www.advintel.io Open in urlscan Pro
151.101.65.84 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Submission: On November 01 via api (November 1st 2022, 12:20:46 pm UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 112 HTTP transactions. The main IP is 151.101.65.84, located in United States and belongs to FASTLY, US. The main domain is www.advintel.io.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 12th 2022. Valid for: 3 months.

This is the only time www.advintel.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	151.101.65.84 151.101.65.84	54113 (FASTLY) (FASTLY)
13	52.72.171.244 52.72.171.244	14618 (AMAZON-AES) (AMAZON-AES)
72	2600:9000:21f... 2600:9000:21f3:d400:c:68f7:80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a04:4e42:62::84 2a04:4e42:62::84	54113 (FASTLY) (FASTLY)
8	185.230.61.202 185.230.61.202	58182 (WIX_COM) (WIX_COM)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:4d00::	15169 (GOOGLE) (GOOGLE)
112	10

5 151.101.65.84 (United States)

ASN54113 (FASTLY, US)

www.advintel.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.72.171.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-171-244.compute-1.amazonaws.com

frog.wix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 2600:9000:21f3:d400:c:68f7:80:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.parastorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteassets.parastorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.230.61.202 (San Jose, United States)

ASN58182 (WIX_COM, IL)
PTR: unalocated.61.wixsite.com

engage.wixapps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:4d00:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

wix-engage-visitors-prod-13.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	parastorage.com static.parastorage.com — Cisco Umbrella Rank: 6548 siteassets.parastorage.com — Cisco Umbrella Rank: 7452	1 MB
13	wix.com frog.wix.com — Cisco Umbrella Rank: 7059	3 KB
8	wixapps.net engage.wixapps.net — Cisco Umbrella Rank: 18710	19 KB
6	googleapis.com www.googleapis.com — Cisco Umbrella Rank: 57	2 KB
5	advintel.io www.advintel.io	295 KB
4	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 6623	107 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2963 log.pinterest.com — Cisco Umbrella Rank: 4135	19 KB
1	firebaseio.com wix-engage-visitors-prod-13.firebaseio.com — Cisco Umbrella Rank: 289354	1 KB
112	8

	Domain	Requested by
68	static.parastorage.com	www.advintel.io static.parastorage.com engage.wixapps.net
13	frog.wix.com	www.advintel.io static.parastorage.com
8	engage.wixapps.net	static.parastorage.com
6	www.googleapis.com	static.parastorage.com
5	www.advintel.io	www.advintel.io static.parastorage.com
4	static.wixstatic.com	www.advintel.io
4	siteassets.parastorage.com	www.advintel.io
2	assets.pinterest.com	static.parastorage.com assets.pinterest.com
1	wix-engage-visitors-prod-13.firebaseio.com	static.parastorage.com
1	log.pinterest.com
112	10

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
advintel.io Sectigo RSA Domain Validation Secure Server CA	`2022-10-12` - `2023-01-10`	3 months	crt.sh
*.wix.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-16` - `2022-11-12`	6 months	crt.sh
*.parastorage.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-14` - `2023-04-12`	6 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-30` - `2023-03-29`	6 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.wixapps.net Sectigo RSA Domain Validation Secure Server CA	`2022-09-25` - `2023-03-24`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.us-central1.firebasedatabase.app GTS CA 1D4	`2022-10-14` - `2023-01-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Frame ID: 8B3188CCFF47D2A115E6B90FDCC853B2
Requests: 76 HTTP requests in this frame

Frame: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Frame ID: 248FA7A280D75BFC6452C9B294ED68ED
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Post | AdvIntel

Detected technologies

Wix (CMS) Expand

Overall confidence: 100%
Detected patterns

static\.parastorage\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

112
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

1951 kB
Transfer

6803 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/advanced-intelligence-llc/

Search URL Search Domain Scan URL

URL: https://twitter.com/AdvIntel

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

112 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request backup-removal-solutions-from-conti-ransomware-with-love%22 Show response
www.advintel.io/post/ 818 KB
139 KB 598ms
503ms Document
text/html 151.101.65.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Pepyaka/1.19.10 /

Resource Hash

09acb0f3227353ce4c392c5a359a07a31d2573212477ecefa457f9ea3fa115d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: private,max-age=0,must-revalidate
content-encoding: br
content-language: de-DE
content-type: text/html; charset=UTF-8
date: Tue, 01 Nov 2022 12:20:41 GMT
link: <https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;,
server: Pepyaka/1.19.10
server-timing: cache;desc=miss, varnish;desc=miss_miss, dc;desc=fastly
strict-transport-security: max-age=3600
vary: Accept-Encoding
x-cache: MISS
x-content-type-options: nosniff
x-seen-by: roqoaVaG/Y0K4FDXPQbYVA==,RQvnDyN5n1orR2cJk2hJbg==,GXNXSWFXisshliUcwO20NU53gQymTA7BCiXxfWA0+Jcfnv3lE929xgX6BzpoyNBA,m0j2EEknGIVUW/liY8BLLlAwLb1tXR23DYhcoMEdpYDDa2gaReObvoMyILa0JRsy,2d58ifebGbosy5xc+FRaloj06dH2U43me8KaHxbMMOC8ikr+MgjHQPqonE30WzAYSEVvpF2fzddvoBVgk5p3WA==,2UNV7KOq4oGjA5+PKsX47L2p7YuUlwYf/q18t6XtpnFYgeUJqUXtid+86vZww+nL,7npGRUZHWOtWoP0Si3wDp2lerG3rBhTAOs5glqtGbqA=,UCXqFoU+MbsWXjA74cRbHfqzx9Q+CVQ2fdWtVenOnHtboj6Y85niGSC71tk5FED0WIHlCalF7YnfvOr2cMPpyw==,xTu8fpDe3EKPsMR1jrheEGJElSLlsIDJe7Bcaqd8N3o=,LoUK8/saGAmOxZWtpubo2hI32khZiCIEQ7IPfAMRfv2bDMCzC6R6z2wPTyS3O5lsRgekbrS6BQ+HnMhMmcZx7A==,xTu8fpDe3EKPsMR1jrheEI0wEn2DDxamQCJ1rZWnjDE=,xTu8fpDe3EKPsMR1jrheEC85No0M4nX/hmZx9elAc7M=,/a5ccLSK1HEmwPNg/x6OuvjKOUIfhDCdirNYyWZqbyl/jRp09HfHn2Wco9uWTHi2vZ7a6Em0tJ82U66/tSzM5w==
x-served-by: cache-hhn4074-HHN
x-wix-request-id: 1667305240.722805411449232893

POST
H2 204 bolt-performance
frog.wix.com/ 0
254 B 336ms
108ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&microPop=fastly&is_cached=false&msid=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&session_id=86220bbd-d735-4736-9f17-8ffdf21e2c8c&ish=true&isb=true&isbr=plugins-extra&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98&caching=miss,miss_miss&pv=visible&pn=1&v=1.11168.0&url=https%3A%2F%2Fwww.advintel.io%2Fpost%2Fbackup-removal-solutions-from-conti-ransomware-with-love%2522&st=2&ts=6&tsn=633
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:41 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 dynamicmodel Show response
www.advintel.io/_api/v2/ 30 KB
10 KB 110ms
109ms Fetch
application/json 151.101.65.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.advintel.io/_api/v2/dynamicmodel

Requested by

Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Pepyaka/1.19.10 /

Resource Hash

dd75ced5ad259948b6e55070c9966ac1fd6bdb1c199331089e33a1d48f58a699

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=3600
content-encoding: br
x-content-type-options: nosniff
date: Tue, 01 Nov 2022 12:20:41 GMT
age: 323530
x-cache: MISS
server-timing: cache;desc=hit, varnish;desc=hit_miss, dc;desc=fastly
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-served-by: cache-hhn4074-HHN
x-wix-request-id: 1667305241.71480534438733390
server: Pepyaka/1.19.10
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private,no-cache,no-store
accept-ranges: bytes
x-seen-by: roqoaVaG/Y0K4FDXPQbYVA==,qdrMdw4zrP0/E6B8JtgqKA==,GXNXSWFXisshliUcwO20NU53gQymTA7BCiXxfWA0+JcjlptOw+HvCw4MIkvDWc7Z,m0j2EEknGIVUW/liY8BLLrC01ptYXsMHWXBWBuBw+5rJftmKrOReD3ukbbas4YDo,2d58ifebGbosy5xc+FRalrFbOJ4xWjoUWmZG0vChoTllk8lEkHIokokhkAZAFdbkJ5dsIz/71nkPxewcVQa6SQ==,2UNV7KOq4oGjA5+PKsX47Cw+ez5ZSdHSUO2KndS/apNYgeUJqUXtid+86vZww+nL

POST
H2 204 bt
frog.wix.com/ 0
253 B 109ms
108ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_miss&dc=84&microPop=fastly&et=1&event_name=Init&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&ita=1&msid=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&pn=1&sessionId=86220bbd-d735-4736-9f17-8ffdf21e2c8c&siterev=1495-__siteCacheRevision__&st=2&ts=412&tts=1039&url=https%3A%2F%2Fwww.advintel.io%2Fpost%2Fbackup-removal-solutions-from-conti-ransomware-with-love%2522&v=1.11168.0&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98&_brandId=wix
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:41 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 thunderbolt-commons.43e12462.bundle.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 88 KB
27 KB 26ms
25ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-commons.43e12462.bundle.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 1f5a2a54e574f87f94d7e60c1780080c322eb4c8141a5df5feccaa40b70f5245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:53:50 GMT
x-amz-version-id: mmjacJfrZfmp9i72.ojHSjtRIHG6.TWN
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 246411
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1667058830.8091045917328629719
last-modified: Sat, 29 Oct 2022 15:32:54 GMT
server: Pepyaka/1.19.10
etag: W/"9e0ced3a2f7d1711ce679097e80f6040"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 549663053
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 3MAHl0-Sg2KypgheLDYhXlXdf9dCf_DRWu3jwYIhWVgJYACWVLEYOg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJMe3/j5AamzIi0oSHQsz9b+

GET
H2 200 main.cecaa5cc.bundle.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 168 KB
42 KB 43ms
43ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/main.cecaa5cc.bundle.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: eaa7d6245504c8116cfcb052edbd864a11bba2000b88717dba3df232c06690fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:53:50 GMT
x-amz-version-id: e437Ds2ShN.pZUKCq0AqA6703kQZqZLs
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 246411
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1667058830.86910458389537129719
last-modified: Sat, 29 Oct 2022 15:32:53 GMT
server: Pepyaka/1.19.10
etag: W/"7c5ea44cbc7b70e24fdc3db29159b946"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 782603744
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: sDWGMyHQZR9r-guQKPkiOfh8MpuNJSLHdvpHCfFiKDt9OZzt_EEUuQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H2 200 lodash.min.js Show response
static.parastorage.com/unpkg/lodash@4.17.21/ 71 KB
25 KB 38ms
36ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/lodash@4.17.21/lodash.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:48:08 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 5337482
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 25102
x-wix-request-id: 1662050888.6246026730173593750
last-modified: Sun, 21 Feb 2021 02:37:42 GMT
server: Pepyaka/1.19.10
etag: W/"9becc40fb1d85d21d0ca38e2f7069511"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 147542306 47832050
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: aRRS5Ot75L5ddssDJWryORQ-IvjXB3-N08v8Z_8wmnwpLVbyUBKU6Q==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1

GET
H2 200 react.production.min.js Show response
static.parastorage.com/unpkg/react@16.14.0/umd/ 12 KB
5 KB 23ms
21ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/react@16.14.0/umd/react.production.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 15:15:44 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 5340056
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4703
x-wix-request-id: 1662045344.86339295814055313203
last-modified: Thu, 15 Oct 2020 02:11:22 GMT
server: Pepyaka/1.19.10
etag: W/"63d498e143f421cc44dfb64f22fef270"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 97638907 34759629
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: iuYBvE_rqogtb1Aw5Y7Wjd5lGrXpEKrTp7jplcB5wIAtgRVx6SjvAw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd

GET
H2 200 thunderbolt
siteassets.parastorage.com/pages/pages/ 0
7 KB 45ms
43ms Other
application/json 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.catharsis_shapeIds%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.customElemCollapsedheight%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.serveGoogleFontsFromWixForTPA%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1863.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.advintel.io&fileId=3efa7b24.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=true&language=en&metaSiteId=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&module=thunderbolt-platform&originalLanguage=en&pageId=0e8cc9_dc831c0010c6a22dbdee572ca8c19f6d_1495.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9784.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9784.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=37d01c82-6238-41de-9562-7dbe2a329b16&siteRevision=1495&viewMode=desktop
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 19:12:14 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 61707
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6034
x-wix-request-id: 1667243534.18512658683681126591
server: Pepyaka/1.19.10
etag: W/"6a2b-WhoOsOmrEGS+2BGESuiSZxuruf8"
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 405700789 989828864
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: age,via,x-cache-status,X-cache-status
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 0tktCdXOVAMy_UGplZKZFjFX8uAx7GsI_qJs-VXo5bRFCiPfG-GRCg==
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR374F0S6IZWPBSR/IxrWsyAAl,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqlfSFobLjH4O5sqit/uMFGYvGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1GdDPVgj6Wu0Zs0gvBQnhu3JftmKrOReD3ukbbas4YDo

