.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Pv9XH4Liw1l7nYf7vPEmJg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: KMCDITNJTkeoNZYnybXlnkyWHpI=
|
|
| zoidii.com/bug/client_log | 104.19.240.93 | 200 OK | 8 B |
URL HTTP/1.1zoidii.com/bug/client_log IP104.19.240.93:0
File typeASCII text, with no line terminators Hash4b5a89da866343fceb1b700746e0242f 22b3b29145586b1c0cd145d264e76c5e29ffbb42 3000a60b8e7a15e3bd63bbc0519d6eb04c6b31d6493d8d1a10e36be6fcfebb7a
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /bug/client_log HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100019234x483507465518214660
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 9563
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 20
x-bubble-perf: {"total":20.5,"percents":{"top":{"bubble_cpu":15.3,"block":76.2,"capacity_rl":0,"other_pause":0,"pre_fiber":2.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":39.5,"fiber_queue":17.6,"capacity_wait":20}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":469369,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.007 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bc34e50b505-OSL
Content-Encoding: br
|
|
| zoidii.com/static/fonts/fontawesome-webfont.woff2 | 104.19.240.93 | 200 OK | 77 kB |
URL HTTP/1.1zoidii.com/static/fonts/fontawesome-webfont.woff2 IP104.19.240.93:0
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /static/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zoidii.com/package/run_css/83905403bc6961835552218c519cbf2d8bfcb88cb39698b9100ce86921d48591/version6/live/blogpost/xfalse/xfalse/run.css
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:52 GMT
Content-Type: application/octet-stream
Content-Length: 77160
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
etag: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-bubble-perf: {"total":13,"percents":{"top":{"bubble_cpu":25,"block":70.1,"capacity_rl":0,"other_pause":0,"pre_fiber":3.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":46.5,"fiber_queue":6.4,"capacity_wait":16.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":485577,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.007 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
CF-Cache-Status: MISS
Accept-Ranges: bytes
Server: cloudflare
CF-RAY: 74a38bc36e150afa-OSL
|
|
| forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= | 104.16.87.5 | 200 OK | 7.2 kB |
URL HTTP/2forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= IP104.16.87.5:0
File typeJSON data\012- , ASCII text, with very long lines (8435), with no line terminators Hash8156a20cde995d03807036e1fa3c8c04 1d5ea05abd54821e697ebb8c4907db0c0157f4f2 da62e808764a66205a708b84934385f27cebb80724b367dd4594458043e545b5
GET /embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/json;charset=utf-8
x-trace: 2BECD0BC8F0B20C9044D92669AFC68CB73FDDC7FB2000000000000000000
x-origin-hublet: na1
vary: Accept-Encoding
x-hubspot-correlation-id: ff814458-e24d-4ee5-b58c-37de43476a27
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: *
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bc469afb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608027720222x942664286886657900%2FFavicon%2520New.png?w=128&h=&auto=compress&dpr=1&fit=max | 54.230.245.141 | 200 OK | 4.8 kB |
URL HTTP/2d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608027720222x942664286886657900%2FFavicon%2520New.png?w=128&h=&auto=compress&dpr=1&fit=max IP54.230.245.141:0
File typePNG image data, 128 x 126, 8-bit colormap, non-interlaced\012- data Hashbb397a4e326b00466af55262d112a804 b36b637753efa5f2aaca927f98b0e2d415bbe071 cb8cb309017f54d0442065ef184e91c99d1b01ef5d0f339b275c64eb52b30681
GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608027720222x942664286886657900%2FFavicon%2520New.png?w=128&h=&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 4757
last-modified: Tue, 13 Sep 2022 12:58:56 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 596da47ed622482e3dd6ba80016d47fbb465490c
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 15:52:00 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10048-SJC, cache-hhn4043-HHN
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: w5M1a4qV5qBIDiQHGBW0VUZmy1NDI3sGtWtrW14LvioD9OebrKBLcA==
age: 26096
X-Firefox-Spdy: h2
|
|
| d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1646827209302x289617586874104640%2FInnovatech-Winners-Logo-2022.png?w=192&h=171&auto=compress&dpr=1&fit=max | 54.230.245.141 | 200 OK | 10 kB |
URL HTTP/2d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1646827209302x289617586874104640%2FInnovatech-Winners-Logo-2022.png?w=192&h=171&auto=compress&dpr=1&fit=max IP54.230.245.141:0
File typePNG image data, 192 x 171, 8-bit colormap, non-interlaced\012- data Hashf8d715399007ec37e45fa0edfbe6370f e9eb8806d785514c00e157e08f3e03dcb1efaea0 19b4a5ea37c207b5ebc796cec865ae8e177686b76738039de616140567a33219
GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1646827209302x289617586874104640%2FInnovatech-Winners-Logo-2022.png?w=192&h=171&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10196
last-modified: Tue, 13 Sep 2022 14:49:16 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 9834b995c75d200aa9e5c2ecc8d9ede5274ff0df
