{"report_id":"a1b885d4-6586-44ee-8d3a-e7c1dc0fa3a4","version":6,"status":"done","tags":[],"date":"2026-03-11T22:19:39Z","url":{"schema":"http","addr":"accounts-25355.bubbleapps.io/","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.245.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"about","addr":"about:neterror?e=dnsNotFound\u0026u=https%3A//copilclou-secu.com/%3FUODqGoYs\u0026c=UTF-8\u0026d=We%20can%E2%80%99t%20connect%20to%20the%20server%20at%20copilclou-secu.com.","fqdn":"","domain":"","tld":""},"title":"Server Not Found","dom":{"size":7947,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (500)","md5":"c288ec05178c7436393ae8fa3a07b22c","sha1":"46b580c6cd44fe4bb1de82af289257d1a745897d","sha256":"4898cf29e7e03900d920d063eb83fcdc89f1fd2b47a0d7bdf50bb61b348f0797","sha512":"00823f8151116f32b50e8b219535cab619df6ab7bd5e26d586f9c6f90f9fd8c1b32242d32569c8eb4046a7c70a0ec5ccc9d8c135942964b60d0d207ecf81f99a","ssdeep":"96:rIPfVVKEtARPy48S8k45USz+45RaIkata89+RzydNAIl9+kex8KdRonI7B1g/M:rIl/eRPyfS8LUSZRa2b9wm7I98IT","tlshash":"d5f163a862fa0d2b819386e938db7409bd01d297d35c24e5bf6e45f10fc7d61980f19b","dom_hash":"domhashc59d69afccb598c37df8c553a509577e","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"accounts-25355.bubbleapps.io/","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.245.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":["openphish"],"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-15T22:19:39Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-11","alert":"Phishing Block","trigger":"copilclou-secu.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"copilclou-secu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"accounts-25355.bubbleapps.io","ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-14","domain_rank":0,"first_seen":"2026-03-11T22:19:40.443289Z","last_seen":"2026-03-11T22:19:40.443289Z","alert_count":16,"request_count":8,"received_data":4525683,"sent_data":7120,"comment":"","tags":null,"fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"192.178.202.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-08T22:15:01.701196Z","alert_count":0,"request_count":3,"received_data":148101,"sent_data":1704,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"192.178.202.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-08T22:19:32.591288Z","alert_count":0,"request_count":1,"received_data":7805,"sent_data":484,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"copilclou-secu.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-01-18","domain_rank":0,"first_seen":"2026-01-24T20:11:19.941033Z","last_seen":"2026-01-24T20:11:19.941034Z","alert_count":2,"request_count":1,"received_data":0,"sent_data":496,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"5dbf806421d5dd97b86016ab9fd1b9a1","sha1":"82504056bb4e5b9cae17ff042c1562d75ba04bc5","sha256":"450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b","sha512":"2921c69a6112f64c969c3d3c7bbfbc2dd259370f5c6ad07e80d845ca9f0efdcb5dca77e11dcd82402be972af229c524220520c98289f3b84e790f7b12ecaf9da","ssdeep":"384:41KVTmIUU8J6TQ1kl4/JXqbhl9gNsTol/wui24nT1MlsISMzO3P2LA8n/q6HhrwO:4AVTmI8JUl4/JXqbb9gNsToBLjsBMU8v","tlshash":"28b2c9497a21b17b835390b3517f064f933ba56eb80448acb588d9e46cb4d79037bfb8","size":24223,"data":"","first_seen":"2023-05-23T09:38:37Z","last_seen":"2026-07-13T05:19:22.136134Z","times_seen":2488,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cda1aa6fc596bb8c814604ccf3bbf0c1","sha1":"dbad895998dac3819df784959d4be5f7dfb4b153","sha256":"4e904d4eede369de00083b642fdf3b46a958c056e824b869fd988789aa218e8d","sha512":"04317ca415c8f31440c65896c00c4ad2196243c8daa81d83919683eebbd26095d3355398fa5e060f74d8229c872e6754820ac33c417dac841d40ca5590b4a4c4","ssdeep":"","tlshash":"14a022002ce320022a080008ef33e02c2a20203b3ae002c8bab0008003f0a83220808f","size":69,"data":"","first_seen":"2026-03-11T22:19:50.53183Z","last_seen":"2026-03-11T22:19:50.53183Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"7f45e55de84afcd9501e2c193e8c9979","sha1":"cf019a487633f48532c7e02e1acf69b85ee15c2a","sha256":"74aa9a8b107cb336adab0b6c3f9b29cc14b1b681197f3ef5550ed2d37ed28527","sha512":"821faa80fa7fce24abe5fcdf44fc1053b7886d060421050507e2e380646521aace5823203996baededb194d51cbece0b1ed7e38b9762b29c4af34aed802b3bda","ssdeep":"","tlshash":"8680045141007010547005054551d541fd113051530001745770411f137dc07d504d44","size":37,"data":"","first_seen":"2023-03-07T13:52:38Z","last_seen":"2026-06-07T00:07:51.927005Z","times_seen":281,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/package/dynamic_js/f6cf6a8deb5a833ab191274ebdef5cb37cdb314faf533a9c824da8db3328d1f8/accounts-25355/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:17.