GET
H2 200 thunderbolt
siteassets.parastorage.com/pages/pages/ 0
3 KB 56ms
55ms Other
application/json 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.catharsis_shapeIds%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.customElemCollapsedheight%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.serveGoogleFontsFromWixForTPA%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&dfCk=6&dfVersion=1.1863.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.advintel.io&fileId=3efa7b24.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=true&language=en&metaSiteId=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&module=thunderbolt-platform&originalLanguage=en&pageId=0e8cc9_281984ae68b87f990d38892174eb1498_1433.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9784.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9784.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=37d01c82-6238-41de-9562-7dbe2a329b16&siteRevision=1495&viewMode=desktop
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:20:41 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2237
x-wix-request-id: 1667305241.68813357251851826591
server: Pepyaka/1.19.10
etag: W/"3e65-6PBqv8FffY4XWHJTXrK3pDzYMlc"
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 967941594 307931093
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: age,via,x-cache-status,X-cache-status
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: xvzJfmsOUHpLpI2RmzQ51kiEFU0tW_Ua7lZB2NRbUpDRIuaTs2G_EQ==
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR374F0S6IZWPBSR/IxrWsyAAl,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqn/y/84nRWv/mvMZT+vI0zpvGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1NuV0AlRoM+kgD28k9FC+ggeGdLDLXwpLd0CTVHPbfOd

GET
H2 200 thunderbolt
siteassets.parastorage.com/pages/pages/ 92 KB
17 KB 76ms
61ms Other
application/json 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.catharsis_shapeIds%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.customElemCollapsedheight%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.serveGoogleFontsFromWixForTPA%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1863.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.advintel.io&fileId=774e6b4a.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=true&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=true&language=en&languageResolutionMethod=QueryParam&metaSiteId=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&module=thunderbolt-features&originalLanguage=en&pageId=0e8cc9_dc831c0010c6a22dbdee572ca8c19f6d_1495.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9784.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9784.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=37d01c82-6238-41de-9562-7dbe2a329b16&siteRevision=1495&staticHTMLComponentUrl=https%3A%2F%2Fwww-advintel-io.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 77d70e83e6789b69ec878ea47a3498c8b23ea5cea781ab07dc090521b50c3a05

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:20:41 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15998
x-wix-request-id: 1667305241.6911322381676122427
server: Pepyaka/1.19.10
etag: W/"17114-Hx1EREh5RUbYJBGnjI/+iPGRX5o"
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 967941600 348096296
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: age,via,x-cache-status,X-cache-status
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 0Y1XvVigllYUHWP7B6vfRaZdgFGh_q7tSG_eyUDz3oQEvkBiOjkivg==
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR377MgboBQKyB2cy+aZvw1lxd,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqn/y/84nRWv/mvMZT+vI0zpvGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1NuV0AlRoM+kgD28k9FC+ggeGdLDLXwpLd0CTVHPbfOd

GET
H2 200 thunderbolt
siteassets.parastorage.com/pages/pages/ 41 KB
7 KB 69ms
54ms Other
application/json 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://siteassets.parastorage.com/pages/pages/thunderbolt?appDefinitionIdToSiteRevision=%7B%2213d21c63-b5ec-5912-8397-c3a5ddb27a97%22%3A%22440%22%2C%2214bcded7-0066-7c35-14d7-466cb3f09103%22%3A%22222%22%7D&beckyExperiments=specs.thunderbolt.catharsis_shapeIds%3Atrue%2Cspecs.thunderbolt.DatePickerPortal%3Atrue%2Cspecs.thunderbolt.new_responsive_layout_render_all_breakpoints%3Atrue%2Cspecs.thunderbolt.loadHighQualityImagesAboveFold%3Atrue%2Cspecs.thunderbolt.customElemCollapsedheight%3Atrue%2Cspecs.thunderbolt.new_responsive_layout%3Atrue%2Cspecs.thunderbolt.serveGoogleFontsFromWixForTPA%3Atrue%2Cspecs.thunderbolt.maskImageCSS%3Atrue%2Cspecs.thunderbolt.chat_landing_page%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1863.0&excludedSafariOrIOS=false&experiments=bv_remove_add_chat_viewer_fixer%2Cdm_migrateToTextTheme&externalBaseUrl=https%3A%2F%2Fwww.advintel.io&fileId=774e6b4a.bundle.min&hasTPAWorkerOnSite=false&isHttps=true&isInSeo=false&isMultilingualEnabled=true&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=true&language=en&languageResolutionMethod=QueryParam&metaSiteId=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&module=thunderbolt-features&originalLanguage=en&pageId=0e8cc9_281984ae68b87f990d38892174eb1498_1433.json&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9784.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.9784.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.233.0&siteId=37d01c82-6238-41de-9562-7dbe2a329b16&siteRevision=1495&staticHTMLComponentUrl=https%3A%2F%2Fwww-advintel-io.filesusr.com%2F&useSandboxInHTMLComp=false&viewMode=desktop
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: ca63782b17b65bcfff660056425472ac29cc7fdfdc9e00fbd333afaeafb3e38b

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:20:41 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6174
x-wix-request-id: 1667305241.68813357137141826591
server: Pepyaka/1.19.10
etag: W/"a5a8-eR9eCFHzlwItl9lIgAbATdv079w"
access-control-allow-methods: GET, OPTIONS, POST
x-varnish: 101518832 983389971
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: age,via,x-cache-status,X-cache-status
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: tOZ-63mP15nscqan6LRyCZVGgKUWq-SXNuMC1yV7t7lGFaO2my2_ew==
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR374F0S6IZWPBSR/IxrWsyAAl,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqlbQMcdx08Kd2I0rfB3g7tfvGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1G6V2ir54IN3Z0Hg/7qRU+4eGdLDLXwpLd0CTVHPbfOd

GET
H2 200 siteTags.bundle.min.js Show response
static.parastorage.com/services/tag-manager-client/1.427.0/ 11 KB
5 KB 48ms
46ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: a055462e069ab37c3c269bf8b80c7c1aafa72b7d2f0b7699833f87558b06a0cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 02:32:49 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 6122657
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3858
x-wix-request-id: 1661308369.6203395625313129320
last-modified: Tue, 25 May 2021 09:37:42 GMT
server: Pepyaka/1.19.10
etag: W/"74b64900831a2e814a8ff0cdedcf80cb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 467647983 336827847
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: aTgbZZ2gDSdbX7YkqjouX5KeghbI2Pekd9VZEWKMXu8ukujGjegloQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1

GET
H2 200 wix-perf-measure.bundle.min.js Show response
static.parastorage.com/services/wix-perf-measure/1.1042.0/ 40 KB
13 KB 49ms
48ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-perf-measure/1.1042.0/wix-perf-measure.bundle.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: e1f67cc75a65b657c623c6b4ec3869a7b8bccd0a7f0b670354fb55add6fcd6ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 10:30:41 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 4067859
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 11956
x-wix-request-id: 1663237841.83949293042391513203
last-modified: Thu, 15 Sep 2022 10:21:30 GMT
server: Pepyaka/1.19.10
etag: W/"72cd3e3e90088aa5acd84acd0d7346c6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 958200512
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: FilHa3Ieuz9patdKeurwxmPRI81MxdndkdIeUlh-Ph7BoWeiGFObBA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H2 200 react-dom.production.min.js Show response
static.parastorage.com/unpkg/react-dom@16.14.0/umd/ 116 KB
36 KB 26ms
25ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/react-dom@16.14.0/umd/react-dom.production.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 28 Aug 2022 13:28:56 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 5613455
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 36048
x-wix-request-id: 1661693336.1485864540677829911
last-modified: Thu, 15 Oct 2020 02:11:22 GMT
server: Pepyaka/1.19.10
etag: W/"c5abc87541fe6bb0f43f22af475a8b20"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 526163923 524350661
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 3UiC2jWCz8MTddJIuJRuk1FW6H0WYn-bCbHSKNRhKJUXROIhtJdtow==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd

GET
H2 200 ADVINTEL_Temp_Final_DarkGrey.png
static.wixstatic.com/media/0e8cc9_8a06c0cecd594eae9f7338c6902eb58b~mv2.png/v1/fill/w_201,h_89,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 3 KB
4 KB 21ms
20ms Image
image/webp 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/0e8cc9_8a06c0cecd594eae9f7338c6902eb58b~mv2.png/v1/fill/w_201,h_89,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ADVINTEL_Temp_Final_DarkGrey.png
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: 113bc02eaadaca0e75a30fcbc183d6d512b3117e7b2ba46d6175d59a4e20d0cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 06:12:56 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 108465
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3234
wix-tracer: 2Gt8ynGwiJPm6C5KlTr70lPl7ZI
x-seen-by: image-manipulator-5cdc794f79-lkbwm

GET
H2 200 file.woff2
static.wixstatic.com/ufonts/51657f_d2dcb10fad45479cb850dfd6693ed318/woff2/ 102 KB
103 KB 62ms
22ms Font
font/woff2 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.wixstatic.com/ufonts/51657f_d2dcb10fad45479cb850dfd6693ed318/woff2/file.woff2
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: 385bbf95bf4f0b545fd665de099761bbdc400787d70afaa40b66b0c3838b3ac5

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-seen-by: gcp.us-central-1.media-router-765d45dbd8-s6gk4
date: Fri, 28 Oct 2022 13:20:22 GMT
via: 1.1 google
age: 342019
x-guploader-uploadid: ADPycduEKZIjYl-56aG-ZKibPmFoiMCvwSnCaTKuVQUor6EFzvIIeiJpVM1hELJ6wzkp6HGMUL4iH5AsT8YOBzqKDT-_g5lqf_Sl
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104380
last-modified: Mon, 10 May 2021 15:00:57 GMT
server: openresty/1.21.4.1
etag: "546cd31ead7a0182b09271d2e57668eb"
x-goog-generation: 1620658857141458
x-goog-hash: crc32c=owmvXg==, md5=VGzTHq16AYKwknHS5XZo6w==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=15552000, immutable
x-goog-stored-content-length: 104380
accept-ranges: bytes
timing-allow-origin: *
content-type: font/woff2
expires: Fri, 28 Oct 2022 14:20:22 GMT

GET
H3 200 0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ 17 KB
18 KB 62ms
29ms Font
application/octet-stream 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/0078f486-8e52-42c0-ad81-3c8d3d43f48e.woff2
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 13:56:22 GMT
x-amz-version-id: ZJhEgw5338rDGW18OcyggGHIv4bi5qCO
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 6382614
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17216
x-wix-request-id: 1661090182.5015429659971329912
last-modified: Tue, 17 Apr 2018 11:11:01 GMT
server: Pepyaka/1.19.10
etag: "ef4257ccfa0fce4d914b23a28aa6fdf4-1"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/octet-stream
access-control-allow-origin: *
x-varnish: 604162486 547232605
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: kR-KNeBkMn8oCKLjP90PfNViw5U6BJ2SiJLguhninAOS3iDxfsLDfA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd

GET
H3 200 03805817-4611-4dbc-8c65-0f73031c3973.woff
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ 22 KB
22 KB 55ms
23ms Font
application/x-font-woff 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/03805817-4611-4dbc-8c65-0f73031c3973.woff
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 9b7c81d3e669c7bff62527a61525ad1b80f776021655fd3a63dc927b0f0d624b

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 03:29:18 GMT
x-amz-version-id: Qe74hpWdFxESmMRv7pqxFHzVbxy4QAcz
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5488531
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 21883
x-wix-request-id: 1661916558.7056053884300515983
last-modified: Tue, 17 Apr 2018 11:10:44 GMT
server: Pepyaka/1.19.10
etag: W/"5d25008e5807f3967ff7f3393a68abf5-1"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/x-font-woff
access-control-allow-origin: *
x-varnish: 1062498055 994082850
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 2ZF8W4b4TW5xAsbduEmcoQ9EJtqU70IQ8gDu1CUlrg3cwlznP_HNWw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd

GET
H3 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/fonts/Montserrat/v14/ 13 KB
14 KB 50ms
31ms Font
application/octet-stream 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/santa-resources/dist/viewer/user-site-fonts/fonts/Montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 17:35:19 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 4749370
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13708
x-wix-request-id: 1662658519.404647213969513750
last-modified: Mon, 05 Sep 2022 15:11:43 GMT
server: Pepyaka/1.19.10
etag: "42230b682e8b1bc26d8abb3df7bcf094"
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 460862107 392805286
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: fY9XuLpndgIokaej5wUd-4tXl7vOqdTMp-8Cy6-BLi64yA22lviNWg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1