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 18:01:19 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10050-SJC, cache-fra19179-FRA
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ttjb4zkqK04VzDiIBqvKQosssA40voJuwnTBKMSbSa9IB2eTdFesDA==
age: 19475
X-Firefox-Spdy: h2
|
|
| d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608062690671x915427267022548100%2FFavicon%2520New.png?w=192&h=&auto=compress&dpr=1&fit=max | 54.230.245.141 | 200 OK | 6.3 kB |
URL HTTP/2d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608062690671x915427267022548100%2FFavicon%2520New.png?w=192&h=&auto=compress&dpr=1&fit=max IP54.230.245.141:0
File typePNG image data, 192 x 190, 8-bit colormap, non-interlaced\012- data Hashec210a0e28073fed1cea68c2cab179c6 9123e4aca9bc7383b055adb0ac8b3a5d8bd3ec30 d2ba8899fa172cffabd259ccae56ab2d6cdedcd5b2599d6fe3e2cc38407f46f9
GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1608062690671x915427267022548100%2FFavicon%2520New.png?w=192&h=&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 6280
last-modified: Tue, 13 Sep 2022 19:31:29 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: f81db429f047707ce55bb5f2d1292a07f3f1527e
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:53 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10027-SJC, cache-hhn4061-HHN
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gozc6_zvsuIfl9E_X8JDhWSjGqQLPjL2K5OCCsSHxgBWjjAB6VM_TA==
age: 2543
X-Firefox-Spdy: h2
|
|
| zoidii.com/user/hi | 104.19.240.93 | 200 OK | 61 B |
IP104.19.240.93:0
File typeJSON data\012- , ASCII text, with no line terminators Hash66c9bc5ddc057d4a101e44e6be4705a9 8d1a8f20539972c682e23bce2e365fdd3469b961 3b4d5be4e4f14c8701835d41f1843738051a6d5a32b4045beea609626a36c310
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /user/hi HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100019738x925818602759415700
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 2
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
set-cookie: version6_u1main=1663100030884x409874015639473540; path=/; domain=zoidii.com; secure
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 11
x-bubble-perf: {"total":10.8,"percents":{"top":{"bubble_cpu":30.5,"block":62.4,"capacity_rl":0,"other_pause":0,"pre_fiber":7.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":27.1,"appserver_cache_misses_time":0,"redis":60.8,"fiber_queue":5.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":492917,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.008 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bc66c81b505-OSL
Content-Encoding: br
|
|
| js.hs-analytics.net/analytics/1663099800000/8770284.js | 104.17.71.176 | 200 OK | 20 kB |
URL HTTP/2js.hs-analytics.net/analytics/1663099800000/8770284.js IP104.17.71.176:0
File typeASCII text, with very long lines (63804) Hashda6627b435eac7dd382ba1a81d785d6a 68cbc9eca47df209081e92dc686a8270ac03a591 890fbd482ebb7de78e1ba078851b473269b10719f731136560a5940e0ca80a1a
GET /analytics/1663099800000/8770284.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:53 GMT
content-type: text/javascript
x-amz-id-2: pQ5/wF+VPymb5aBbXTn4gmB+ujIj7nDLEa6sL9lJ2pW5o3aBG+AaeCB0Cg1jHKRX7C5ylfgO7AA6cKxCmQkHBA==
x-amz-request-id: 5EQ67PAFMP2FMD15
last-modified: Wed, 31 Aug 2022 12:48:35 GMT
etag: W/"3c4f6d11a1ad21450e18ba608e52e858"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
expires: Tue, 13 Sep 2022 20:18:53 GMT
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a38bc5e898b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| api.hubspot.com/livechat-public/v1/message/public?portalId=8770284&conversations-embed=static-1.10632&mobile=false&messagesUtk=e29c92ef59a6494489940ef8b44c4e2a&traceId=e29c92ef59a6494489940ef8b44c4e2a | 104.19.155.83 | 200 OK | 225 B |
URL HTTP/2api.hubspot.com/livechat-public/v1/message/public?portalId=8770284&conversations-embed=static-1.10632&mobile=false&messagesUtk=e29c92ef59a6494489940ef8b44c4e2a&traceId=e29c92ef59a6494489940ef8b44c4e2a IP104.19.155.83:0
File typeJSON data\012- , ASCII text, with no line terminators Hash1420665dac9028dcb52d9f64e2bba064 08523555abbff46b538e11244389f11be3366cac e6bd2908c1acf2666b575e85c658ab2864f7f37f1d790fce37b815482ac633fe
GET /livechat-public/v1/message/public?portalId=8770284&conversations-embed=static-1.10632&mobile=false&messagesUtk=e29c92ef59a6494489940ef8b44c4e2a&traceId=e29c92ef59a6494489940ef8b44c4e2a HTTP/1.1
Host: api.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
X-HubSpot-Messages-Uri: https://zoidii.com/blogpost/maintenance-leadership
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:53 GMT
content-type: application/json;charset=utf-8
content-length: 225
cf-ray: 74a38bc83ebbb517-OSL
access-control-allow-origin: https://zoidii.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-hubspot-correlation-id: e7ddeedf-29be-44f8-8d47-b0d43ab0a232
x-trace: 2B2991DE51AFE09115FF7F49D70DA725F67160B405000000000000000000
set-cookie: __cf_bm=XfNydChQ1NdJzFuw.WmVPR4nqBQo.n1Np_KT7Mo4Byg-1663100033-0-Ad/oxa2IqY0vQS73fC4UE7/nvU0coun0tHNxUn4rXFypRDIY30woUyXh15EYFMtn5gdTiPTMu1HJbFv5TNKxgeI=; path=/; expires=Tue, 13-Sep-22 20:43:53 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfSyYZPI0WePjtGup%2FC2Oj0HFJHMkZTsXPPcTYnFv0IyzxSC1DM90znTe7NwNB3F%2BaM%2FhfoJg0%2Fp7ycLugnUCAUI%2BjGugnWvvzZCyxWbdckWTSYxDuPyVKOM8ndqM%2BpqmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zoidii.com/elasticsearch/msearch | 104.19.240.93 | 200 OK | 4.5 kB |