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bubbleapps.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 04:17:03 GMT","end":"Mon, 13 Apr 2026 05:16:59 GMT"},"fingerprint":{"sha1":"D8:EC:E4:0D:47:25:55:C6:1E:DE:69:71:42:CE:1E:DB:89:1D:EF:A3","sha256":"49:29:0F:22:EA:3E:6C:07:31:45:C9:AA:E5:D3:82:3D:7E:29:77:A2:BA:60:E4:CA:10:CF:F9:A5:39:89:35:1C"}}},"request":{"raw":"GET /package/dynamic_js/f6cf6a8deb5a833ab191274ebdef5cb37cdb314faf533a9c824da8db3328d1f8/accounts-25355/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js HTTP/1.1\r\nHost: accounts-25355.bubbleapps.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts-25355.bubbleapps.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: accounts-25355_live_u2main=bus|1773267557563x682752883944084400|1773267557572x307709656763367940; accounts-25355_live_u2main.sig=xYJuhF5KUA42ogdDTLky8uZfyBo; accounts-25355_u1main=1773267557563x682752883944084400; __cf_bm=YK2ULUUBoLEtV2g6LHZSbcKhjFkVXxOprC4yNCVXWWo-1773267557-1.0.1.1-8dhN9sCF3nXxa_ugjDoi6tZgJ9GGAIaUwqAlmv0KYv7vgdM2MrcC4DOpW1EI7cgKasuAWiMnL_NKSoL6bhKE0wpCmlEqFTMEUnh4jcszo9E\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 11 Mar 2026 22:19:18 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5096\r\ncf-ray: 9dadf09cc915120a-OSL\r\nx-powered-by: Express\r\nx-content-type-options: nosniff\r\ncache-control: public, max-age=31536000\r\naccess-control-allow-origin: *\r\netag: f6cf6a8deb5a833ab191274ebdef5cb37cdb314faf533a9c824da8db3328d1f8\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-bubble-perf: {\"total\":29,\"percents\":{\"top\":{\"bubble_cpu\":27,\"block\":70.5,\"capacity_rl\":0,\"other_pause\":0,\"pre_fiber\":2.1},\"sub\":{\"pp_userdb\":0,\"pp_wait_userdb\":0,\"http_request\":0,\"serverjson\":26.7,\"appserver_cache_misses_time\":0,\"redis\":8.3,\"fiber_queue\":9.3,\"capacity_wait\":0}},\"counts\":{\"pp_userdb\":0,\"http_request\":0,\"derived_build\":0,\"derived_cache_attempts\":2,\"derived_cache_memory_misses\":2,\"serverjson\":4,\"appserver_cache_attempts\":1,\"appserver_mem_cache_hits\":0,\"appserver_cache_hits\":1,\"appserver_cache_misses\":0,\"redis\":6,\"fiber_queue\":20,\"blocks\":19},\"misc\":{\"userdb_results\":0,\"userdb_data\":0,\"spent_time\":1175251}}\r\nx-bubble-capacity-used: 0.018 unit-seconds used\r\nx-bubble-capacity-limit: 0 ms slower\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":15197,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (8368)","md5":"59af721f1b67d47e7c2e165c4d0bbb19","sha1":"cb86c2d12df5fab3e35d2a8277930b73106762e3","sha256":"feec8af39d36677d0570b1be9889268bfeb03489dd70cbb3f63204322040ad28","sha512":"54e4658db5666ad938a7204ab7ea46ebb7120c9662156c6087f8a19c761e01317fe9741f27ae5071f279a941c1bee2f43926242d04a400606766e8fb283a7111","ssdeep":"192:TBmBy5RwB/zdFgQpPw35vEMuZwFQB3WAchhUx6IIwlzs:t5I/RFgcI3qMuZwWpJA4s","tlshash":"1562642dd846d72b47a59187f8ceffc29ba410157700ae86e0dc4c3a399e989d3267c7","first_seen":"2026-03-11T22:19:50.51762Z","last_seen":"2026-03-11T22:19:50.51762Z","times_seen":1,"resource_available":false,"data":null}},"time_used":255,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":253,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/package/static_js/026e8f088c2fe538a062e05f5e779c2b0c79830404f4e93de58dbe8b113c61b1/accounts-25355/live/index/xnull/xfalse/xfalse/xtrue/static.js","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:17.896Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bubbleapps.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 04:17:03 GMT","end":"Mon, 13 Apr 2026 05:16:59 GMT"},"fingerprint":{"sha1":"D8:EC:E4:0D:47:25:55:C6:1E:DE:69:71:42:CE:1E:DB:89:1D:EF:A3","sha256":"49:29:0F:22:EA:3E:6C:07:31:45:C9:AA:E5:D3:82:3D:7E:29:77:A2:BA:60:E4:CA:10:CF:F9:A5:39:89:35:1C"}}},"request":{"raw":"GET /package/static_js/026e8f088c2fe538a062e05f5e779c2b0c79830404f4e93de58dbe8b113c61b1/accounts-25355/live/index/xnull/xfalse/xfalse/xtrue/static.js HTTP/1.1\r\nHost: accounts-25355.bubbleapps.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts-25355.bubbleapps.