GET
H3 200 26091050-06ef-4fd5-b199-21b27c0ed85e.woff2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ 18 KB
18 KB 47ms
30ms Font
application/octet-stream 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/26091050-06ef-4fd5-b199-21b27c0ed85e.woff2
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: d493e43a39a2c5a022d4a1295f952f22079088c74dece36e94f2f8a760648819

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 05:43:29 GMT
x-amz-version-id: LyS3RoQEhoS65ThKNJ05SMC6e6eU301O
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5314919
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18212
x-wix-request-id: 1662097409.67761559951321724131
last-modified: Tue, 17 Apr 2018 11:10:57 GMT
server: Pepyaka/1.19.10
etag: "adefa22d63c85887c8b1a434ccd6afeb-1"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/octet-stream
access-control-allow-origin: *
x-varnish: 190808057 75293962
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: p37PWrYKIPAOTRJaMb5LQ8LcshoAmFAldg-8ECI3uM4cB26ecLiylg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1

POST
H2 204 bt
frog.wix.com/ 0
253 B 110ms
109ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_miss&dc=84&microPop=fastly&et=12&event_name=Partially%20visible&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&pid=no1qb&pn=1&sessionId=86220bbd-d735-4736-9f17-8ffdf21e2c8c&siterev=1495-__siteCacheRevision__&st=2&ts=517&tts=1144&url=https%3A%2F%2Fwww.advintel.io%2Fpost%2Fbackup-removal-solutions-from-conti-ransomware-with-love%2522&v=1.11168.0&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98&_brandId=wix
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:41 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

POST
H2 204 bolt-performance
frog.wix.com/ 0
253 B 109ms
109ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bolt-performance?src=72&evid=28&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&microPop=fastly&is_cached=false&msid=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&session_id=86220bbd-d735-4736-9f17-8ffdf21e2c8c&ish=true&isb=true&isbr=plugins-extra&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98&caching=miss,miss_miss&pv=visible&pn=1&v=1.11168.0&url=https%3A%2F%2Fwww.advintel.io%2Fpost%2Fbackup-removal-solutions-from-conti-ransomware-with-love%2522&st=2&ts=6&tsn=633&name=partially_visible&duration=1667305241746&pageId=no1qb
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:41 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H3 200 clientWorker.8738d23c.bundle.min.js
www.advintel.io/_partials/wix-thunderbolt/dist/ 522 KB
143 KB 28ms
27ms Other
application/javascript 151.101.65.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.advintel.io/_partials/wix-thunderbolt/dist/clientWorker.8738d23c.bundle.min.js

Requested by

Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Pepyaka/1.19.10 /

Resource Hash

8b59100c2511d966f60b09d8e06bbea5482c6561c240404f5207282882818da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: sL5ASBydgo2CzEi.3KbgN9SF8CVVhzm8
content-encoding: br
x-content-type-options: nosniff
date: Tue, 01 Nov 2022 12:20:41 GMT
age: 187203
x-cache-status: MISS
x-cache: HIT
x-amz-replication-status: REPLICA
server-timing: cache;desc=hit, varnish;desc=hit_hit, dc;desc=fastly
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 145980
x-served-by: cache-hhn4051-HHN
x-wix-request-id: 1667130863.7041445024878791
last-modified: Sat, 29 Oct 2022 15:32:47 GMT
server: Pepyaka/1.19.10
etag: W/"203a8025ea8ec63cdcee0472371fcf73"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-seen-by: roqoaVaG/Y0K4FDXPQbYVA==

GET
H3 200 7528824071724d12a3e6c31eee0b40d4.png
static.wixstatic.com/media/7528824071724d12a3e6c31eee0b40d4.png/v1/fill/w_24,h_24,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 528 B
550 B 64ms
23ms Image
image/webp 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/7528824071724d12a3e6c31eee0b40d4.png/v1/fill/w_24,h_24,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/7528824071724d12a3e6c31eee0b40d4.png
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: 01a86c66d91bd729da26f90b5e0b12a7b62e77d6e8ba997936daac316e4e0e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:06:44 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 1559637
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 528
wix-tracer: 2G7hc1DGAkOR4C3als86MsUZ3ia
x-seen-by: image-manipulator-5cdc794f79-v5d54

GET
H3 200 01ab6619093f45388d66736ec22e5885.png
static.wixstatic.com/media/01ab6619093f45388d66736ec22e5885.png/v1/fill/w_24,h_24,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/ 542 B
564 B 63ms
22ms Image
image/webp 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/01ab6619093f45388d66736ec22e5885.png/v1/fill/w_24,h_24,al_c,q_85,usm_0.66_1.00_0.01,enc_auto/01ab6619093f45388d66736ec22e5885.png
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: ed58e2d34146dd9b4786e89e43e5a3c45ddad22fe1131f263977af2a1cfc559d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:56:41 GMT
via: 1.1 google
server: openresty/1.21.4.1
age: 339840
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 542
wix-tracer: 2Gla0b5lOLWaaenkGpSmTxAMthK
x-seen-by: image-manipulator-5cdc794f79-5r5b8

GET
H3 200 thunderbolt-components-registry.02e93b4a.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 30 KB
10 KB 23ms
22ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 9dbb7dd2752fe08da9353a373f1653b0713d104eb6013a466323017e1f5ca9a8

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:16:17 GMT
x-amz-version-id: uwnPn9eZDJXAcF2DzIQNkSqw2FSDCCts
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 446664
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1666858577.419840578376712427
last-modified: Thu, 27 Oct 2022 08:03:22 GMT
server: Pepyaka/1.19.10
etag: W/"d6c9b7d739201a7b5eff1c963391ae3a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 635906703
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: DaKhfPXA5-gBtRXNmhSYE8Z1LCCDxleUyhD65P90zUA7MXrgm9aAjA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H3 200 group_3.53d2beb4.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 35 KB
11 KB 23ms
23ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_3.53d2beb4.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: ce901306ecc55554980fffb63e3a978cec2bafae373318d258d9ea32ed6d431f

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:53:54 GMT
x-amz-version-id: 2frx2S7af2UeyyugmYso7GjgXJ9rSLVR
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 534407
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 11010
x-wix-request-id: 1666770834.6997805795149029719
last-modified: Wed, 26 Oct 2022 07:43:37 GMT
server: Pepyaka/1.19.10
etag: W/"52d2b945b150c57ad0b21ad3e5eb3686"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 581852910
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: BEV4c47poNUTDKNNqv-LKgGUddXO_lz_z_wiUYyeQmvVPjOuelTEcQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H3 200 group_4.ec9b8c87.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 53 KB
19 KB 23ms
23ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_4.ec9b8c87.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 3fad41b47c365095b2416915408dd00e6affbfda1928628691d2fb84e6c3ce31

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:53:54 GMT
x-amz-version-id: kxXQYGd_6K1L.merNJQPuh0rjEsBpeXb
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 534407
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 18525
x-wix-request-id: 1666770834.7007781938149426593
last-modified: Wed, 26 Oct 2022 07:43:37 GMT
server: Pepyaka/1.19.10
etag: W/"6d94c1e7a76777f9b1bb94fb2b456af8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 188712778
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 5sdXYzToRTik8yWN9hu3lcF1Vi_v-iCHZGQdvPdDNpg3EIPc9qni4w==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJMe3/j5AamzIi0oSHQsz9b+

GET
H3 200 group_7.3546c9ec.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 68 KB
22 KB 25ms
25ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_7.3546c9ec.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 297ccbcfd8ef84bc4a56d0d888cf1549681b6ae17222a5aa43f1f471433dee4f

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:53:52 GMT
x-amz-version-id: U.F457n3wapaxxvq7PxI_xpQOgilTuYs
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 246409
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 21858
x-wix-request-id: 1667058832.3801033045130232427
last-modified: Sat, 29 Oct 2022 15:32:44 GMT
server: Pepyaka/1.19.10
etag: W/"6b4d4af64253965c8c0581aab52e0fb1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 716622666
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: XeD7tOW-y5rn_3u0DVV3O82nHMIpLG_eHyBmb1BJHVZ2fwTCglFfCw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm

GET
H3 200 group_5.daddd15c.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 33 KB
12 KB 26ms
26ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_5.daddd15c.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: e76b0f7b609a18da5b64254f1b82bdf2125415790bf47661be20aa2d79581e15

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:53:54 GMT
x-amz-version-id: kc_iRKPnsnOizPu8RNhH72.8mrTsqV3i
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 534407
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1666770834.777784421970111042
last-modified: Wed, 26 Oct 2022 07:43:36 GMT
server: Pepyaka/1.19.10
etag: W/"89d3124e370786ac9be155919fdec9f7"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 741133231
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: f7KxkDEdHcBZ5R3C7AjBPuZGhcmVOLFuYziNmA1FBF8jyMvX1kSm4w==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+

GET
H3 200 captcha.469812db.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 701 B
1 KB 24ms
24ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/captcha.469812db.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 9478acc1861faae1ddc542c79b9fffedf87ef6293f331f889bbf2e70e68b784c

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:53:51 GMT
x-amz-version-id: 9or9cTshAqM7qI6wlkav3df.oqYMS1Z0
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 246410
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 430
x-wix-request-id: 1667058831.29710430307146326593
last-modified: Sat, 29 Oct 2022 15:32:57 GMT
server: Pepyaka/1.19.10
etag: W/"07007c8ce908f661858543f164f523e3"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 716591512
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: FPX_q4FNHoxNXeX5jxk-WudCq_3zXWFjHNyFBPwsVVXHpCHmhEBmCQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm

GET
H3 200 group_14.46124469.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 46 KB
14 KB 27ms
27ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_14.46124469.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 0a4501aa1c51753d6243a1b12b63d1386a9af9eed05fc00b8df02f084cbc962a

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:14:04 GMT
x-amz-version-id: Uwx6jAty7gDmYVLpT0Wtoj4gQxRruOjG
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 446803
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 13284
x-wix-request-id: 1666858444.5598550964363311042
last-modified: Thu, 27 Oct 2022 08:03:22 GMT
server: Pepyaka/1.19.10
etag: W/"9e111c487a137418b4b00189fa762f6b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 285718283 284203238
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: ELq22LBEpJAzS5ARARqd4T-ME9qRH2PSkhKoojcXKEGN_UkO7i60Gg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1

GET
H3 200 cyclicTabbing.f2f7c694.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 2 KB
2 KB 26ms
25ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/cyclicTabbing.f2f7c694.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 06aa3f04326b17acd64f2b5d2ae710df9df863dcd5a74861a16f38b692af4ee4

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:53:51 GMT
x-amz-version-id: PXT1iHw7BHZPAsZUhoPW1L8h5qH3ktfd
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 246410
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 857
x-wix-request-id: 1667058831.32710459055521229720
last-modified: Sat, 29 Oct 2022 15:33:00 GMT
server: Pepyaka/1.19.10
etag: W/"7f670250c4c1f7e487bc849062920ecd"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 160407486
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 7yWO8zq9NXMBT0FvFe4eRZdyhRsOExSGNwJsrs10W9FcCJfroTnKoQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+

GET
H3 200 group_6.64d4a1e9.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 76 KB
23 KB 26ms
25ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_6.64d4a1e9.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 4d1f28f1bb0511ac841f81ffc67f32e46c0284b12a230a764fd865f5decbae8d

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:53:51 GMT
x-amz-version-id: 2HKv2TcCltMGszrYXdl.R5TbeLZJielo
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 246410
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 23027
x-wix-request-id: 1667058831.36610508182384311041
last-modified: Sat, 29 Oct 2022 15:32:54 GMT
server: Pepyaka/1.19.10
etag: W/"c476fda023216f775fe900de6d96bbfd"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 1003582698
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 4zQzqC3DSG_yZ7BwgAoLvDu7haLNH5mQvqJ_VOz7Cd2wzZahKhV6gw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQFjVKS1KW45pDD7kwcelUf

GET
H3 200 group_9.b70ec106.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 8 KB
4 KB 27ms
27ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_9.b70ec106.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: c4b2f5ed2e5b58b3f2d22bd8e15425bfbb46790272c8f1789a867bbf97ca022a

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 08:24:55 GMT
x-amz-version-id: BmeP.0wJAnDJmotQyMqqBsQ9zO6Xs4xT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 186945
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1667118295.9741099590333829719
last-modified: Sat, 29 Oct 2022 15:32:52 GMT
server: Pepyaka/1.19.10
etag: W/"11a480de23425d79d69de64f446f49df"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 823713701
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: K6iQzEpk5r1nLoxtccRiEqqYt1r_m4_fKbZGQkhhkYeDjP-T1lKmOw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H3 200 tpaCommons.bbc0a216.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 3 KB
2 KB 40ms
40ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/tpaCommons.bbc0a216.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 8e0ef53da3ec9eb4a5559460cbe7bf4c07cb06ea38db55a62d6ee94fe510cc7f