URL HTTP/1.1zoidii.com/elasticsearch/msearch IP104.19.240.93:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (12562), with no line terminators Hashd9113c5f62bab79b9717e87dd1b57342 4e7bbc2fbfa83f5e8b7ff9c00f2edc240a531486 c8d4d2613e839ad8773b8c192cd5e415dcef0216dea4eb1a3f6eddf2b366db6e
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /elasticsearch/msearch HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100019951x998234873750258000
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 838
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 30
x-bubble-perf: {"total":30.4,"percents":{"top":{"bubble_cpu":22.5,"block":74.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.9},"sub":{"pp_userdb":13.1,"pp_wait_userdb":0,"http_request":0,"serverjson":29.1,"appserver_cache_misses_time":0,"redis":50.6,"fiber_queue":12.8,"capacity_wait":7}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":2,"userdb_data":24700,"spent_time":3025984,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.047 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bc7feedb505-OSL
Content-Encoding: br
|
|
| www.google-analytics.com/analytics.js | 142.250.74.174 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.174:0
File typeASCII text, with very long lines (1325) Hash56f5d7f608e25d64207135f045f988cb 901eb59372ae330ae85e1384da93479b21ae1082 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 13 Sep 2022 18:41:12 GMT
expires: Tue, 13 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 5561
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash78f8bae58862d8be3437cfe9e927011d fb01a9cfd346f2c9b7694276c72a76e213887b06 389d233aa4b3ea23315c9d6e8d72d96fb2f802e227d24199c788a5a89e96a19e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/pagead/conversion_async.js | 142.250.74.164 | 200 OK | 16 kB |
URL HTTP/2www.google.com/pagead/conversion_async.js IP142.250.74.164:0
File typeASCII text, with very long lines (1623) Hash4738d969770682feba80f04bf171d65b be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7 1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 13 Sep 2022 20:13:53 GMT
expires: Tue, 13 Sep 2022 20:13:53 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hashb743089bdff5635e2f7c38d20c1910f6 f1874493bc88c2d9ba4a95a43e810da1cb452abd 3a60895d54c86a3e46a3dbcacfc07f3fae4ba79add296b16d0938baacc8d462a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 | 142.250.74.163 | 200 OK | 17 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data Hashe43b535855a4ae53bd5b07a6eeb3bf67 6507312d9491156036316484bf8dc41e8b52ddd9 b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zoidii.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 18:53:39 GMT
expires: Tue, 12 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 91214
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-SMYZWM2YCC>m=2oe9c0&_p=203516083&cid=1766233665.1663100020&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663100020&sct=1&seg=0&dl=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&dt=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 | 216.239.32.36 | 204 No Content | 0 B |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-SMYZWM2YCC>m=2oe9c0&_p=203516083&cid=1766233665.1663100020&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663100020&sct=1&seg=0&dl=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&dt=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP216.239.32.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SMYZWM2YCC>m=2oe9c0&_p=203516083&cid=1766233665.1663100020&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663100020&sct=1&seg=0&dl=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&dt=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://zoidii.com
date: Tue, 13 Sep 2022 20:13:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| zoidii.com/elasticsearch/mget | 104.19.240.93 | 200 OK | 583 B |
URL HTTP/1.1zoidii.com/elasticsearch/mget IP104.19.240.93:0
File typeJSON data\012- , ASCII text, with very long lines (1287), with no line terminators Hash23a1adeb29f06bd986ccfd803cab8872 511275a2602a324e7cc2a4f4c74345ec0b66e4ba 0ee6e6a3b932c69728417f26c036987b11d89d7e31f7240757815bd24b3aed33
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /elasticsearch/mget HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100020453x616449793463028700
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:53 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 30
x-bubble-perf: {"total":29.7,"percents":{"top":{"bubble_cpu":22.6,"block":74.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":20.2,"pp_wait_userdb":0,"http_request":0,"serverjson":9,"appserver_cache_misses_time":0,"redis":43.6,"fiber_queue":11.3,"capacity_wait":4.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":3,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":1,"userdb_data":1353,"spent_time":2008760,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.031 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcaec3ab505-OSL
Content-Encoding: br
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash6d4f4e95f7fa5c73ba923617c60d4814 dac6cb0c3374b442fe396190844d44cbaf4644e0 2d43e8f3eaf6ef9a9c0815187c2266c99a6e46fbfe67b0318e8c559f74260fef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:53 GMT