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: accounts-25355_live_u2main=bus|1773267557563x682752883944084400|1773267557572x307709656763367940; accounts-25355_live_u2main.sig=xYJuhF5KUA42ogdDTLky8uZfyBo; accounts-25355_u1main=1773267557563x682752883944084400; __cf_bm=YK2ULUUBoLEtV2g6LHZSbcKhjFkVXxOprC4yNCVXWWo-1773267557-1.0.1.1-8dhN9sCF3nXxa_ugjDoi6tZgJ9GGAIaUwqAlmv0KYv7vgdM2MrcC4DOpW1EI7cgKasuAWiMnL_NKSoL6bhKE0wpCmlEqFTMEUnh4jcszo9E\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 11 Mar 2026 22:19:18 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5735\r\ncf-ray: 9dadf09cc90f120a-OSL\r\nx-powered-by: Express\r\nx-content-type-options: nosniff\r\ncache-control: public, max-age=31536000\r\naccess-control-allow-origin: *\r\netag: 026e8f088c2fe538a062e05f5e779c2b0c79830404f4e93de58dbe8b113c61b1\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-bubble-perf: {\"total\":87.7,\"percents\":{\"top\":{\"bubble_cpu\":19.2,\"block\":80.6,\"capacity_rl\":0,\"other_pause\":0,\"pre_fiber\":0.9},\"sub\":{\"pp_userdb\":0,\"pp_wait_userdb\":0,\"http_request\":0,\"serverjson\":51.2,\"appserver_cache_misses_time\":0,\"redis\":9.8,\"fiber_queue\":14,\"capacity_wait\":0}},\"counts\":{\"pp_userdb\":0,\"http_request\":0,\"derived_build\":0,\"derived_cache_attempts\":3,\"derived_cache_memory_misses\":3,\"serverjson\":51,\"appserver_cache_attempts\":1,\"appserver_mem_cache_hits\":0,\"appserver_cache_hits\":1,\"appserver_cache_misses\":0,\"redis\":6,\"fiber_queue\":70,\"blocks\":69},\"misc\":{\"userdb_results\":0,\"userdb_data\":0,\"spent_time\":2528639}}\r\nx-bubble-capacity-used: 0.039 unit-seconds used\r\nx-bubble-capacity-limit: 0 ms slower\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":16665,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (12027)","md5":"068db736d9947750868144daecab1434","sha1":"3527ec22659b1eeadbc50b67512ad948b6a65426","sha256":"a96ed0e8e77d4da4eac43c157f7415a68e52d12014c875d170776f1d0657e9e4","sha512":"a0c3f1ca886f3199c24ef6add964d1812826f635ce371010b8348c7ea09b287c26018c2f0294850220290ac2fdbe1a2bdd6dc150df79c9cdf691a506c3381c54","ssdeep":"192:TBHUK+rDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLkDrJRfzHlWluI1r:9UK+rxaefKI0LP19m4q1WW+h4Mj7","tlshash":"2372eaad74627d768ab331b8b027e30f327204da164d8d40f19cc8e62d6d85a822bf64","first_seen":"2026-03-11T22:19:50.519034Z","last_seen":"2026-03-11T22:19:50.519034Z","times_seen":1,"resource_available":false,"data":null}},"time_used":264,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":263,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.202.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:18.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://accounts-25355.bubbleapps.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 10 Mar 2026 15:26:35 GMT\r\nexpires: Wed, 10 Mar 2027 15:26:35 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 111163\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T09:16:21.151895Z","times_seen":233180,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":228,"dns":1,"connect":43,"send":0,"wait":45,"receive":62,"ssl":181},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/package/run_css/137bf4f58de5afac014acfc965a536497f63e458b100e8deeaaa5c4a3ed5fff5/accounts-25355/live/index/xfalse/xfalse/run.css","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:17.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bubbleapps.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 04:17:03 GMT","end":"Mon, 13 Apr 2026 05:16:59 GMT"},"fingerprint":{"sha1":"D8:EC:E4:0D:47:25:55:C6:1E:DE:69:71:42:CE:1E:DB:89:1D:EF:A3","sha256":"49:29:0F:22:EA:3E:6C:07:31:45:C9:AA:E5:D3:82:3D:7E:29:77:A2:BA:60:E4:CA:10:CF:F9:A5:39:89:35:1C"}}},"request":{"raw":"GET /package/run_css/137bf4f58de5afac014acfc965a536497f63e458b100e8deeaaa5c4a3ed5fff5/accounts-25355/live/index/xfalse/xfalse/run.css HTTP/1.1\r\nHost: accounts-25355.bubbleapps.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts-25355.bubbleapps.