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:10:18 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5573423
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1343
x-wix-request-id: 1661731818.39357969487184932
last-modified: Mon, 29 Aug 2022 00:04:52 GMT
server: Pepyaka/1.19.10
etag: W/"1859fa33f05f3b19f454d1a25dcb0a72"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 289103753
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: Lu7RbBHlvuBsqhsr89UX1XzSg5oLcdlqPZ5Rh3-6Kapb-bm5klhKzg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm

GET
H3 200 platform.40a13011.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 2 KB
2 KB 40ms
40ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/platform.40a13011.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 7e267c7067b4c103cc22c12daa62a267deab592f2da81c3cb3d6ff65a1fb8f9a

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:16:17 GMT
x-amz-version-id: HhB8OMFK5sTxkt6ptvKvMYFo4PhhLinF
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 446664
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1666858577.7918552053985811042
last-modified: Thu, 27 Oct 2022 08:03:21 GMT
server: Pepyaka/1.19.10
etag: W/"2f22c03a0e1f1fe31fe6477770fa408f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 181764966
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: xojtK8ondZ5_qWvYn3plXC5fW8cn1zxN59IIbgRURQDZD1gQg2DaDw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVcyc3RE2AEtYWQGVQ/2ywuOgeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYTkTYnbrpxTuT84TvL9JpCC

GET
H3 200 group_0.19566a9d.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 923 B
1 KB 21ms
21ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_0.19566a9d.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 319a93d72316b4301cccace1d6ed58d81e30a4452a457d1f6894e3bdd6c88ce0

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 00:10:19 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5573422
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 417
x-wix-request-id: 1661731819.1233700536892229320
last-modified: Mon, 29 Aug 2022 00:04:51 GMT
server: Pepyaka/1.19.10
etag: W/"48b2397d11e6f4d24fa05599d16a0e84"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 69667410
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 8iz8KJdn2pLJlpOgVwswCHiDgWRwu5k_hATJ4sJ1sH4IFXtMGO0Mvg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVcyc3RE2AEtYWQGVQ/2ywuOgeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYTkTYnbrpxTuT84TvL9JpCC

GET
H3 200 santa-langs-en.3246c3f7.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 35 KB
10 KB 24ms
24ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/santa-langs-en.3246c3f7.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 397e27d816e4695d899f30aadbaca84b57800db7b864e3c7d4988256a0714970

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 07:53:55 GMT
x-amz-version-id: WfgSPgxgTDdwGr0lnY4pjW7meNw2Dz22
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 534407
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1666770835.218784421970211042
last-modified: Wed, 26 Oct 2022 07:43:36 GMT
server: Pepyaka/1.19.10
etag: W/"6d1339e3803d967bab1c8d0ac94ab11b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 179153615
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 4fzWhFi-b-1ud4QmwcvhtDb7Qmb4TJdSn-em7Gyu-BSKztCfPALO1Q==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJMe3/j5AamzIi0oSHQsz9b+

GET
H3 200 group_15.a79aebee.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 11 KB
5 KB 23ms
22ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_15.a79aebee.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 366f98148cd13338e66bb208adea46618b61a959071307edd11c1a026b7b7b11

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:53:51 GMT
x-amz-version-id: ZJgnCoQ1QnZocBLWRE4yz.B24wOJLCqV
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 246411
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 3911
x-wix-request-id: 1667058831.7151032986493622427
last-modified: Sat, 29 Oct 2022 15:32:51 GMT
server: Pepyaka/1.19.10
etag: W/"ba834b10e43b1fe13574d5a8a26b9c6f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 549401238
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: px-53nNK_9PJqopRo-MdoAXVh2Eh3_HBjCuwZ_dWI0cCZCtiJDjNoQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJMe3/j5AamzIi0oSHQsz9b+

GET
H3 200 group_2.e79fad4b.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 13 KB
6 KB 32ms
32ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_2.e79fad4b.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 1bbf952cd22067636980956473b721dc142e8ebbd9c36f83e77482d7663e1198

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:14:04 GMT
x-amz-version-id: xn5ibvOLkhxciRGQjcttSjvxejMnru4K
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 446804
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 5397
x-wix-request-id: 1666858444.8758483552328126591
last-modified: Thu, 27 Oct 2022 08:03:21 GMT
server: Pepyaka/1.19.10
etag: W/"1a306ad8c790b335268e725b180d1ddb"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 285400779 285399575
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: y3S3OyJNxBfoFLpsSFKkur6yeu3mVW1dYrI-mIZlH8EH7b612ISADQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1

GET
H3 200 imageZoom.8962e1c0.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 1 KB
1 KB 23ms
22ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/imageZoom.8962e1c0.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: c00d09c746073aa83750bf3f45ce6a816b0fc5d4b2014ac9c5baa30e4a951988

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:14:05 GMT
x-amz-version-id: 4gk3HQ2gq3OyH4ehX3tIj7uTDupY7fJe
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 446797
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 600
x-wix-request-id: 1666858445.0068550003518711042
last-modified: Thu, 27 Oct 2022 08:03:21 GMT
server: Pepyaka/1.19.10
etag: W/"bb6573ea7fc07053fa23000dcd824570"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 569734669
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: D9TsJFWpjtQLnn50mgKnZLexSDAMY8BkIzYGznTHWj85ghViHr2tFg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm

GET
H3 200 group_16.a7d8ba1c.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 43 KB
15 KB 28ms
28ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_16.a7d8ba1c.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 1c808fa8105dd3812cef488473e42c9358a04996c91f88b1fa479b23373c6dcd

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:53:51 GMT
x-amz-version-id: 6ss19o7AfP1EoLrU7_havnDofnB8bWzI
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 246411
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 14444
x-wix-request-id: 1667058831.5851043122171626591
last-modified: Sat, 29 Oct 2022 15:32:57 GMT
server: Pepyaka/1.19.10
etag: W/"09b77f93cc7e9a1cb2c3a28af46d2bd3"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 784239612
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: AbOWj2bLSsATg_FjDMxHPr5Rt93gQ-V4CIJUcPSgPS3k0pVcTsDPLQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H3 200 reporter-api.e6b6a75f.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 26 KB
8 KB 27ms
27ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/reporter-api.e6b6a75f.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: e83c4b7b7da7473164173a770ee1e0b09e1bae30166a73da8d42cdf1e0c92e60

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 09:29:39 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5539863
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7089
x-wix-request-id: 1661765379.0947884577148424258
last-modified: Mon, 29 Aug 2022 09:27:59 GMT
server: Pepyaka/1.19.10
etag: W/"422dbc1c2f49b30069b6d7d5a73885b6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 592259253
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: wDgnhfuuHA6PsnDX48En_RRwJ2b1bgneF_uuwV0xWNjZh22H5Rc6og==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciDgmy1x1bk0T2mMblm59aj,aVxMblM8KFG3we5NLvyVc7eNHvhCRAbD7EPjVZvQO20fbJaKSXYQ/lskq2jK6SGP,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYRTal0JO8D5MRZkJSFf/s14

GET
H3 200 8dfd1b9a-1d6d-4233-af4b-26b0945b72b9 Show response
www.advintel.io/_api/tag-manager/api/v1/tags/sites/ 1 KB
2 KB 158ms
158ms XHR
application/json 151.101.65.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.advintel.io/_api/tag-manager/api/v1/tags/sites/8dfd1b9a-1d6d-4233-af4b-26b0945b72b9?wixSite=false&htmlsiteId=37d01c82-6238-41de-9562-7dbe2a329b16&language=en

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Pepyaka/1.19.10 /

Resource Hash

36b1bb47768b77b654a0c502657a16207d462fc331188b4008f3def1da672117

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
accept-language: de-DE,de;q=0.9
authorization: p1jnHA31EEeumksrvaWv3_X5-iJ40D6a5uJAaJOxQkQ.eyJpbnN0YW5jZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsInNpdGVPd25lcklkIjoiMGU4Y2M5MzYtMzhhNC00ZDA5LWE3NzItZmMzYzhlY2NhOGExIn0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

x-served-by: cache-hhn4051-HHN
pragma: no-cache
date: Tue, 01 Nov 2022 12:20:42 GMT
content-encoding: br
x-content-type-options: nosniff
x-wix-request-id: 1667305242.044805104791143014
server: Pepyaka/1.19.10
etag: W/"4e7-mP9CVjI9MTNwlB3BwJ6rpiIkiIA"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-seen-by: roqoaVaG/Y0K4FDXPQbYVA==,qdrMdw4zrP0/E6B8JtgqKA==,GXNXSWFXisshliUcwO20NU53gQymTA7BCiXxfWA0+JekSr6KIx6jqpVCqcPd7O2K,m0j2EEknGIVUW/liY8BLLtxbqKixcgheJzihIl22fmTJftmKrOReD3ukbbas4YDo,++r5XCRb/6cYf+PEtyYPdD24zhA2ody3zC7PaEm5Bwu96XkXwyV+uFynKY+ouT6J3p/EiAFgdbgGM13Kfh+cFg==,7npGRUZHWOtWoP0Si3wDpxS/Bk+B3QLWUb+JnknTP34=,MDFDoTqjWxpWhAuWfTm+PKNjJx1l1/zQTCvfMGvnGtb3tzg4rXaHeTo+z9Ea5XbmouzYPW5ExJ7FKj/iV6xB1A==,xTu8fpDe3EKPsMR1jrheENZoQTb3CKJqUta8XevXAOI=,xTu8fpDe3EKPsMR1jrheECKm88KF4d/Onra+gJPK4kE=,mvxQ9qSAmY38asKjFCcmG+cqFqnmnyG0IbPf1wSwcE+YJceAEZp1zHj6M0kp3dmKCNOhjFJzaXXU3sut2qKB6w==,xTu8fpDe3EKPsMR1jrheEBfzzkq2HtYcy2tvbXw3CBc=,tznMqpp3e1oucszW+OT1FCYiUMgWU7cNIWjtzvXfQKV153dKoUsQxlOqtc0Gy1slINAjHm00DyZlIqHld7iIAg==,xTu8fpDe3EKPsMR1jrheEMr3jeEU4CTyb7+fyr0EfqY=,g+dVzGc2iJCx2nR64BGlAXA01g31h79ySY/5M2Mls/gGTMKvQ7iGvyDw/bcrKDyE3IKGmpHcDnIFFhMXJBsgPZrjpH3E0iWlDh5Q9ikG6qw=

GET
H3 200 TPABaseComponent.4431a9cc.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 5 KB
3 KB 22ms
21ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/TPABaseComponent.4431a9cc.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 9bddc6ee47861a3d279db8913506a6dcc9394f9760faabfa7292173affb6454b

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 08:14:06 GMT
x-amz-version-id: I2rWyAAl0.j2t45bKNtKdL3P1HHvJWJ9
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 446796
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 1974
x-wix-request-id: 1666858446.0328510089945529719
last-modified: Thu, 27 Oct 2022 08:03:21 GMT
server: Pepyaka/1.19.10
etag: W/"6c5e7aea4b9485430a6b538963869b9e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 569734843
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: oViIBqMA4ZuYKvNa2AMaJTtNTxaXntwRGOd3b7RN4tzFXbL3v4EV5w==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm

GET
H3 200 rb_wixui.thunderbolt~bootstrap-classic.cf3aa831.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 38 KB
12 KB 48ms
22ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt~bootstrap-classic.cf3aa831.chunk.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: f12e6c234c602028e5c53f9b073afb0b1c9695691af215c11943fdb12250f039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 02:02:19 GMT
x-amz-version-id: ck60zgRGUvQ3B_0z27ZUdhk9cbZUIjSg
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 129998
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 11573
x-wix-request-id: 1667181739.6431187840577411042
last-modified: Mon, 31 Oct 2022 00:02:53 GMT
server: Pepyaka/1.19.10
etag: W/"699971da897ec3751146535fa8dccbc5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 887797902 882761122
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: SBwmL1R8HtNwue0gEC4P8uu0x_psOm9zvuzL9uGu6riaRLUv9t8H2A==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd

GET
H3 200 rb_wixui.thunderbolt~common-site-members-dialogs.9e9e6db0.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 78 KB
24 KB 50ms
24ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt~common-site-members-dialogs.9e9e6db0.chunk.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: ed443709a9c5267613f2a6598bd028fc7aa7c67f2947dd93fbf0e62be7820221

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:14:04 GMT
x-amz-version-id: ghKgFTaPvCsdurgnivrP01NUJeI5vq3u
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 129998
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 23367
x-wix-request-id: 1667175244.6501181433645211042
last-modified: Mon, 31 Oct 2022 00:02:53 GMT
server: Pepyaka/1.19.10
etag: W/"75f48a3171683b5f092fd7fb637855a2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 882722778
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: sqT87PEcHhNXDtavsy2Hm6Z7aXBaYYKyhPN2DPU_gMWd0mstUcM_8A==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H3 200 requirejs.min.js Show response
static.parastorage.com/unpkg/requirejs-bolt@2.3.6/ 17 KB
7 KB 23ms
23ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-commons.43e12462.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 12:23:55 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 5270207
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6191
x-wix-request-id: 1662035035.28761093993891524131
last-modified: Thu, 24 Jan 2019 14:24:53 GMT
server: Pepyaka/1.19.10
etag: W/"18823f6a6d208ee1e361bb266ab794d5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 88893225 89211256
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: GeVeb7qwfoZ7u8MAPDlDEylIqPqpcN2UWMlfgQmWnaDbForlwG53nQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd

GET
H3 200 group_1.a4b948af.chunk.min.js Show response
static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/ 191 KB
43 KB 23ms
23ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/group_1.a4b948af.chunk.min.js
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 45fb40e12580716f312bf21b709f9e4f45e9897f3b58adb375766c5de5184a00

Request headers

Referer: https://www.advintel.io/
Origin: https://www.advintel.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 08:11:11 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 3065240
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 43543
x-wix-request-id: 1664352671.40081736066764626132
last-modified: Mon, 26 Sep 2022 22:30:02 GMT
server: Pepyaka/1.19.10
etag: W/"08c159761d61625cb9210b97f1ecfd56"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 360483596 266034132
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 8qT848ZLjnrfnzh79--xkw3ifSGxRHWrZ7znZ02rnYE6BEANMjL9cg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1

GET
H3 200 rb_wixui.thunderbolt~bootstrap.1a5725ae.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 46 KB
13 KB 26ms
25ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt~bootstrap.1a5725ae.chunk.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 52f038fc547d08d6aced47bdd5fc0136324552a5dc54e37ddcb290575cd4e863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 02:02:19 GMT
x-amz-version-id: VFZ2PGaNOCIlt2TFaHWlg7otyG2Fdwp9
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 129997
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 12744
x-wix-request-id: 1667181739.6781182901742329719
last-modified: Mon, 31 Oct 2022 00:02:53 GMT
server: Pepyaka/1.19.10
etag: W/"87ae72a2a56b0fca1ef15108ee4ec73b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 418159164 405333808
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: K5rvrNRnFTO7tdUS3ghRzDzC42PZHXKOwJULaB_iIGtratdpq2JnRg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd

GET
H3 200 rb_wixui.thunderbolt[TextAreaInput].ecda441e.bundle.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 7 KB
4 KB 25ms
24ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt[TextAreaInput].ecda441e.bundle.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: c3cee27d4d5104c232f06c5ceaea7747c8ef35862b9e3c8689949ac04b22b269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:45:06 GMT
x-amz-version-id: ucTCx9feCH6pNxhCcFLR1mPLBQcQC3To
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 326136
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 2870
x-wix-request-id: 1666979106.5809729267791429720
last-modified: Fri, 28 Oct 2022 17:38:40 GMT
server: Pepyaka/1.19.10
etag: W/"e4a9b4ce7c29adac36eff921ca2ebb37"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 662020564
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 8m5HGbeDTNP0VUhbbHsAvc9mfTxMrLvYoKwFbn-D8nnq0NDIpbW9wg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm

GET
H3 200 rb_wixui.thunderbolt[Checkbox].71e631bf.bundle.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 8 KB
4 KB 32ms
30ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt[Checkbox].71e631bf.bundle.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 7612dd8aa20e6b7f124ca2308f981b48bb8a4302494e1c91a4e0cffe2d6a43a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:21:55 GMT
x-amz-version-id: ToT5kFOXi0hxnoeSBZpxAlKZ8We98gla
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 129527
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 3089
x-wix-request-id: 1667175715.13711736035583026591
last-modified: Mon, 31 Oct 2022 00:02:54 GMT
server: Pepyaka/1.19.10
etag: W/"992b917ed2cefb1205d36ee69ba13321"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 70824371
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: WYCu_eXtNgbwYqXYOZVHoEuV4z6p8oJVMiCMDMZUpnFqipO8jHIgHQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQFjVKS1KW45pDD7kwcelUf

GET
H3 200 rb_wixui.thunderbolt~bootstrap-responsive.16b3dc89.chunk.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 19 KB
7 KB 30ms
28ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt~bootstrap-responsive.16b3dc89.chunk.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 700b8520efa2a5466dbc25a9a9a4ab76a866b9b39b56e8be8a51255df71ffc99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 00:14:05 GMT
x-amz-version-id: Gy2rSCX7PGVEZ.O2FaZzTZMvs4i3KVRN
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 129997
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 6777
x-wix-request-id: 1667175245.3951173174350826591
last-modified: Mon, 31 Oct 2022 00:02:37 GMT
server: Pepyaka/1.19.10
etag: W/"9d50b4f036e6360bc8d3b68fb7e2da34"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 882686482
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: rjFal5xv-gQI35y4Mv-GkvMmWYWvgm-0-Tvyc1Embv56FNOmXba3tw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H3 200 rb_wixui.thunderbolt[AppWidget_Classic].5e7df854.bundle.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 6 KB
3 KB 27ms
25ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt[AppWidget_Classic].5e7df854.bundle.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: e4cf98946b73cbe4f1fc7de7b840997196e794e3a3ae7c44253b3a3ab7e6f970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 09:02:36 GMT
x-amz-version-id: kY6eh_Bu4ydmVdbqhfxafiEaNO6d16DN
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 326197
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 2256
x-wix-request-id: 1667034156.8191019214868726591
last-modified: Fri, 28 Oct 2022 17:38:34 GMT
server: Pepyaka/1.19.10
etag: W/"52117d9d0eccb46bc8b82d713e8793a8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 766088882 729670290
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: ER_RLBRdD2byTLrRLWRS5n_yytHY0o9RohVGi_gLDWDsN19HBdXN3A==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd

GET
H3 200 rb_wixui.thunderbolt[FormContainer_FormContainerSkin].9e2dfb9a.bundle.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 4 KB
2 KB 39ms
37ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt[FormContainer_FormContainerSkin].9e2dfb9a.bundle.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 9fee0e58cc99febee7b90c54f75a2f9ceef30c3de8b164b62c7a940eb2c263a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:44:04 GMT
x-amz-version-id: rYjqpr.f9Fy4Ec3YDZtVpSu0iww5ujul
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 326198
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 1526
x-wix-request-id: 1666979044.87996089373992427
last-modified: Fri, 28 Oct 2022 17:38:37 GMT
server: Pepyaka/1.19.10
etag: W/"05e327c75a3b59f23e0a672980449ff3"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 656120807
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: j5ugf48PU3gSsZUMXraC9Rk9NYGH-1lCChHLMvPFvcE9SB8ZjX0e9A==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm

GET
H3 200 rb_wixui.thunderbolt[SkipToContentButton].bd0e9a9a.bundle.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 6 KB
3 KB 35ms
34ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt[SkipToContentButton].bd0e9a9a.bundle.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 57c4db4d71745047ffac4644e726c9e428727b813cd3de62924914dec6ba68a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:44:04 GMT
x-amz-version-id: Md661sjMqAq_NnxFsAxQheG4W7xzeXNs
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 326198
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 2403
x-wix-request-id: 1666979044.9399702152693426591
last-modified: Fri, 28 Oct 2022 17:38:39 GMT
server: Pepyaka/1.19.10
etag: W/"91a0c417416535c73b79923d60d6e4f2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 662077692
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: J3fgBAILFqQNv6BmXYLsWDOQ4oOvpgzOH5-P4iPcLpMpCrUvpYyWAg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopj8Q5G/Ose159xWYwpIkYm

GET
H3 200 rb_wixui.thunderbolt[TextInput].d8ab72e6.bundle.min.js Show response
static.parastorage.com/services/editor-elements/dist/ 5 KB
3 KB 32ms
31ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/editor-elements/dist/rb_wixui.thunderbolt[TextInput].d8ab72e6.bundle.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/thunderbolt-components-registry.02e93b4a.chunk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 431434c31722ba2a881ec13d58abc1e513a64177dd7bac7a64e445cd217cec95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 17:44:05 GMT
x-amz-version-id: JwWnbX4ZYCyDtlB2SiNDqyzZv.LEfNcz
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 326197
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 2040
x-wix-request-id: 1666979044.97196091241512427
last-modified: Fri, 28 Oct 2022 17:38:39 GMT
server: Pepyaka/1.19.10
etag: W/"0f78b51adcebb277365cec321df235a8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 20339707
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: UmbICHYfTID8JUmZEfHkTKPXP3eGsS3n403xky7PAb1iZ50-tSfpeQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+

GET
H3 200 PostViewerWidgetNoCss.bundle.min.js Show response
static.parastorage.com/services/communities-blog-ooi/1.539.0/ 1 MB
345 KB 34ms
33ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/communities-blog-ooi/1.539.0/PostViewerWidgetNoCss.bundle.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/requirejs-bolt@2.3.6/requirejs.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: d387f44c203e1c2bb2f4e129bdb096cd6c4323df07493a3ff92d93405a37da99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 06:02:17 GMT
x-amz-version-id: QhwkfVKaJhAmadSu_LErW6SObDxhqM.C
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 713937
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
content-length: 352649
x-wix-request-id: 1666591337.908626679215762427
last-modified: Sun, 23 Oct 2022 20:23:21 GMT
server: Pepyaka/1.19.10
etag: W/"b95fff1017a7d6f1218d2d506c78c83c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 479453775 480087718
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: h62gAyMoCsalUxjBIeHQnfy8I4wADpxMqgEftEvw-xGbIppETJD9Lw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd

POST
H2 204 bpm
frog.wix.com/ 0
253 B 141ms
117ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bpm
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/main.cecaa5cc.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.advintel.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:42 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H3 200 app.bundle.min.js Show response
static.parastorage.com/services/cookie-consent-banner-for-uou/1.685.0// 70 KB
16 KB 24ms
22ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/cookie-consent-banner-for-uou/1.685.0//app.bundle.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/tag-manager-client/1.427.0/siteTags.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: e7f209c6492eb79b0506ac0eda3155a37dfb4d2f8e85dbd289b48f81eff5663f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:40:00 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 5277543
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15753
x-wix-request-id: 1662104400.6733969560451813203
last-modified: Tue, 02 Nov 2021 19:00:53 GMT
server: Pepyaka/1.19.10
etag: W/"3fda65cf63a7dcbe3fbcb14742c1eef0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 177227565 140433892
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: WfaSxotCgf1RqZy2Ds4A7xlYqNnNUeKrun9-JH2-8GvskCpDOrRVBg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVczcu59EpmtW9m1QeKn/Zhei8ZDY613cHYLbuhNMgAom1

GET
H3 200 cookie-banner-settings Show response
www.advintel.io/_serverless/cookie-consent-settings-serverless/v1/ 2 KB
1 KB 334ms
334ms Fetch
application/json 151.101.65.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.advintel.io/_serverless/cookie-consent-settings-serverless/v1/cookie-banner-settings?languageCode=en

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/cookie-consent-banner-for-uou/1.685.0//app.bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.65.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Pepyaka/1.19.10 /

Resource Hash

9ce3ee1709f8ba7d27162429d46a3283c48fe20807c62d6eb206748f4dd42052

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
accept-language: de-DE,de;q=0.9
authorization: oPJn5W21yzyOqzK8vck2b2bI0qCPmEbOOLocVr9qIuE.eyJpbnN0YW5jZUlkIjoiNjIzMzNhODktOTJlMi00NjJkLWI5YmYtMTZhMzVmNDBjYWY3IiwiYXBwRGVmSWQiOiJmMTA1YmExNi02YjdhLTRiNTItYTJlNS03MTJiZGM3NDlmNzYiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJlZmNlMjExMy04ZjhmLTA0MWUtMTZmNC0zMDEzY2IxYmI4NGUiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9
x-wix-client-artifact-id: cookie-consent-banner-for-uou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: cache-hhn4051-HHN
pragma: no-cache
date: Tue, 01 Nov 2022 12:20:42 GMT
content-encoding: br
x-content-type-options: nosniff
x-wix-request-id: 1667305242.2748066828542330045
server: Pepyaka/1.19.10
etag: W/"75c-sOfau6bQxt49D2lM1cCjH4jRSRs"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json; charset=utf-8
cache-control: no-store, no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-seen-by: roqoaVaG/Y0K4FDXPQbYVA==,qdrMdw4zrP0/E6B8JtgqKA==,GXNXSWFXisshliUcwO20NU53gQymTA7BCiXxfWA0+Jcfnv3lE929xgX6BzpoyNBA,m0j2EEknGIVUW/liY8BLLlXQtHW9kaoX9Rp39hufIvnJftmKrOReD3ukbbas4YDo,++r5XCRb/6cYf+PEtyYPdKnOON0jwmD6JGMqmKbJAExXWmgyQcIdTAnCIcBrhsIxfYnMSsnxk+tAw1bXSN7pKA==,7npGRUZHWOtWoP0Si3wDpxS/Bk+B3QLWUb+JnknTP34=,xTu8fpDe3EKPsMR1jrheEIp8fJ7T6vtDrGDAPehwK54=,FBaxuPVZy1/bJc9TgdsVwjrkEVe+dNCqUQMdRa6RWFUQDMLEkTmYEDL1kW5RXm5dA8UztsHGt4Wfo5y+aVh68bz2nxArPCztKIKfzWUSOyc=