Last-Modified: Tue, 13 Sep 2022 18:57:31 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k5uKTboPCOOC33XWvw90OdH4Y1vCIzd1hmBeRrBEdsYjpuJxqfYXUQ==
Age: 4582
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.110 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.110:0
Hash6d4f4e95f7fa5c73ba923617c60d4814 dac6cb0c3374b442fe396190844d44cbaf4644e0 2d43e8f3eaf6ef9a9c0815187c2266c99a6e46fbfe67b0318e8c559f74260fef
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 20:13:53 GMT
Last-Modified: Tue, 13 Sep 2022 19:39:55 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iUpGPPj_QTm0DzA_VwFKuuSHweHz8yZR8mTof9JTHWXLL20nP0ZS0A==
Age: 2038
|
|
| zoidii.com/elasticsearch/msearch | 104.19.240.93 | 200 OK | 11 kB |
URL HTTP/1.1zoidii.com/elasticsearch/msearch IP104.19.240.93:0
File typeJSON data\012- , Unicode text, UTF-8 text, with very long lines (36592), with no line terminators Hashee3f978e2dd89c73f952c83dff69fa3b c442ee47541fdeb83a39a14d143c0485ed0c9347 1b39d33c3474f2cc3ebe3badb51d213ffb65a574bd1d4d0bd32e732d58491916
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /elasticsearch/msearch HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100020494x326546074830429800
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 922
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 34
x-bubble-perf: {"total":33.9,"percents":{"top":{"bubble_cpu":19.7,"block":75.9,"capacity_rl":0,"other_pause":0,"pre_fiber":1.6},"sub":{"pp_userdb":23.6,"pp_wait_userdb":0,"http_request":0,"serverjson":21.5,"appserver_cache_misses_time":0,"redis":32.8,"fiber_queue":11.2,"capacity_wait":11.6}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":6,"userdb_data":72332,"spent_time":4002138,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.062 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcb2fa40afa-OSL
Content-Encoding: br
|
|
| zoidii.com/elasticsearch/bulk_watch | 104.19.240.93 | 200 OK | 71 B |
URL HTTP/1.1zoidii.com/elasticsearch/bulk_watch IP104.19.240.93:0
File typeJSON data\012- , ASCII text, with no line terminators Hash0d450f32b3ed42fe05ef8365499ceea1 01d404169d7018f6406817973ffb84854376812d 9f62029fc19a2bfccb3b60189cb34b454eb0c7acecac486212ca9000ab929a2e
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /elasticsearch/bulk_watch HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Epoch-ID: 1663100019041x922758653476763900
X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Fiber-ID: 1663100020516x574133838417246400
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 754
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 50
x-bubble-perf: {"total":50.2,"percents":{"top":{"bubble_cpu":16.4,"block":82.8,"capacity_rl":0,"other_pause":0,"pre_fiber":1.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":17.6,"appserver_cache_misses_time":0,"redis":50.8,"fiber_queue":19.1,"capacity_wait":6.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1237970,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.019 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcb488ab4f9-OSL
Content-Encoding: br
|
|
| zoidii.com/user/apm | 104.19.240.93 | 200 OK | 8 B |
IP104.19.240.93:0
File typeASCII text, with no line terminators Hash4b5a89da866343fceb1b700746e0242f 22b3b29145586b1c0cd145d264e76c5e29ffbb42 3000a60b8e7a15e3bd63bbc0519d6eb04c6b31d6493d8d1a10e36be6fcfebb7a
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /user/apm HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100020852x464166507028596100
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 18384
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 24
x-bubble-perf: {"total":24.4,"percents":{"top":{"bubble_cpu":28.5,"block":67.9,"capacity_rl":0,"other_pause":0,"pre_fiber":3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":46.5,"fiber_queue":17.3,"capacity_wait":4.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1042763,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.016 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcd6ab90afa-OSL
Content-Encoding: br
|
|
| zoidii.com/user/m | 104.19.240.93 | 200 OK | 8 B |
IP104.19.240.93:0
File typeASCII text, with no line terminators Hash4b5a89da866343fceb1b700746e0242f 22b3b29145586b1c0cd145d264e76c5e29ffbb42 3000a60b8e7a15e3bd63bbc0519d6eb04c6b31d6493d8d1a10e36be6fcfebb7a
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /user/m HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100020845x580169466339592800
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 534
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 67
x-bubble-perf: {"total":67.1,"percents":{"top":{"bubble_cpu":6.6,"block":87.8,"capacity_rl":0,"other_pause":0,"pre_fiber":5.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":45.2,"fiber_queue":36.4,"capacity_wait":8.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":666555,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.01 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bcd593fb505-OSL
Content-Encoding: br
|
|
| s3.amazonaws.com/appforest_uf/f1631613667340x105836428588560690/richtext_content.png | 52.217.87.190 | 200 OK | 208 kB |
URL HTTP/1.1s3.amazonaws.com/appforest_uf/f1631613667340x105836428588560690/richtext_content.png IP52.217.87.190:0