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: accounts-25355_live_u2main=bus|1773267557563x682752883944084400|1773267557572x307709656763367940; accounts-25355_live_u2main.sig=xYJuhF5KUA42ogdDTLky8uZfyBo; accounts-25355_u1main=1773267557563x682752883944084400; __cf_bm=YK2ULUUBoLEtV2g6LHZSbcKhjFkVXxOprC4yNCVXWWo-1773267557-1.0.1.1-8dhN9sCF3nXxa_ugjDoi6tZgJ9GGAIaUwqAlmv0KYv7vgdM2MrcC4DOpW1EI7cgKasuAWiMnL_NKSoL6bhKE0wpCmlEqFTMEUnh4jcszo9E\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 11 Mar 2026 22:19:18 GMT\r\ncontent-type: text/css\r\ncontent-length: 8669\r\ncf-ray: 9dadf09cc8fd120a-OSL\r\nx-powered-by: Express\r\nx-content-type-options: nosniff\r\ncache-control: public, max-age=31536000\r\naccess-control-allow-origin: *\r\netag: 137bf4f58de5afac014acfc965a536497f63e458b100e8deeaaa5c4a3ed5fff5\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-bubble-perf: {\"total\":242.8,\"percents\":{\"top\":{\"bubble_cpu\":22.2,\"block\":76.6,\"capacity_rl\":0,\"other_pause\":0,\"pre_fiber\":0.6},\"sub\":{\"pp_userdb\":0,\"pp_wait_userdb\":0,\"http_request\":0,\"serverjson\":17.3,\"appserver_cache_misses_time\":0,\"redis\":5.8,\"fiber_queue\":3.2,\"capacity_wait\":0}},\"counts\":{\"pp_userdb\":0,\"http_request\":0,\"derived_build\":0,\"derived_cache_attempts\":2,\"derived_cache_memory_misses\":2,\"serverjson\":50,\"appserver_cache_attempts\":1,\"appserver_mem_cache_hits\":0,\"appserver_cache_hits\":1,\"appserver_cache_misses\":0,\"redis\":10,\"fiber_queue\":82,\"blocks\":81},\"misc\":{\"userdb_results\":1,\"userdb_data\":4,\"spent_time\":8099203}}\r\nx-bubble-capacity-used: 0.125 unit-seconds used\r\nx-bubble-capacity-limit: 0 ms slower\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]}],"data":{"size":58028,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (558)","md5":"b2b530678b80379b4ad079025afd5d56","sha1":"5e5e324acb5a706e5c0268f23013e69eef0b5615","sha256":"99608eeaba9be0649a4cb32580751a7dca0395b85c4c6518e39b7cc45a60f883","sha512":"82e894fbac1e5c15796d50f65e255cdd756deb3c6cdbde882ad76bd263b73d6ec89f6027d59ddd84b91a9cfd99c6735ad1267c41484c94ddd911cbbeaaf794ab","ssdeep":"1536:RkjcuKbGmiVVfJ9bTaTVVfJ9bTa9LrDYBISDE5YHcuHO1E:wcuKbGmU9bT49bTEWISDE0","tlshash":"fc430fa3a9e22e84923f88255186ffbcbbbd4081530facb4969132789b447d75571fcc","first_seen":"2026-03-11T22:19:50.521433Z","last_seen":"2026-03-19T00:04:35.582532Z","times_seen":2,"resource_available":false,"data":null}},"time_used":244,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":243,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/package/run_js/3ceca386cc64fec822e69a651cc607b06ab90cb70a49f743d10ad40a5e06de05/xtrue/x32/run.js","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:17.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bubbleapps.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 04:17:03 GMT","end":"Mon, 13 Apr 2026 05:16:59 GMT"},"fingerprint":{"sha1":"D8:EC:E4:0D:47:25:55:C6:1E:DE:69:71:42:CE:1E:DB:89:1D:EF:A3","sha256":"49:29:0F:22:EA:3E:6C:07:31:45:C9:AA:E5:D3:82:3D:7E:29:77:A2:BA:60:E4:CA:10:CF:F9:A5:39:89:35:1C"}}},"request":{"raw":"GET /package/run_js/3ceca386cc64fec822e69a651cc607b06ab90cb70a49f743d10ad40a5e06de05/xtrue/x32/run.js HTTP/1.1\r\nHost: accounts-25355.bubbleapps.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts-25355.bubbleapps.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: accounts-25355_live_u2main=bus|1773267557563x682752883944084400|1773267557572x307709656763367940; accounts-25355_live_u2main.sig=xYJuhF5KUA42ogdDTLky8uZfyBo; accounts-25355_u1main=1773267557563x682752883944084400; __cf_bm=YK2ULUUBoLEtV2g6LHZSbcKhjFkVXxOprC4yNCVXWWo-1773267557-1.0.1.1-8dhN9sCF3nXxa_ugjDoi6tZgJ9GGAIaUwqAlmv0KYv7vgdM2MrcC4DOpW1EI7cgKasuAWiMnL_NKSoL6bhKE0wpCmlEqFTMEUnh4jcszo9E\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 11 Mar 2026 22:19:18 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 976585\r\ncf-ray: 9dadf09cc906120a-OSL\r\nx-powered-by: Express\r\nx-content-type-options: nosniff\r\ncache-control: public, max-age=31536000\r\naccess-control-allow-origin: *\r\netag: 3ceca386cc64fec822e69a651cc607b06ab90cb70a49f743d10ad40a5e06de05\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-bubble-perf: {\"total\":28.5,\"percents\":{\"top\":{\"bubble_cpu\":28.9,\"block\":60.1,\"capacity_rl\":0,\"other_pause\":0,\"pre_fiber\":2.2},\"sub\":{\"pp_userdb\":0,\"pp_wait_userdb\":0,\"http_request\":0,\"serverjson\":32.5,\"appserver_cache_misses_time\":0,\"redis\":20.7,\"fiber_queue\":3.3,\"capacity_wait\":0}},\"counts\":{\"pp_userdb\":0,\"http_request\":0,\"derived_build\":0,\"serverjson\":2,\"appserver_cache_attempts\":0,\"appserver_mem_cache_hits\":0,\"appserver_cache_hits\":0,\"appserver_cache_misses\":0,\"redis\":9,\"fiber_queue\":18,\"blocks\":17},\"misc\":{\"userdb_results\":1,\"userdb_data\":4,\"spent_time\":1234567}}\r\nx-bubble-capacity-used: 0.019 unit-seconds used\r\nx-bubble-capacity-limit: 0 ms slower\r\ncf-cache-status: MISS\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":4296116,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (64733)","md5":"d00d06565f8ad73345d5987698e00b2c","sha1":"7c2b0a561a33f2dc5bf0e28b42963ee5be01ed4a","sha256":"5c5d3fdebf7bd84625ab06578bb1ddfc498ae4b853282cb2861e544e853805de","sha512":"155718e0f47523e41aa5755956d24a8705a3cca683c88b597848045bdb61385c5785ae989f7af788abd637f5150efc64387867d5ed69ddebd19efceb4336ae30","ssdeep":"24576:byWPNNTOA6xM4IX+9yPmovtZCrZGWUvcs5X6hCQH6mb/bv:byWFNTOA6xM4IuYvtZCrZGWUvcs5X6ht","tlshash":"f325084436a3a956c1c921ebf47f1442d97ec646401c10d0efbccbf36da1bc59a6af2a","first_seen":"2026-03-11T22:19:50.522968Z","last_seen":"2026-03-11T22:19:50.522968Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":906,"receive":532,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Inter:regular%7CInter:600%7CInter:700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"192.178.202.95","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:18.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css?family=Inter:regular%7CInter:600%7CInter:700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts-25355.bubbleapps.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Wed, 11 Mar 2026 22:19:18 GMT\r\ndate: Wed, 11 Mar 2026 22:19:18 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7119,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"f2c2419a66456c2c1df2f0b81f383545","sha1":"060201d342110f3e9f49901b7219be81566da910","sha256":"66773a60f93be248c4745e693c1a2be5845b04c43737f13ae06e54321333d1eb","sha512":"e72937c33ba6f0a36d5a575dcd0a9d4cddc92927962678f8d73ccc068d7819f1c82cf2dc6a760e609aeb441806b5fa555819a17eae4e813d2c6bf6d0a248e92c","ssdeep":"192:fNP6TO3KkxxPNpYNO3o2x3kN2jqO3zpxMx:FVlzmIG","tlshash":"e8e17b92002fa40067931dc363cf7e3aaece5088a086d5696bfd0d859cead66536476e","first_seen":"2025-09-11T17:28:14.709919Z","last_seen":"2026-07-13T06:48:23.285555Z","times_seen":334,"resource_available":false,"data":null}},"time_used":641,"timings":{"blocked":287,"dns":1,"connect":44,"send":0,"wait":65,"receive":0,"ssl":241},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.202.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:18.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://accounts-25355.bubbleapps.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 10 Mar 2026 15:26:35 GMT\r\nexpires: Wed, 10 Mar 2027 15:26:35 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 111163\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T09:16:21.151895Z","times_seen":233180,"resource_available":false,"data":null}},"time_used":722,"timings":{"blocked":311,"dns":0,"connect":43,"send":0,"wait":73,"receive":26,"ssl":266},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-11T22:19:17.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bubbleapps.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 04:17:03 GMT","end":"Mon, 13 Apr 2026 05:16:59 GMT"},"fingerprint":{"sha1":"D8:EC:E4:0D:47:25:55:C6:1E:DE:69:71:42:CE:1E:DB:89:1D:EF:A3","sha256":"49:29:0F:22:EA:3E:6C:07:31:45:C9:AA:E5:D3:82:3D:7E:29:77:A2:BA:60:E4:CA:10:CF:F9:A5:39:89:35:1C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: accounts-25355.bubbleapps.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 11 Mar 2026 22:19:17 GMT\r\ncontent-type: text/html\r\ncontent-encoding: br\r\nx-powered-by: Express\r\nx-content-type-options: nosniff\r\nset-cookie: accounts-25355_live_u2main=bus|1773267557563x682752883944084400|1773267557572x307709656763367940; path=/; expires=Sat, 14 Mar 2026 22:19:17 GMT; secure; httponly\naccounts-25355_live_u2main.sig=xYJuhF5KUA42ogdDTLky8uZfyBo; path=/; expires=Sat, 14 Mar 2026 22:19:17 GMT; secure; httponly\naccounts-25355_u1main=1773267557563x682752883944084400; path=/; secure\n__cf_bm=YK2ULUUBoLEtV2g6LHZSbcKhjFkVXxOprC4yNCVXWWo-1773267557-1.0.1.1-8dhN9sCF3nXxa_ugjDoi6tZgJ9GGAIaUwqAlmv0KYv7vgdM2MrcC4DOpW1EI7cgKasuAWiMnL_NKSoL6bhKE0wpCmlEqFTMEUnh4jcszo9E; path=/; expires=Wed, 11-Mar-26 22:49:17 GMT; domain=.bubbleapps.io; HttpOnly; Secure; SameSite=None\r\nreferrer-policy: origin\r\nx-frame-options: DENY\r\ncontent-security-policy: frame-ancestors 'none';\r\ncache-control: no-store\r\nx-bubble-perf: {\"total\":169.2,\"percents\":{\"top\":{\"bubble_cpu\":20.4,\"block\":79.3,\"capacity_rl\":0,\"other_pause\":0,\"pre_fiber\":0.6},\"sub\":{\"pp_userdb\":0,\"pp_wait_userdb\":0,\"http_request\":0,\"serverjson\":27.4,\"appserver_cache_misses_time\":0,\"redis\":14.4,\"fiber_queue\":11,\"capacity_wait\":0}},\"counts\":{\"pp_userdb\":0,\"http_request\":0,\"derived_build\":0,\"derived_cache_attempts\":8,\"derived_cache_memory_misses\":8,\"serverjson\":60,\"appserver_cache_attempts\":1,\"appserver_mem_cache_hits\":0,\"appserver_cache_hits\":1,\"appserver_cache_misses\":0,\"redis\":23,\"fiber_queue\":108,\"blocks\":107},\"misc\":{\"userdb_results\":1,\"userdb_data\":206,\"spent_time\":5170945}}\r\nx-bubble-capacity-used: 0.08 unit-seconds used\r\nx-bubble-capacity-limit: 0 ms slower\r\nvary: Accept-Encoding\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=31536000\r\nserver: cloudflare\r\ncf-ray: 9dadf099693e32fa-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":14756,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text","md5":"06fb952783ebf3bd973ab64eb367c881","sha1":"4eddb83628a923869de1961b05f7e83dd28e0814","sha256":"340e3cc3d1ac382aa1dd9f5ac24328f67a526cecf5ce5f4658559171b5126973","sha512":"b307ae1ddfe45e9be0acf69a050dab192fb92b82a2479993ab10e959cb54fc9edacaef99e25f3387e5c358c37d97173b18ef9596ed5405cb7086a9bf7dabffbc","ssdeep":"384:MbKlGJHdp8OddVWacvI3gQzyViaMFQXqd4CWLCW0:MbiGJ9p8OddVW0gQzyVivQXqd4CWLCW0","tlshash":"de626496acb3e91690677058a7b7fb18b735a063b100cd04bacc86547f81b8bcd757c9","first_seen":"2026-03-11T22:19:50.525356Z","last_seen":"2026-03-11T22:19:50.525356Z","times_seen":1,"resource_available":false,"data":null}},"time_used":460,"timings":{"blocked":48,"dns":24,"connect":1,"send":0,"wait":364,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"192.178.202.94","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:18.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0I5nvwU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://accounts-25355.bubbleapps.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 48532\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 10 Mar 2026 15:26:35 GMT\r\nexpires: Wed, 10 Mar 2027 15:26:35 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:50 GMT\r\ncontent-type: font/woff2\r\nage: 111163\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":48532,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 48532, version 1.0","md5":"225835e6e0496c54dc2aca9f3d533892","sha1":"942ef5298bbe74bfe44e445def5f2bfc94027fa8","sha256":"acc60d454f46f2ba233c516aa3299aa60e1f49ffd0f06b8392a7c772a5694087","sha512":"ea2ff96ed5ac965c1846b4b33990beab3d4ced66806fa44321f5dd59d9a29a8ae1a67a5816d40165af8a896677b6a24bb74ea6db53cd5e686080165db9fd62c2","ssdeep":"768:b9tYsJ6BxVEpu8sqEkvfXRGEBqH7KxpxA07hQv2bSokjQx2AOWUVOv7UeFHOpIsR:LsEcy7fXRGqqHmr7qv32UC7UetOGLkF","tlshash":"03230178cf9f85b3d33b153afaf4d20562a9067de76c4a803831051a2a55770b89dc0e","first_seen":"2025-05-29T17:27:56.345238Z","last_seen":"2026-07-13T09:16:21.151895Z","times_seen":233180,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":312,"dns":1,"connect":56,"send":0,"wait":44,"receive":29,"ssl":251},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"copilclou-secu.com/?UODqGoYs","fqdn":"copilclou-secu.com","domain":"copilclou-secu.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-11T22:19:20.330Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?UODqGoYs HTTP/1.1\r\nHost: copilclou-secu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-13T09:17:26.728014Z","times_seen":17209512,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-11","alert":"Phishing Block","trigger":"copilclou-secu.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"copilclou-secu.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/api/1.1/init/data?location=https%3A%2F%2Faccounts-25355.bubbleapps.io%2F","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:18.145Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bubbleapps.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 04:17:03 GMT","end":"Mon, 13 Apr 2026 05:16:59 GMT"},"fingerprint":{"sha1":"D8:EC:E4:0D:47:25:55:C6:1E:DE:69:71:42:CE:1E:DB:89:1D:EF:A3","sha256":"49:29:0F:22:EA:3E:6C:07:31:45:C9:AA:E5:D3:82:3D:7E:29:77:A2:BA:60:E4:CA:10:CF:F9:A5:39:89:35:1C"}}},"request":{"raw":"GET /api/1.1/init/data?location=https%3A%2F%2Faccounts-25355.bubbleapps.io%2F HTTP/1.1\r\nHost: accounts-25355.bubbleapps.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts-25355.bubbleapps.