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa8a111d012ecb365aae3aefe58a59f41c2dd0a6b64c69c5f5b059409d15ad87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
485 B 98ms
21ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/communities-blog-ooi/1.539.0/PostViewerWidgetNoCss.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:20:42 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 203

GET
H/1.1 200
OK index Show response
engage.wixapps.net/chat-widget-server/renderChatWidget/ Frame 248F 21 KB
11 KB 1570ms
1085ms Document
text/html 185.230.61.202
WIX_COM

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/react-dom@16.14.0/umd/react-dom.production.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.230.61.202 San Jose, United States, ASN58182 (WIX_COM, IL),

Reverse DNS

unalocated.61.wixsite.com

Software

Pepyaka/1.19.10 /

Resource Hash

d5a1812a74ef1aca314eac482fd8c48af2a8f6442a39be33aa75f3475a169771

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.advintel.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Nov 2022 12:20:44 GMT
Server: Pepyaka/1.19.10
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Seen-By: tHzHG6QeSsyukPkElY9D5KnPWIDxfKj16yM6xXYJ3IE=,m0j2EEknGIVUW/liY8BLLsSJypgSIfn8O+tULO/TbOeWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrWLEwSl0+XmpGgVImNhWBZpEQfi00LSS7LJu7sdkoLsDF/t0XQ+AoNcb0+ktmOK9Nw==,r6yY0ta7bIKrqK70x072lXANVlgvctnjyKL7gVAxkGU=,ha2BjfnpoaWsa89DnyiXUINEuURXhj4An8m5ixJP7DNYgeUJqUXtid+86vZww+nL,Odrt8F1EDvjOxRVUPESA50xzDKS2xLFHfA3P0UyeCNU1rfxcIpVM6HFnlNk8e7ipZXmY8KAkTvYrPFQBys/L6w==,ha2BjfnpoaWsa89DnyiXUINEuURXhj4An8m5ixJP7DNYgeUJqUXtid+86vZww+nL,ha2BjfnpoaWsa89DnyiXUCrjCmSVhJQRVeOiijRz9VRYgeUJqUXtid+86vZww+nL,Tj5BxVkCjhX6S7vFNevVZWWmqEc8q7LXkDJr0dTrhhoECy4X3P1Wg5y2AWTr94271xBU5r9aK9HTOTGqafVmaprjpH3E0iWlDh5Q9ikG6qw=,mvxQ9qSAmY38asKjFCcmG7Tum7chgZSuhIRZAEg6H/fYjitFVbA3He247Odw3TyxKjlcjDvfnH1aLfff21WG2w==,ha2BjfnpoaWsa89DnyiXUCo5XIw735x9Wi3339tVhts=,ha2BjfnpoaWsa89DnyiXUKR4Gy6y3WceyqabSHpnuBBYgeUJqUXtid+86vZww+nL,LlHHrtdZwfqSTe7u8ayFIz9aPwUhfpvxum0C++CG+3z+uB7vVVCkBhSQtIlrXxxiHoczVOuAuB/1u7DyQK2n7VDnMZzUpbTvQrmIRhmyDXQ=,ha2BjfnpoaWsa89DnyiXULBaqLLYPcTr+3J785fyDiY=,Tj5BxVkCjhX6S7vFNevVZWWmqEc8q7LXkDJr0dTrhhp7lYu1fc2HzcuYEotQtHWRp6+HeI/uMAOQdlXya3gPSFiB5QmpRe2J37zq9nDD6cs=,ha2BjfnpoaWsa89DnyiXUJO3OWjQRz7nxSjqWv6nmrVYgeUJqUXtid+86vZww+nL,54sIEWKMiveDgi8EJdej7xwDcxbAPQtkweySvxkX9A0bRRiD3Oajfp+Qm0WoQIiG8EnSCDDrpW3KZbDKGa4v9A==,NrLb3i/xpYXJ2OAS5Ls5WgJNMeodOdHajdy05zEOVDdxp+rDPmzQRx6HAq00Vi70RYKq8/gEdJREdF6xMaZJ9c96REMJ6UXhLDSjmYVaJRo=,ha2BjfnpoaWsa89DnyiXUEBoSGg5TVZFQNuyzCs91lI=,ha2BjfnpoaWsa89DnyiXUEinOLQEZF9jZ419MU+ZK1NYgeUJqUXtid+86vZww+nL,xcng7sTk3ADdZYw5QlZiWrlk7Evpr+8FFxbGLQ8V9SuoxgPaAgiWn28IwocUSHnvDBQ96UAqKxm3yLLd1mgU5JrjpH3E0iWlDh5Q9ikG6qw=,V0ypG4WNZ7qxkGIizG7qlg6KeBYsRvVCNW686OgH7tya0EMuuDJTK3Dbv3DmRhSo3gzVpQDJdmJfIWOHslWUsA==,ha2BjfnpoaWsa89DnyiXUHNKNk9pTmtCD40VkQ73gp0=,ha2BjfnpoaWsa89DnyiXUJdV/qH+VuWxW1JDHSwtNslYgeUJqUXtid+86vZww+nL,BdcaXTZQnxEeISjo2Nr/Bit8CYMuT6HvJGsRBHgKlA5EQfi00LSS7LJu7sdkoLsDmu+ezYdK1mVhTn+eCHM2nw==,J1YhAWlcwZX0sh0bHV0MaGerxxuqOGjzEvNGZg/iVFQ=
X-Wix-Request-Id: 1667305243.4506548189411127258
cache-control: no-store, no-cache
content-encoding: gzip
etag: W/"544e-cvPboL3VcxJSpzYOhdZfePwvLQU"
pragma: no-cache
vary: Accept-Encoding
x-recruiting: Want to build world class business chat product that's used by millions of users? Join our AMAZING team! Visit us at https://www.wix.com/jobs/search?val=crm

POST
H2 204 bt
frog.wix.com/ 0
253 B 108ms
108ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss_miss&dc=84&microPop=fastly&et=33&event_name=page%20interactive&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=1&ita=1&msid=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&pid=no1qb&pn=1&siterev=1495-__siteCacheRevision__&st=2&ts=1653&tts=2280&url=https%3A%2F%2Fwww.advintel.io%2Fpost%2Fbackup-removal-solutions-from-conti-ransomware-with-love%2522&v=1.11168.0&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98&_brandId=wix
Requested by: Host: www.advintel.io
URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:42 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H3 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 46ms
22ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.6700906303506176
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:20:42 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 18679

POST
H2 204 bpm
frog.wix.com/ 0
253 B 110ms
110ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bpm
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/main.cecaa5cc.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.advintel.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:43 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H2 200 /
log.pinterest.com/ 0
332 B 178ms
116ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=a8qWQ8HKBieL&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.advintel.io%2Fpost%2Fbackup-removal-solutions-from-conti-ransomware-with-love%2522&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 01 Nov 2022 12:20:44 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1365820910180726
content-length: 0
x-served-by: cache-hhn4024-HHN
pragma: no-cache
server: envoy
x-timer: S1667305244.046814,VS0,VE96
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 bpm
frog.wix.com/ 0
253 B 109ms
109ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bpm
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/main.cecaa5cc.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.advintel.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:44 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H3 200 polyfill.min.js Show response
static.parastorage.com/polyfill/v3/ Frame 248F 101 B
664 B 28ms
27ms Script
text/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/polyfill/v3/polyfill.min.js?features=Intl.~locale.en,default,es6,es7,es2017,es2018,es2019,IntersectionObserver&flags=gated&unknown=polyfill&rum=0
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 11:31:07 GMT
content-encoding: gzip
via: 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 348577
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
useragent_normaliser: chrome/107.0.0
alt-svc: h3=":443"; ma=86400
content-length: 113
x-wix-request-id: 1666956667.9179453282038026591
last-modified: Wed, 26 Oct 2022 16:31:54 GMT
server: Pepyaka/1.19.10
vary: User-Agent
access-control-allow-methods: GET,HEAD,OPTIONS, GET, OPTIONS, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: SfQf-w9Ogiq_uV_AA2yxWzok5dhnCAXYrB9OihFGtFlO8VQDPULFAQ==
x-seen-by: 2iuX5LYwvZa9CoGaG8ZUZjb5j8fWnvnycWNmjdvR374F0S6IZWPBSR/IxrWsyAAl

GET
H3 200 sentry-lazy-load.js Show response
static.parastorage.com/services/chat-widget/1.2357.0/assets/ Frame 248F 2 KB
2 KB 28ms
28ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/chat-widget/1.2357.0/assets/sentry-lazy-load.js
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.0 /
Resource Hash: 8e3eed9703ab5ce126cfa0e19d7ab2785df27bc2a8f64740348868bd09ad34d8

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:09:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5526693
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 894
x-wix-request-id: 1661778552.2441236575079054580
last-modified: Mon, 29 Aug 2022 13:04:36 GMT
server: Pepyaka/1.19.0
etag: W/"b93ff6ef835ea84b7998db3a1dd4c4dd"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 920132823
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: YRd05ZDMpC2zntSi74DwzXab0SJ8Wi5lhj7i2ElNqJet2FMyt8I6Gg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVcwnP9a1Ia0LRvqhhntyPznoQXT2AyjWfyxKagyd4/pDD,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJPCifhrzEvF3Uo1RRJ0RM54

GET
H3 200 fedops-logger.bundle.min.js Show response
static.parastorage.com/unpkg-semver/fedops-logger@5/ Frame 248F 78 KB
19 KB 30ms
27ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg-semver/fedops-logger@5/fedops-logger.bundle.min.js
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 602987743e8c560fd55cfd37d2d8a22bf8ee1a72b73dd53d6f269e2cf875d592

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 12:06:19 GMT
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
content-encoding: br
age: 880
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1666341772.6594551168006326591
last-modified: Tue, 18 Oct 2022 13:12:25 GMT
server: Pepyaka/1.19.10
etag: W/"a3e889ed5f3bcb57085cd9c64f522b31"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 338402622
cache-control: public, max-age=1800
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 4PCZ90yeVj7e89V9WmLMyfEnIqBiSblGXXRn8XFbGnSrSQg8hYRwBA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZu5XlfJc81bg/9yqD5g4dYQFjVKS1KW45pDD7kwcelUf

GET
H3 200 languages.css
static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v8/ Frame 248F 148 KB
20 KB 32ms
29ms Stylesheet
text/css 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v8/languages.css
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 34d07529ea600ab692d6bb7a96d1d418acbd524a29114b8068dda873b51b37ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engage.wixapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:45:41 GMT
x-amz-version-id: d_WDtZVFcR2bRgVtDniBhB431G00A9Uv
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
content-encoding: br
age: 5186103
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1662119141.66084446315772623312
last-modified: Fri, 22 Jul 2022 10:32:04 GMT
server: Pepyaka/1.19.10
etag: W/"7353491e636a61c85ca4211e3a7f0cf6-1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: text/css
access-control-allow-origin: *
x-varnish: 336649074
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: vVHEx532GufSiTgCSlevuK8Femxcs6edAaJepSWGhB3OwziI1s5PvQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciDgmy1x1bk0T2mMblm59aj,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqy9LphKZkeqON0msQaPb8r

GET
H3 200 fontFace.css
static.parastorage.com/services/third-party/fonts/Helvetica/ Frame 248F 14 KB
4 KB 33ms
31ms Stylesheet
text/css 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/third-party/fonts/Helvetica/fontFace.css
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 9cd04d1a84368fa539b48cc09d3721091127b9eb2858ff5e4863d6c127ccedae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engage.wixapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 01:53:01 GMT
x-amz-version-id: WeoPV8OPw8UQocVJiZwVeWZ26II363jN
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 4621687
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3182
x-wix-request-id: 1662688381.563649548497113750
last-modified: Tue, 17 Apr 2018 11:38:08 GMT
server: Pepyaka/1.19.10
etag: W/"338855569759ca44a0734ec4435bcbd0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: text/css
access-control-allow-origin: *
x-varnish: 770000069 766004333
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: BU-v4dVAqWRXpZIJuAE1ApxfQGOoTe4BJ26GWzWCQgw2RmamoMqy0w==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1

GET
H3 200 chat-widget.min.css
static.parastorage.com/services/chat-widget/1.2357.0/ Frame 248F 4 KB
2 KB 33ms
31ms Stylesheet
text/css 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.min.css
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 180d5cd83ed473eafc66150e50efd5560c99a7f41b8c86d375489ff5652be5ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engage.wixapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:09:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 5526692
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1304
x-wix-request-id: 1661778552.2458164106140530443
last-modified: Mon, 29 Aug 2022 13:04:36 GMT
server: Pepyaka/1.19.10
etag: W/"4fade559ef6fd3d67aac3fe6a06327af"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-varnish: 446028879 446063966
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: G5gUTj59gQLJEUN-nevIkBx1Q2E6QEosHCJMFnBL9ezSda_2Ukhe8A==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc0swuQg4e4Ft3RZminzdoKEQXT2AyjWfyxKagyd4/pDD