File typePNG image data, 1920 x 974, 8-bit/color RGB, non-interlaced\012- data Size208 kB (208458 bytes) Hash1e588ef4a363e488e3b375455303109b 4b66e406ddfc89976171758e26680c1b518c34c1 7d07d443785c2186b14db01d54a9d152c1347933c7b57a06dea46e1f58bbc499
GET /appforest_uf/f1631613667340x105836428588560690/richtext_content.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: nX2MNcdzEv+UZrg7M3zlGdOHy40Z2zEDvJwNM7vKxxX9bjyPF19zZy+Qn7GinrE9jr+iplBrCAo=
x-amz-request-id: TMSCY83T8MVKSY70
Date: Tue, 13 Sep 2022 20:13:55 GMT
Last-Modified: Tue, 14 Sep 2021 10:01:08 GMT
ETag: "1e588ef4a363e488e3b375455303109b"
x-amz-meta-appname: version6
Cache-Control: public,max-age=86400
x-amz-meta-app-version: live
x-amz-version-id: r.ODFqxhvlkzvzXNHCVZz2hOv7nR.nK1
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 208458
|
|
| zoidii.com/elasticsearch/bulk_watch | 104.19.240.93 | 200 OK | 71 B |
URL HTTP/1.1zoidii.com/elasticsearch/bulk_watch IP104.19.240.93:0
File typeJSON data\012- , ASCII text, with no line terminators Hash1584f272e773362fdfafbb3ec5322c78 2dcc7141102da590b48481f685a1079ee13cf2c2 09497109a956cf842a41cb5abc9b0def8d27d4143330f85fee9248d331b23fd9
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /elasticsearch/bulk_watch HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100020962x311726620164056500
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 774
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 43
x-bubble-perf: {"total":43.4,"percents":{"top":{"bubble_cpu":16,"block":83.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":15.9,"appserver_cache_misses_time":0,"redis":54.2,"fiber_queue":9.6,"capacity_wait":11.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1039246,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.016 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38bce1db5b4f9-OSL
Content-Encoding: br
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash89dc4294d8e50675a5cb111e84d38452 993b0be337e43de62b8a33bef20c972881c8a646 27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-182951249-1&cid=1766233665.1663100020&jid=343096972&gjid=1630131054&_gid=30743660.1663100020&_u=YADAAUAAAAAAAC~&z=101097902 | 142.251.1.154 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-182951249-1&cid=1766233665.1663100020&jid=343096972&gjid=1630131054&_gid=30743660.1663100020&_u=YADAAUAAAAAAAC~&z=101097902 IP142.251.1.154:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-182951249-1&cid=1766233665.1663100020&jid=343096972&gjid=1630131054&_gid=30743660.1663100020&_u=YADAAUAAAAAAAC~&z=101097902 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://zoidii.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 13 Sep 2022 20:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hasha44521d3957cdba57b0fc21915252110 e04f70e8f3271d219d22be1a0c54f7a047abdd55 aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/pagead/1p-conversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 | 142.250.74.3 | 200 OK | 63 B |
URL HTTP/2www.google.no/pagead/1p-conversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 IP142.250.74.3:0
File typeASCII text, with no line terminators Hash0339f8f57d1bf75003db591e28957e45 ae2286e497c9f76a02cb40c40a674b73bd293b76 609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 20:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash89dc4294d8e50675a5cb111e84d38452 993b0be337e43de62b8a33bef20c972881c8a646 27e6f64589d2befddc951fc27b83d03e1113bcfe301c76a2e412a20d2558a0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| googleads.g.doubleclick.net/pagead/viewthroughconversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&fmt=3&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 | 142.250.74.34 | 200 OK | 42 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/viewthroughconversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&fmt=3&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 IP142.250.74.34:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/429217271/?random=1663100020476&cv=9&fst=1663100020476&num=1&fmt=3&value=0&label=rRm5CIj6svkCEPer1cwB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9c0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fzoidii.com%2Fblogpost%2Fmaintenance-leadership&tiba=8%20ways%20CMMS%20software%20can%20make%20you%20a%20better%20maintenance%20leader&auid=53308546.1663100020&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 13 Sep 2022 20:13:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 13-Sep-2022 20:28:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hasha44521d3957cdba57b0fc21915252110 e04f70e8f3271d219d22be1a0c54f7a047abdd55 aaca825919de7c1d549ae107d482a8ac35cf518c1141ef3054018267a26067bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 20:13:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1630664052198x286123631823571360%2Fstandard%2520operating%2520procedure.png?w=512&h=282&auto=compress&dpr=1&fit=max | 54.230.245.141 | 200 OK | 13 kB |
URL HTTP/2d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1630664052198x286123631823571360%2Fstandard%2520operating%2520procedure.png?w=512&h=282&auto=compress&dpr=1&fit=max IP54.230.245.141:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 422x282, components 3\012- data Hash0fa15090a496c8dfc19569399f09d48c 5b8e26289e216123c357f8e90db5616133575cd8 1f3f1c56f8499f713b87aaf91e69521476327e73b8ec7942c21a28caf2480807
GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1630664052198x286123631823571360%2Fstandard%2520operating%2520procedure.png?w=512&h=282&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13057
last-modified: Tue, 13 Sep 2022 06:02:14 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 65ac13999949119b7cdb19e6e225a2beee08c627
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:54 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10080-SJC, cache-fra19162-FRA
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HqXRkdOBI0bkpRzj8W6koXtTliEpAoG2UEAYvvqoq-M1ti9O2BEtxw==
age: 51100
X-Firefox-Spdy: h2
|
|
| s3.amazonaws.com/appforest_uf/f1631614300509x828472587309110500/richtext_content.png | 52.217.87.190 | 200 OK | 1.4 MB |
URL HTTP/1.1s3.amazonaws.com/appforest_uf/f1631614300509x828472587309110500/richtext_content.png IP52.217.87.190:0
File typePNG image data, 1000 x 688, 8-bit/color RGBA, non-interlaced\012- data Size1.4 MB (1352173 bytes) Hash89f7ff4a8c9982f9abc948987892139e 700d815753c237db45bc37a38f16547af46fcb16 ac34cc6ce0b8f69a2a0f7407dd200a5aacc07aaccd684e8ba99dd53dbc8b36de
GET /appforest_uf/f1631614300509x828472587309110500/richtext_content.png HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: xW/Vwt+ZxCWxDvSpPwjdJO5h3mPaMm5y8fFb87qf0JWrvRmUB9kmfi79jDCvYDKrZsA8h3Vw5/4=
x-amz-request-id: TMS8YR3RBXEWS8EZ
Date: Tue, 13 Sep 2022 20:13:55 GMT
Last-Modified: Tue, 14 Sep 2021 10:11:42 GMT
ETag: "89f7ff4a8c9982f9abc948987892139e"
x-amz-meta-appname: version6
Cache-Control: public,max-age=86400
x-amz-meta-app-version: live
x-amz-version-id: .Xghypa7IkuqWsUr1JKSkAh1eK2LPsJt
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 1352173
|
|
| d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1616604713500x647382999250518640%2FJeff_on_Stool%25202.png?w=64&h=&auto=compress&dpr=1&fit=max | 54.230.245.141 | 200 OK | 1.1 kB |
URL HTTP/2d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1616604713500x647382999250518640%2FJeff_on_Stool%25202.png?w=64&h=&auto=compress&dpr=1&fit=max IP54.230.245.141:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 64x64, components 3\012- data Hash2bd18d8de4772683dd54782a40b0cf5f 1397d427182be79c487d293968c1a09088a1d05e 6d40b29ea6365c5aa813938802e8d689cd11e83d392a9526099239de4314fac5
GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1616604713500x647382999250518640%2FJeff_on_Stool%25202.png?w=64&h=&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1147
last-modified: Tue, 13 Sep 2022 20:13:54 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 2e92a5c4b26e8efe8615d5191ec78efab2d49a9e
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:54 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10058-SJC, cache-hhn4020-HHN
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _sgme9bcOambftCMU_du4nZ2kgc1zgc_uvOFIskt-6NMBRFUUJuSmQ==
age: 0
X-Firefox-Spdy: h2
|
|
| d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1642774927424x269603925889663420%2FCMMS%2520Software%2520Business%2520Case.jpg?w=512&h=282&auto=compress&dpr=1&fit=max | 54.230.245.141 | 200 OK | 18 kB |
URL HTTP/2d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1642774927424x269603925889663420%2FCMMS%2520Software%2520Business%2520Case.jpg?w=512&h=282&auto=compress&dpr=1&fit=max IP54.230.245.141:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 422x282, components 3\012- data Hash49a578af2b3d9cceb70190ffd1d194d7 487959a9448dee88f9013f214d71f61f82a5b0c7 59dcc550796fc6ee41d929e031bcc8efae8e19ec6941bafa82c1880b30f20b19
GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1642774927424x269603925889663420%2FCMMS%2520Software%2520Business%2520Case.jpg?w=512&h=282&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18080
last-modified: Tue, 13 Sep 2022 20:13:55 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: d2493ed34b175012baafae07a4123fa8ba00037b
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10051-SJC, cache-hhn4029-HHN
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iYbRDpAt162maWSJSOpdpoBtdvzEXtWbbxAgZ09q6OILxyil1Vesig==
age: 0
X-Firefox-Spdy: h2
|
|
| d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1644853301286x573129070570085760%2Fcytonn-photography-n95VMLxqM2I-unsplash.jpg?w=512&h=282&auto=compress&dpr=1&fit=max | 54.230.245.141 | 200 OK | 14 kB |
URL HTTP/2d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1644853301286x573129070570085760%2Fcytonn-photography-n95VMLxqM2I-unsplash.jpg?w=512&h=282&auto=compress&dpr=1&fit=max IP54.230.245.141:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 422x282, components 3\012- data Hash55b8d5fc707416d0a00f32427e1a1cd1 5836438efd01fbc1f320ec36871d4e4b8df55f7f 20b578c151a701e53b996c1f427d3867d789054d1fbf4d63f02f0ab931031f61
GET /https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1644853301286x573129070570085760%2Fcytonn-photography-n95VMLxqM2I-unsplash.jpg?w=512&h=282&auto=compress&dpr=1&fit=max HTTP/1.1
Host: d1muf25xaso8hp.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13781
last-modified: Tue, 13 Sep 2022 20:13:56 GMT
cache-control: public, max-age=86400
server: imgix
x-imgix-id: 80778080679e7dd0d8cd84222c054bf1ba2e5ee9
x-imgix-render-farm: 01.592