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: accounts-25355_live_u2main=bus|1773267557563x682752883944084400|1773267557572x307709656763367940; accounts-25355_live_u2main.sig=xYJuhF5KUA42ogdDTLky8uZfyBo; accounts-25355_u1main=1773267557563x682752883944084400; __cf_bm=YK2ULUUBoLEtV2g6LHZSbcKhjFkVXxOprC4yNCVXWWo-1773267557-1.0.1.1-8dhN9sCF3nXxa_ugjDoi6tZgJ9GGAIaUwqAlmv0KYv7vgdM2MrcC4DOpW1EI7cgKasuAWiMnL_NKSoL6bhKE0wpCmlEqFTMEUnh4jcszo9E\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 11 Mar 2026 22:19:18 GMT\r\ncf-ray: 9dadf09e6954120a-OSL\r\nx-powered-by: Express\r\nx-content-type-options: nosniff\r\nx-bubble-perf: {\"total\":21.3,\"percents\":{\"top\":{\"bubble_cpu\":35,\"block\":58.2,\"capacity_rl\":0,\"other_pause\":0,\"pre_fiber\":4.3},\"sub\":{\"pp_userdb\":0,\"pp_wait_userdb\":0,\"http_request\":0,\"serverjson\":53.8,\"appserver_cache_misses_time\":0,\"redis\":25.8,\"fiber_queue\":4.5,\"capacity_wait\":0}},\"counts\":{\"pp_userdb\":0,\"http_request\":0,\"derived_build\":0,\"derived_cache_attempts\":1,\"derived_cache_memory_misses\":1,\"serverjson\":6,\"appserver_cache_attempts\":0,\"appserver_mem_cache_hits\":0,\"appserver_cache_hits\":0,\"appserver_cache_misses\":0,\"redis\":9,\"fiber_queue\":21,\"blocks\":20},\"misc\":{\"userdb_results\":0,\"userdb_data\":0,\"spent_time\":1120163}}\r\nx-bubble-capacity-used: 0.017 unit-seconds used\r\nx-bubble-capacity-limit: 0 ms slower\r\ncf-cache-status: DYNAMIC\r\npriority: u=3,i=?0\r\nstrict-transport-security: max-age=31536000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]}],"data":{"size":283,"size_decoded":0,"mime_type":"text/xml","magic":"JSON text data","md5":"70e03a979da968f076545bf15ea4e1fe","sha1":"81ef84cfe1952b1f623f4bea77efbbf45fc3335b","sha256":"6ec2224b414390e9ebc62e351ef6070af5194c4ee1d11223f6917ebefb8770f2","sha512":"f3a6a4429c0bc9c70eb97c697706fd8193d242d6488c26ca0e87a5324d74111790a3c53b794727cf4024a4afa6d1be678451a5c5b2f1043857f6c4c4142d6807","ssdeep":"","tlshash":"d0d05b554ae555a7339431ce7732500cd765e0359ed40dcc21f5514c42bc0d5160ca3f","first_seen":"2026-03-11T22:19:50.528132Z","last_seen":"2026-03-11T22:19:50.528132Z","times_seen":1,"resource_available":false,"data":null}},"time_used":835,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":835,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:17.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bubbleapps.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 04:17:03 GMT","end":"Mon, 13 Apr 2026 05:16:59 GMT"},"fingerprint":{"sha1":"D8:EC:E4:0D:47:25:55:C6:1E:DE:69:71:42:CE:1E:DB:89:1D:EF:A3","sha256":"49:29:0F:22:EA:3E:6C:07:31:45:C9:AA:E5:D3:82:3D:7E:29:77:A2:BA:60:E4:CA:10:CF:F9:A5:39:89:35:1C"}}},"request":{"raw":"GET /package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js HTTP/1.1\r\nHost: accounts-25355.bubbleapps.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts-25355.bubbleapps.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: accounts-25355_live_u2main=bus|1773267557563x682752883944084400|1773267557572x307709656763367940; accounts-25355_live_u2main.sig=xYJuhF5KUA42ogdDTLky8uZfyBo; accounts-25355_u1main=1773267557563x682752883944084400; __cf_bm=YK2ULUUBoLEtV2g6LHZSbcKhjFkVXxOprC4yNCVXWWo-1773267557-1.0.1.1-8dhN9sCF3nXxa_ugjDoi6tZgJ9GGAIaUwqAlmv0KYv7vgdM2MrcC4DOpW1EI7cgKasuAWiMnL_NKSoL6bhKE0wpCmlEqFTMEUnh4jcszo9E\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 11 Mar 2026 22:19:18 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 8815\r\ncf-ray: 9dadf09cc8e9120a-OSL\r\nx-powered-by: Express\r\nx-content-type-options: nosniff\r\ncache-control: public, max-age=31536000\r\naccess-control-allow-origin: *\r\netag: 05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-bubble-perf: {\"total\":22.3,\"percents\":{\"top\":{\"bubble_cpu\":38.1,\"block\":57.2,\"capacity_rl\":0,\"other_pause\":0,\"pre_fiber\":4.4},\"sub\":{\"pp_userdb\":0,\"pp_wait_userdb\":0,\"http_request\":0,\"serverjson\":27.4,\"appserver_cache_misses_time\":0,\"redis\":18.6,\"fiber_queue\":6.9,\"capacity_wait\":0}},\"counts\":{\"pp_userdb\":0,\"http_request\":0,\"derived_build\":0,\"serverjson\":2,\"appserver_cache_attempts\":0,\"appserver_mem_cache_hits\":0,\"appserver_cache_hits\":0,\"appserver_cache_misses\":0,\"redis\":9,\"fiber_queue\":18,\"blocks\":17},\"misc\":{\"userdb_results\":1,\"userdb_data\":4,\"spent_time\":1273254}}\r\nx-bubble-capacity-used: 0.02 unit-seconds used\r\nx-bubble-capacity-limit: 0 ms slower\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":24223,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1366)","md5":"5dbf806421d5dd97b86016ab9fd1b9a1","sha1":"82504056bb4e5b9cae17ff042c1562d75ba04bc5","sha256":"450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b","sha512":"2921c69a6112f64c969c3d3c7bbfbc2dd259370f5c6ad07e80d845ca9f0efdcb5dca77e11dcd82402be972af229c524220520c98289f3b84e790f7b12ecaf9da","ssdeep":"384:41KVTmIUU8J6TQ1kl4/JXqbhl9gNsTol/wui24nT1MlsISMzO3P2LA8n/q6HhrwO:4AVTmI8JUl4/JXqbb9gNsToBLjsBMU8v","tlshash":"28b2c9497a21b17b835390b3517f064f933ba56eb80448acb588d9e46cb4d79037bfb8","first_seen":"2023-05-23T09:38:37Z","last_seen":"2026-07-13T05:19:22.136134Z","times_seen":2488,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"accounts-25355.