GET
H3 200 wix-private.min.js Show response
static.parastorage.com/services/js-sdk/1.640.0/js/ Frame 248F 117 KB
29 KB 30ms
28ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/js-sdk/1.640.0/js/wix-private.min.js
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: b81d72275a74a94b4a823dc485fbf64fa3dcfc6ba99b6fda4729ac07abe82408

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 00:50:14 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5105495
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 28622
x-wix-request-id: 1662339014.9376297708751824131
last-modified: Sun, 08 Nov 2020 07:08:58 GMT
server: Pepyaka/1.19.10
etag: W/"f0ee83ed8cfedb52f420dcf9b35c5f55"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 80079314 1030472389
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: DNBm1r5MARY3O5GzuzrTS3-0S71Peabw5qwVwkn5oigGM8cVd2rk-A==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd

GET
H3 200 react.production.min.js Show response
static.parastorage.com/unpkg/react@16.8.3/umd/ Frame 248F 12 KB
5 KB 41ms
39ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/react@16.8.3/umd/react.production.min.js
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.0 /
Resource Hash: 6f527dde8b4edc9d347102fcb41e17d26cf00aff727693ea9140f7fc2a298842

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:45:41 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5186103
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4685
x-wix-request-id: 1662119141.669129796988294328478
last-modified: Fri, 22 Feb 2019 16:50:36 GMT
server: Pepyaka/1.19.0
etag: W/"698114f22db5a3585658c1c2489be390"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 770208854
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: Uoa1Jbj2uM0JMfkOpGEvkl0BlSG-KOsMLPL039yfdRFTkBGNpdcKlQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyzve4L4qo9dv8TvlcgmZhMQXT2AyjWfyxKagyd4/pDD,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqj9dBflAyFvPAD2t41Gwlp

GET
H3 200 react-dom.production.min.js Show response
static.parastorage.com/unpkg/react-dom@16.8.3/umd/ Frame 248F 105 KB
33 KB 33ms
31ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/react-dom@16.8.3/umd/react-dom.production.min.js
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 07fee28413513b371da11925d4d94acc6be36694299784ad51ba8af2c519c5b1

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:45:41 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5186103
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1662119141.6976980251943322470
last-modified: Fri, 22 Feb 2019 16:50:36 GMT
server: Pepyaka/1.19.10
etag: W/"84ec5322ba3b6dff3fca9a71832e3f1d"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 336604603
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 49QYt1I5nYyMdjQ4Wgxa1Obw_P-clTRPyL8EnhfdG98qWq-G7NT1Yw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoqy9LphKZkeqON0msQaPb8r

GET
H3 200 i18next.min.js Show response
static.parastorage.com/unpkg/i18next@10.6.0/dist/umd/ Frame 248F 35 KB
10 KB 42ms
40ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/i18next@10.6.0/dist/umd/i18next.min.js
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 72223c5f23a10723f6ae2edf55b04cc2440ae2957e35119bc0a21b96ddb09715

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:45:41 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5186103
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 9758
x-wix-request-id: 1662119141.8086980247623272470
last-modified: Wed, 13 Jun 2018 09:40:37 GMT
server: Pepyaka/1.19.10
etag: W/"3152a9e48e25a997a7b261be5209854d"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 411694774
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: ETUasuk8EtP05XYLGwQZK1W6ZFlZljLC0KPyn_Xn7mUgKCk1wvUH7Q==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVc1AtKGBpHBVRBa1WzqM3DuAfbJaKSXYQ/lskq2jK6SGP,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRopiS/5dZqOxSsDvwHAW5wi4

GET
H3 200 moment.min.js Show response
static.parastorage.com/unpkg/moment@2.22.2/min/ Frame 248F 50 KB
17 KB 45ms
44ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/moment@2.22.2/min/moment.min.js
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 04:51:39 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5124545
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1662180699.3626099640114183750
last-modified: Tue, 05 Jun 2018 15:17:17 GMT
server: Pepyaka/1.19.10
etag: W/"8999b8b5d07e9c6077ac5ac6bc942968"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 162818321
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: Q3aQ24cxiceMpaH9fGYXOXKscPwlBF_LFnWF_YhVjJSvXe53XaPJfg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H3 200 chat-widget.bundle.min.js Show response
static.parastorage.com/services/chat-widget/1.2357.0/ Frame 248F 376 KB
95 KB 46ms
45ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js
Requested by: Host: engage.wixapps.net
URL: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: a477718a0c18dab93d52ba635655e0de3fdc362a53ed71d3371ac5a28084b725

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:09:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5526693
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 97037
x-wix-request-id: 1661778552.3416431636709622521
last-modified: Mon, 29 Aug 2022 13:04:36 GMT
server: Pepyaka/1.19.10
etag: W/"5e587352f0820f497ad611377876212d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 538835871 543565853
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: bC8E4GM5ZUkw4NC08XF_L_nYov3bgrFZP9EcGZConzgl8nptXvaqmQ==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjBLy8P45DoDO4LnRm+zqsP,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD

POST
H2 204 fed
frog.wix.com/ Frame 248F 0
255 B 109ms
108ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/fed?appName=chat-widget&src=72&evid=14&session_id=8da4b55a-9a58-4ccb-82fd-8db5e430036e&_=0.5057427937076577&is_rollout=false
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg-semver/fedops-logger@5/fedops-logger.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engage.wixapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://engage.wixapps.net
date: Tue, 01 Nov 2022 12:20:44 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H3 200 64017d81-9430-4cba-8219-8f5cc28b923e.woff2
static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/ Frame 248F 23 KB
23 KB 22ms
22ms Font
application/octet-stream 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/64017d81-9430-4cba-8219-8f5cc28b923e.woff2
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v8/languages.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 5571fff42dc7e301a496d7affcc5305688037d897a6a4cbad6a3de042e384717

Request headers

Referer: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v8/languages.css
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 00:52:12 GMT
x-amz-version-id: ziBkzDBLroXWzdKzc88JPrx5w098iQE7
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 4973409
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 23088
x-wix-request-id: 1662339132.5646297776928324131
last-modified: Tue, 17 Apr 2018 11:10:41 GMT
server: Pepyaka/1.19.10
etag: "09b3ae354f51d58bb56e20ee0547c9ec-1"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/octet-stream
access-control-allow-origin: *
x-varnish: 962004444 952937518
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: B6cAvvKGnkl-vIfIAlE60Ez_pWcPSxfeZy91KbJ_gNaBVh9RdX2YMA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVcyc3RE2AEtYWQGVQ/2ywuOgeGdLDLXwpLd0CTVHPbfOd

POST
H/1.1 200
OK real-time-tokens Show response
engage.wixapps.net/_api/chat-web/v1/ Frame 248F 1 KB
2 KB 211ms
210ms XHR
application/json 185.230.61.202
WIX_COM

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.wixapps.net/_api/chat-web/v1/real-time-tokens

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.230.61.202 San Jose, United States, ASN58182 (WIX_COM, IL),

Reverse DNS

unalocated.61.wixsite.com

Software

Pepyaka/1.19.10 /

Resource Hash

0b75d6c1d97ba5e768090e97f017bebb1668b6bfc47c0bcc46089ac1618b64a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
commonConfig: %7B%22brand%22%3A%22wix%22%2C%22BSI%22%3A%22%22%7D
x-wix-brand: wix
X-Wix-Client-Artifact-Id: chat-widget

Response headers

Date: Tue, 01 Nov 2022 12:20:44 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Wix-Request-Id: 1667305244.7316548189411227258
Server: Pepyaka/1.19.10
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
cache-control: no-cache
Connection: keep-alive
X-Seen-By: tHzHG6QeSsyukPkElY9D5KnPWIDxfKj16yM6xXYJ3IE=,m0j2EEknGIVUW/liY8BLLsSJypgSIfn8O+tULO/TbOeWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrSTm+7RpN3TkPckPXadp9NFEQfi00LSS7LJu7sdkoLsD+n+db+TCIiiDr4ssCrIEvQ==,r6yY0ta7bIKrqK70x072lW+6FxCPpTetOhNJn6hLQwc=,ha2BjfnpoaWsa89DnyiXUJfffUFCzyX44rt0q2xFoWQEU2M1FOZCC3kHAyYhUbTQ,fFdc+HNI74ti7sKhiBMz42u1abGlu30NdY7nALzsUxNtnStj92Sif0Wk7/QzwEXSpaxyfoD1ph28dUEdAyJG1Q==

POST
H2 204 fed
frog.wix.com/ Frame 248F 0
255 B 109ms
108ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/fed
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg-semver/fedops-logger@5/fedops-logger.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://engage.wixapps.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://engage.wixapps.net
date: Tue, 01 Nov 2022 12:20:44 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H3 200 languages-woff2.css
static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v16/ Frame 248F 46 KB
7 KB 25ms
25ms Stylesheet
text/css 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v16/languages-woff2.css
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.640.0/js/wix-private.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: c03889650bf962ae6108ba4f211ef470699aaf2d5784b8b15a4100ad9d76c4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engage.wixapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 13:04:41 GMT
x-amz-version-id: emc0kymUUVjVYxZH.pa5WKeVwAUVFE0Z
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
content-encoding: br
age: 4922163
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1662383081.24863352566904824131
last-modified: Fri, 22 Jul 2022 10:32:34 GMT
server: Pepyaka/1.19.10
etag: W/"07654f4717bb5fd60335e801b0ed2183-1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: text/css
access-control-allow-origin: *
x-varnish: 428723214
cache-control: public, max-age=7776000, immutable
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: XpQ4SWzw_orPZrj7Y2ymjz01sHtObWuk6Bb2W_QqXb-lK8qHeQLNvg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciIhzGxulME7YKteYTeCw6C,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJMe3/j5AamzIi0oSHQsz9b+

GET
H3 200 wixMadefor.css
static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v16/ Frame 248F 6 KB
1 KB 23ms
23ms Stylesheet
text/css 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/santa-resources/resources/viewer/user-site-fonts/v16/wixMadefor.css
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.640.0/js/wix-private.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 3eabd5a9c76abec84de3489bc5429ba913c26edaf105af835b83c96fd7e17b40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engage.wixapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 02:17:56 GMT
x-amz-version-id: _FYeOPp0Lx2wwn08zHrU9KVmzuM7_OAy
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 3232968
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1664072276.2625675927413213203
last-modified: Fri, 22 Jul 2022 10:32:34 GMT
server: Pepyaka/1.19.10
etag: W/"fc6d517136873ce96be56cb8cacf2d65-1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: text/css
access-control-allow-origin: *
x-varnish: 99598936
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: PHxL3TydNSW6bmqC5B8xfCVtm3TlWNotCNPWuPQJQmCm0DFZZ7o4ZA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc1jYNdX5iXQWX+OiINkuR/e8ZDY613cHYLbuhNMgAom1,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJMe3/j5AamzIi0oSHQsz9b+

GET
H3 200 focus-visible.min.js Show response
static.parastorage.com/unpkg/focus-visible@4.1.1/dist/ Frame 248F 3 KB
1 KB 23ms
23ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/focus-visible@4.1.1/dist/focus-visible.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/js-sdk/1.640.0/js/wix-private.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 4e128ec13619825f39e42c248e64816a5d1141ad61ec74c700e46c528859f489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://engage.wixapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 13:09:21 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
age: 5267483
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 754
x-wix-request-id: 1662037761.78961670210771526132
last-modified: Thu, 15 Mar 2018 07:32:17 GMT
server: Pepyaka/1.19.10
etag: W/"71959c3fba69003122e325b1d61ce944"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 889538889
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: nUBSQVfvlMsZ9Up_rIy1OSP_nNedBf5zjJ6rAHvhnt6jqpPd4NwBlA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjR6IMkIgDN3dKWLSNjYj0d,aVxMblM8KFG3we5NLvyVc2240yoD0MlMpM73djr11roeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZomYmPgSwc4aU7J40H7VRoonyNuED/+UieZaPOkDEHk+

POST
H/1.1 200
OK report-event Show response
engage.wixapps.net/serverless/chat-event-reporter/ Frame 248F 0
843 B 468ms
286ms XHR
application/json 185.230.61.202
WIX_COM

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.wixapps.net/serverless/chat-event-reporter/report-event

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.230.61.202 San Jose, United States, ASN58182 (WIX_COM, IL),

Reverse DNS

unalocated.61.wixsite.com

Software

Pepyaka/1.19.10 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
accept-language: de-DE,de;q=0.9
authorization: oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json
x-wix-linguist: en|en-us|true|4c47234e-0a3f-4b4b-92b3-d5c818de93c9
Accept: application/json, text/plain, */*
Referer: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
X-Wix-Chat-Instance: oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9
x-wix-brand: wix
commonConfig: %7B%22brand%22%3A%22wix%22%2C%22BSI%22%3A%22%22%7D
X-Wix-Client-Artifact-Id: chat-widget