date: Tue, 13 Sep 2022 20:13:56 GMT
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10026-SJC, cache-hhn4024-HHN
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XeJ8p_LyvCrn1bK9kSxLk3CBvMUePSHjsqBzLP2z7ESfp5PgTVnUWg==
age: 0
X-Firefox-Spdy: h2
|
|
| zoidii.com/frg | 104.19.240.93 | 200 OK | 8 B |
IP104.19.240.93:0
File typeASCII text, with no line terminators Hash74db34246981a148adc44193d895bf70 97e73919a730cee3e26610367856401a2febe0b6 f5bf681c38cc8a068b5cae7b7e4795b0f2d93134d363860b7210030f0f0eac82
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /frg HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100023848x298881689292389900
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 75
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:57 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 19
x-bubble-perf: {"total":19.4,"percents":{"top":{"bubble_cpu":19.2,"block":78.4,"capacity_rl":0,"other_pause":0,"pre_fiber":3.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":36.3,"fiber_queue":17.4,"capacity_wait":26.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":557427,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.009 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38be01c78b505-OSL
Content-Encoding: br
|
|
| zoidii.com/frg | 104.19.240.93 | 200 OK | 8 B |
IP104.19.240.93:0
File typeASCII text, with no line terminators Hash4b5a89da866343fceb1b700746e0242f 22b3b29145586b1c0cd145d264e76c5e29ffbb42 3000a60b8e7a15e3bd63bbc0519d6eb04c6b31d6493d8d1a10e36be6fcfebb7a
Analyzer | Verdict | Alert | fortinet | Phishing | |
POST /frg HTTP/1.1
Host: zoidii.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Content-Type: application/json
cache-control: no-cache
X-Bubble-Breaking-Revision: 5
X-Bubble-R: https://zoidii.com/blogpost/maintenance-leadership
X-Bubble-PL: 1663100019234x2212
X-Bubble-Fiber-ID: 1663100024155x325046520728608960
X-Bubble-UTM-Data: {}
X-Requested-With: XMLHttpRequest
Content-Length: 106260
Origin: https://zoidii.com
Connection: keep-alive
Cookie: version6_live_u2main=1663100030901x410354621019551400; version6_live_u2main.sig=eQaiQ9NuQr6Yz7DpU819xgrR_WY; version6_u1main=1663100030884x409874015639473540; __hstc=213322763.f90a475cd6af5e1825fc0e8daa688bac.1663100019921.1663100019921.1663100019921.1; hubspotutk=f90a475cd6af5e1825fc0e8daa688bac; __hssrc=1; __hssc=213322763.1.1663100019921; _ga_SMYZWM2YCC=GS1.1.1663100020.1.0.1663100020.0.0.0; _ga=GA1.2.1766233665.1663100020; _gcl_au=1.1.53308546.1663100020; _ga_HXB3FK446M=GS1.1.1663100020.1.0.1663100020.0.0.0; _gid=GA1.2.30743660.1663100020; _gat_gtag_UA_182951249_1=1; _gat_gtag_UA_189321130_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 20:13:58 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: no-cache
x-bubble-appname: version6
x-bubble-request-took: 518
x-bubble-perf: {"total":518.3,"percents":{"top":{"bubble_cpu":1.3,"block":95.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0.5,"appserver_cache_misses_time":0,"redis":1.9,"fiber_queue":0.7,"capacity_wait":0.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1041417,"derived_build_time_spent":0}}
x-bubble-capacity-used: 0.016 unit-seconds used
x-bubble-capacity-limit: 0 ms slower
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a38be20f8ab505-OSL
Content-Encoding: br
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe407da4d97d497925b1ab523fd416787 166741631fb93d109b18dde6d316b3fa3276aa8f 707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2jR7F56GE_qqbRBWjNDiDBgWbCYv-Ac6kvC1LI0HciQkKGTeNDYlyw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:43 GMT
age: 80175
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| js.usemessages.com/conversations-embed.js | 104.17.239.204 | 200 OK | 0 B |
URL HTTP/2js.usemessages.com/conversations-embed.js IP104.17.239.204:0
GET /conversations-embed.js HTTP/1.1
Host: js.usemessages.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Aug 2022 02:10:32 UTC
etag: W/"be054c0d1ce8e9f928e051e15475d755"
x-amz-server-side-encryption: AES256
x-amz-version-id: 3C1npQH0ys7YIJipkKSW0mB3OJD1A1US
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: CCaIeFlcY3FKQHuvMW_xkmPK_IXi4cIu8ufdKJtOzoD_KwKhhipDpQ==
age: 189
cache-control: max-age=600
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10632/bundles/project.js&cfRay=745bcef5de010afe-IAD
x-hs-target-asset: conversations-embed/static-1.10632/bundles/project.js
x-hs-cache-status: EXPIRED
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 74a38bc239d20b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| js.hscollectedforms.net/collectedforms.js | 104.17.128.171 | 200 OK | 0 B |
URL HTTP/2js.hscollectedforms.net/collectedforms.js IP104.17.128.171:0
GET /collectedforms.js HTTP/1.1
Host: js.hscollectedforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
etag: W/"7a468b833be86c01bc8dfd455308f792"
x-amz-server-side-encryption: AES256
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: _HBxZntXTe7cWTk6-LMi49Ddc-Fg73bG1JSwdR8qnewHJ8pwecU_lw==
cache-control: s-maxage=86400, max-age=0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74a0c3ee78c598fa-IAD
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js
x-hs-cache-status: MISS
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
cf-cache-status: HIT
server: cloudflare