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js","fqdn":"accounts-25355.bubbleapps.io","domain":"accounts-25355.bubbleapps.io","tld":"bubbleapps.io"},"ip":{"addr":"104.18.246.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://accounts-25355.bubbleapps.io/","date":"2026-03-11T22:19:17.892Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bubbleapps.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 13 Jan 2026 04:17:03 GMT","end":"Mon, 13 Apr 2026 05:16:59 GMT"},"fingerprint":{"sha1":"D8:EC:E4:0D:47:25:55:C6:1E:DE:69:71:42:CE:1E:DB:89:1D:EF:A3","sha256":"49:29:0F:22:EA:3E:6C:07:31:45:C9:AA:E5:D3:82:3D:7E:29:77:A2:BA:60:E4:CA:10:CF:F9:A5:39:89:35:1C"}}},"request":{"raw":"GET /package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js HTTP/1.1\r\nHost: accounts-25355.bubbleapps.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://accounts-25355.bubbleapps.io/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: accounts-25355_live_u2main=bus|1773267557563x682752883944084400|1773267557572x307709656763367940; accounts-25355_live_u2main.sig=xYJuhF5KUA42ogdDTLky8uZfyBo; accounts-25355_u1main=1773267557563x682752883944084400; __cf_bm=YK2ULUUBoLEtV2g6LHZSbcKhjFkVXxOprC4yNCVXWWo-1773267557-1.0.1.1-8dhN9sCF3nXxa_ugjDoi6tZgJ9GGAIaUwqAlmv0KYv7vgdM2MrcC4DOpW1EI7cgKasuAWiMnL_NKSoL6bhKE0wpCmlEqFTMEUnh4jcszo9E\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Wed, 11 Mar 2026 22:19:18 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 31085\r\ncf-ray: 9dadf09cc900120a-OSL\r\nx-powered-by: Express\r\nx-content-type-options: nosniff\r\ncache-control: public, max-age=31536000\r\naccess-control-allow-origin: *\r\netag: dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff\r\ntiming-allow-origin: *\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-bubble-perf: {\"total\":47,\"percents\":{\"top\":{\"bubble_cpu\":17.6,\"block\":69.6,\"capacity_rl\":0,\"other_pause\":0,\"pre_fiber\":12.4},\"sub\":{\"pp_userdb\":0,\"pp_wait_userdb\":0,\"http_request\":0,\"serverjson\":20,\"appserver_cache_misses_time\":0,\"redis\":31,\"fiber_queue\":9.5,\"capacity_wait\":0}},\"counts\":{\"pp_userdb\":0,\"http_request\":0,\"derived_build\":0,\"serverjson\":2,\"appserver_cache_attempts\":0,\"appserver_mem_cache_hits\":0,\"appserver_cache_hits\":0,\"appserver_cache_misses\":0,\"redis\":9,\"fiber_queue\":18,\"blocks\":17},\"misc\":{\"userdb_results\":1,\"userdb_data\":4,\"spent_time\":1239258}}\r\nx-bubble-capacity-used: 0.019 unit-seconds used\r\nx-bubble-capacity-limit: 0 ms slower\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\npriority: u=2,i=?0\r\nstrict-transport-security: max-age=31536000\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Bubble","description":"Bubble is a no-code platform that lets anyone build web apps without writing any code.","website":"https://bubble.io","common_platform_enumeration":"","icon":"bubble.png","categories":["Page builders","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":89795,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"641dd14370106e992d352166f5a07e99","sha1":"eda46747c71d38a880bee44f9a439c3858bb8f99","sha256":"a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af","sha512":"a6e981b23351186aa43f32879dd64c6801be6e2af7ef8b0e472cccdeeba52d5d7894de4bcb292a364f1e11e525524077534338140a72687ada4fae62849843a5","ssdeep":"1536:IjjxXUHunxDjoXEZxkMV4PYDt0zxxf6gP3f8cApoEGOzZTBqUsuy8WnKdXwhLQvg:IeeIygP3fulzhsz8jlvaDioQ47GKH","tlshash":"d193f8ddb2c6702247a770ba007f510bf236199d684d8450f269d8e9bc78a4e827bf7d","first_seen":"2023-03-26T04:59:07Z","last_seen":"2026-07-13T08:17:17.672433Z","times_seen":26353,"resource_available":true,"data":null}},"time_used":270,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":266,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-03-11","alert":"Sinkholed","trigger":"accounts-25355.bubbleapps.io","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}}]}