cf-ray: 74a38bc22ff00b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| js.hs-banner.com/8770284.js | 172.64.154.85 | 200 OK | 0 B |
URL HTTP/2js.hs-banner.com/8770284.js IP172.64.154.85:0
GET /8770284.js HTTP/1.1
Host: js.hs-banner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: text/javascript; charset=UTF-8
x-amz-id-2: vVN+7Qki0Uy5f5RE1VVE52keiLtSlDyzE/stVHwESkbJxOiLJ9X73YYDs14IvQgdVTA/PDdzRX0=
x-amz-request-id: P2TKWRP30YXK4XDR
last-modified: Tue, 30 Aug 2022 22:11:10 GMT
etag: W/"24f84b24c9b8212968fb14d351fcacd6"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: bdwTQiAiUNAwMeAAR_pGtlJrMBIlRbiL
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
expires: Tue, 13 Sep 2022 20:18:52 GMT
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 74a38bc23ad50b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| js.hsforms.net/forms/shell.js | 104.17.183.73 | 200 OK | 0 B |
URL HTTP/2js.hsforms.net/forms/shell.js IP104.17.183.73:0
GET /forms/shell.js HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Sep 2022 01:58:44 UTC
etag: W/"f889349e82887a8dc0de8f5ff4475404"
x-amz-server-side-encryption: AES256
x-amz-version-id: n0sO2MPByZbH.n7MGFzmNFa5l5r50miz
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: sL1nBTAQjlIYGcM80C1vCPVeViHXhutLqgewISdDYFr7wGuivH0u-w==
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.530/bundles/project_with_deps.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 432
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p487dg0lixWFTAETHJ9VBN8lM44lGTCigMfd2txgRBstG0un7OVFwyMrEsFeHlhtkamCQmBzNq%2BMo83bu6KVucBztNIoOSORlI6drqyZjlvLBOIL0hTtOEuqKPPy2gwa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bbc58a20b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| js.hs-scripts.com/8770284.js | 104.17.212.204 | 200 OK | 0 B |
URL HTTP/2js.hs-scripts.com/8770284.js IP104.17.212.204:0
GET /8770284.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:51 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B4DFE4AC9B151934CD5E4723D15749916828D9F2E000000000000000000
cache-control: public, max-age=60
vary: Accept-Encoding
x-hubspot-correlation-id: ddd7b4c7-71ae-410d-b0b9-c2903c298024
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://zoidii.com
last-modified: Tue, 13 Sep 2022 18:01:18 GMT
cf-cache-status: EXPIRED
expires: Tue, 13 Sep 2022 20:14:51 GMT
server: cloudflare
cf-ray: 74a38bbc4d87b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= | 104.16.87.5 | 200 OK | 0 B |
URL HTTP/2forms.hsforms.com/embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= IP104.16.87.5:0
GET /embed/v3/form/8770284/af65849d-c690-401a-a443-7be9f2c06334/json?hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:52 GMT
content-type: application/json;charset=utf-8
x-trace: 2BFEE73825BF369CD82438C623CF19BB0A6A26CEA6000000000000000000
x-origin-hublet: na1
vary: Accept-Encoding
x-hubspot-correlation-id: 20928e0f-dc16-4ead-b6af-59e4fd7b0402
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: *
access-control-allow-credentials: false
access-control-max-age: 180
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bc2cf45b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Barlow:500%7CInter:600%7CLato:regular%7COpen+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700%7COpen+Sans:italic%7COpen+Sans:regular%7CTelex:regular | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Barlow:500%7CInter:600%7CLato:regular%7COpen+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700%7COpen+Sans:italic%7COpen+Sans:regular%7CTelex:regular IP142.250.74.10:0
GET /css?family=Barlow:500%7CInter:600%7CLato:regular%7COpen+Sans:regular%7COpen+Sans:500%7COpen+Sans:600%7COpen+Sans:700%7COpen+Sans:italic%7COpen+Sans:regular%7CTelex:regular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 20:13:51 GMT
date: Tue, 13 Sep 2022 20:13:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| forms.hubspot.com/collected-forms/v1/config/json?portalId=8770284&utk=f90a475cd6af5e1825fc0e8daa688bac | 104.19.155.83 | 200 OK | 0 B |
URL HTTP/2forms.hubspot.com/collected-forms/v1/config/json?portalId=8770284&utk=f90a475cd6af5e1825fc0e8daa688bac IP104.19.155.83:0
GET /collected-forms/v1/config/json?portalId=8770284&utk=f90a475cd6af5e1825fc0e8daa688bac HTTP/1.1
Host: forms.hubspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zoidii.com/
Origin: https://zoidii.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 20:13:53 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding
x-hubspot-correlation-id: 50f03e69-002d-42a4-92b5-5800213d5326
access-control-allow-credentials: false
access-control-allow-origin: https://zoidii.com
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers: *
access-control-max-age: 180
x-robots-tag: none
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=e5t_XtFcsaLOaDnOXS9BWnkc8zKh.A5ttlOmca6aJc8-1663100033-0-AVTpxQpcfe3yVmC2b9ET/ncucXNRoUMnWWCi9v1Wc0taHXiNdgNxYhEL2f9OSfcJttYUQeBmQpvE96nK/PY2mbg=; path=/; expires=Tue, 13-Sep-22 20:43:53 GMT; domain=.hubspot.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HVCbj4l%2Bh%2Fl1tEO9AqfxeR7kI0Cmqm2kNdQ2oC57WsUOPbNEAnYFVIB2ihOlsKCRywI8NBSSUiRdfZ0IXUPTHWN%2BX0rZo2k%2Ff2vMTIeG%2FGWE8ZxJsCiBTFNhi9LIPHr6HQc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a38bc84ed3b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|