Response headers

pragma: no-cache
Date: Tue, 01 Nov 2022 12:20:45 GMT
X-Content-Type-Options: nosniff
X-Wix-Request-Id: 1667305244.9416548189411327258
Server: Pepyaka/1.19.10
Content-Type: application/json; charset=utf-8
cache-control: no-store, no-cache
Connection: keep-alive
Content-Length: 0
X-Seen-By: tHzHG6QeSsyukPkElY9D5KnPWIDxfKj16yM6xXYJ3IE=,m0j2EEknGIVUW/liY8BLLsSJypgSIfn8O+tULO/TbOeWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrd1DnbDxt4waTsWh1M13L6REQfi00LSS7LJu7sdkoLsDFZzOPBife0rkCmQJaqj9ZA==,r6yY0ta7bIKrqK70x072lXANVlgvctnjyKL7gVAxkGU=,ha2BjfnpoaWsa89DnyiXULC5uk5iZGWmMlvSDKYmUoEI41TNktt7GlLc8RlpQX3q,PgrrMD+T/VLWpAP1f76DIsQXIJ87AKGr7oxS7fa9QBUg67YgDGBimT6fVdCWEBYuREH4tNC0kuyybu7HZKC7A1a4X2Zd/JM+jimux44Dfvg=

GET
H3 200 1920.chunk.min.js Show response
static.parastorage.com/services/chat-widget/1.2357.0/ Frame 248F 18 KB
6 KB 22ms
21ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/chat-widget/1.2357.0/1920.chunk.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 7579f1ed86164ef8c66c86803c7ee53252b78073da10bdd3be47631cad455273

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:09:12 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5526692
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4937
x-wix-request-id: 1661778552.8878164130993230442
last-modified: Mon, 29 Aug 2022 13:04:36 GMT
server: Pepyaka/1.19.10
etag: W/"99acbe10fff559321feba96984c3fb07"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 538959191 543703874
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: XEbuxWvY1gpjfxfA91NZtmDTUbnkwi5NarH7QGPISwrDv0Dk08X__w==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjEM4kaaS6QH/itsJwI9pla,aVxMblM8KFG3we5NLvyVc5U6nDV0Sthqh2jmVbYx0F4QXT2AyjWfyxKagyd4/pDD

POST
H3 200 verifyCustomToken Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 248F 1 KB
1 KB 387ms
343ms XHR
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=AIzaSyCQ-J0GYelaW_7NhsmoX6VXDK1LTxp8yPc

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2825f680b0a9bd81d07f36ababfc0a6279f53023eee1aba133b02b82be24364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://engage.wixapps.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 12:20:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://engage.wixapps.net
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1008
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 verifyCustomToken
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 171ms
120ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=AIzaSyCQ-J0GYelaW_7NhsmoX6VXDK1LTxp8yPc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://engage.wixapps.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://engage.wixapps.net
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 01 Nov 2022 12:20:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 bpm
frog.wix.com/ 0
253 B 109ms
109ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bpm?_msid=8dfd1b9a-1d6d-4233-af4b-26b0945b72b9&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98&_av=thunderbolt-1.11168.0&isb=true&isbr=plugins-extra&ts=3744&tsn=4371&dc=84&microPop=fastly&caching=miss%2Cmiss_miss&session_id=86220bbd-d735-4736-9f17-8ffdf21e2c8c&st=2&url=https%3A%2F%2Fwww.advintel.io%2Fpost%2Fbackup-removal-solutions-from-conti-ransomware-with-love%2522&ish=true&pn=1&isFirstNavigation=true&pv=true&pageId=no1qb&isServerSide=false&is_lightbox=false&is_cached=false&is_sav_rollout=0&is_dac_rollout=0&v=1.11168.0&_brandId=wix&_siteBranchId=undefined&_ms=4371&_lv=2.0.985%7CC&_mt_instance=p1jnHA31EEeumksrvaWv3_X5-iJ40D6a5uJAaJOxQkQ.eyJpbnN0YW5jZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5IiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsInNpdGVPd25lcklkIjoiMGU4Y2M5MzYtMzhhNC00ZDA5LWE3NzItZmMzYzhlY2NhOGExIn0&src=72&evid=502&_=16673052449780&tti=2253&tbt=159&entryType=loaded&lcp=1162&lcpSize=17889&closestId=img_comp-ku8juu6b&lcpTag=WIX-IMAGE&lcpResourceType=png&lcpInLightbox=false&duration=1334&ttlb=1048&dcl=1181&transferSize=140747&decodedBodySize=837156&isSsr=true&btype=plugins-extra&ssrDuration=425&ssrTimestamp=1667305241559&maybeBot=true&cls=74&countCls=3&clsOld=83&clsId=comp-ku7spk4z2&clsTag=LI&clientType=ugc&analytics=false&_isca=0&_iscf=0&_ispd=0&_ise=1
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/main.cecaa5cc.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.advintel.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:45 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

POST
H2 204 bpm
frog.wix.com/ 0
253 B 109ms
109ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/bpm
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/wix-thunderbolt/dist/ab-test-compilation/main.cecaa5cc.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.advintel.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.advintel.io
date: Tue, 01 Nov 2022 12:20:45 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

GET
H/1.1 200
OK events.json Show response
wix-engage-visitors-prod-13.firebaseio.com/core-chat/participants/51ce4b09-2556-46e7-a90f-dac537960f4d/ Frame 248F 939 B
1 KB 304ms
133ms XHR
application/json 2600:1901:0:4d00::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://wix-engage-visitors-prod-13.firebaseio.com/core-chat/participants/51ce4b09-2556-46e7-a90f-dac537960f4d/events.json?auth=eyJhbGciOiJSUzI1NiIsImtpZCI6ImRjMzdkNTkzNjVjNjIyOGI4Y2NkYWNhNTM2MGFjMjRkMDQxNWMxZWEiLCJ0eXAiOiJKV1QifQ.eyJwYXJ0aWNpcGFudElkIjoiNTFjZTRiMDktMjU1Ni00NmU3LWE5MGYtZGFjNTM3OTYwZjRkIiwiaXNzIjoiaHR0cHM6Ly9zZWN1cmV0b2tlbi5nb29nbGUuY29tL3dpeC1lbmdhZ2UtdmlzaXRvcnMtcHJvZC0xMyIsImF1ZCI6IndpeC1lbmdhZ2UtdmlzaXRvcnMtcHJvZC0xMyIsImF1dGhfdGltZSI6MTY2NzMwNTI0NSwidXNlcl9pZCI6IjAyYTA2N2IxLTQ5NTQtNGVkOS05NTYyLWE2ZThhM2ZhMjE1OCIsInN1YiI6IjAyYTA2N2IxLTQ5NTQtNGVkOS05NTYyLWE2ZThhM2ZhMjE1OCIsImlhdCI6MTY2NzMwNTI0NSwiZXhwIjoxNjY3MzA4ODQ1LCJmaXJlYmFzZSI6eyJpZGVudGl0aWVzIjp7fSwic2lnbl9pbl9wcm92aWRlciI6ImN1c3RvbSJ9fQ.NzMbyZ05zcwfij6Eh7EK9jmpcmUGPtOcpO5LTUDoUV-GW1GQE-GdRPt0H0sg3TKmZQsGPjbEiFs4CayOekOJy0VIiMt2FkAsx5b3zgiMpdQEIRv6HYKp26npm6bIkI0QQsBy2DZ9noWQCndeapSQmJV0nvqu6qy0B-SWCmFrAx-KDqSOdnQWnWjpDSJVD0c_mPy_S-Q841b4zxTf5re_RLi_gH5KPIkrquxhKg2WqoNAIfpIYavnHsmAX9Z1PHxeMgifIYLKtiP_sWNHfUzIF0yY249X5nhIuEhDj39KCy_5euFKCHN9NYqCVKuWbRrZSJQnOu1T_RiBDw-NkB0VVA

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4d00:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

cecc016d871503050653c68b7f4ad3ccc6a503f241e95f7837eaec96bfe84652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://engage.wixapps.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 12:20:45 GMT
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://engage.wixapps.net
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 939

GET
H3 200 firebase-app.js Show response
static.parastorage.com/unpkg/firebase@8.4.3/ Frame 248F 21 KB
7 KB 22ms
22ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/firebase@8.4.3/firebase-app.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 1d3cc3c58d05b610ac35646da2ff63e24204e239c6b9021c0b3106295feddb26

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 04:24:10 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 4754947
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6745
x-wix-request-id: 1662611050.7854332977071413203
last-modified: Thu, 06 May 2021 10:10:21 GMT
server: Pepyaka/1.19.10
etag: W/"314b3cfc3837c463504e2fd0d79fe8c2"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 749191459 692504525
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: t00_U5Q7XNec9E1giqKBiP_AuOxFF3tlAAjRcSbCmQeJ61ZG_lUy9g==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchsyoANA5L58iE/4UOTdE0x,aVxMblM8KFG3we5NLvyVc7BqDNFHAXxDhnSr3nbzCBC8ZDY613cHYLbuhNMgAom1

GET
H3 200 firebase-auth.js Show response
static.parastorage.com/unpkg/firebase@8.4.3/ Frame 248F 173 KB
52 KB 23ms
23ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/firebase@8.4.3/firebase-auth.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 830415eac136b91e81f42ff500098213f138beb84b5a58c746cb37988e74529c

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 00:44:58 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5124541
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 52883
x-wix-request-id: 1662338698.415619576303213750
last-modified: Thu, 06 May 2021 10:09:58 GMT
server: Pepyaka/1.19.10
etag: W/"0ee2af53f9480862726fc379908c7e4f"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 960101677 739907680
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: St7GJtd8BLRHDwpcJGM2XAVAx7vItJFGYnU-iq1w3sUetAwbdI63JA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVcyc3RE2AEtYWQGVQ/2ywuOgeGdLDLXwpLd0CTVHPbfOd

GET
H3 200 firebase-database.js Show response
static.parastorage.com/unpkg/firebase@8.4.3/ Frame 248F 179 KB
48 KB 25ms
25ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/unpkg/firebase@8.4.3/firebase-database.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.10 /
Resource Hash: 60a2e7625edf6c2066f8bcfdb97c3df8ccd83e2465f57d58b01642982d94c936

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 04:51:43 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5124542
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-wix-request-id: 1662180703.3086099640114213750
last-modified: Thu, 06 May 2021 10:09:52 GMT
server: Pepyaka/1.19.10
etag: W/"b3b19e6e165fb154931f0c741ba972de"
access-control-max-age: 3000
access-control-allow-methods: GET, GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 162641946
cache-control: public, max-age=7776000, immutable
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: iIb8np046_J1FsFR5txO5q7fDy61eUHstNO-g4cUY6LOTKW8gg0P-g==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrciuywJq1k3i9boDUht6MLw5,aVxMblM8KFG3we5NLvyVczEbmANe8Bb4VBvfNWC6jxEeGdLDLXwpLd0CTVHPbfOd,2iuX5LYwvZa9CoGaG8ZUZsMbFSTOpUHonIrLzl1g5Xz2/bD/Vcz2Ufp16H98KP6X

GET
H3 200 8490.chunk.min.js Show response
static.parastorage.com/services/chat-widget/1.2357.0/ Frame 248F 10 KB
4 KB 21ms
21ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/chat-widget/1.2357.0/8490.chunk.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.0 /
Resource Hash: cb93f19b1ffa2437995c99538da6914fec0df51909a20390f713752c4b63c644

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:09:14 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5526692
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3184
x-wix-request-id: 1661778554.2401236573568594580
last-modified: Mon, 29 Aug 2022 13:04:36 GMT
server: Pepyaka/1.19.0
etag: W/"ffa4f5426a7b84bd72eb7909cdecd5a4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 926883173 926823414
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: 23KHuFS0YWRhsBSoJ6bt23lMapfMrv6PtfPKcqBec3Mh5nihym4kFw==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrcjV0TBmJ+uLPQ4OZPC1VSMH,aVxMblM8KFG3we5NLvyVc1XEV11U4uj6EySGMcOeW2gfbJaKSXYQ/lskq2jK6SGP

POST
H/1.1 200
OK set-data Show response
engage.wixapps.net/_api/presence-service/v1/ Frame 248F 2 B
740 B 284ms
284ms Fetch
application/json 185.230.61.202
WIX_COM

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.wixapps.net/_api/presence-service/v1/set-data

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/8490.chunk.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.230.61.202 San Jose, United States, ASN58182 (WIX_COM, IL),

Reverse DNS

unalocated.61.wixsite.com

Software

Pepyaka/1.19.10 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

x-xsrf-token: 1667305245|VeaND41QhrlG
consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
authorization: oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9
content-type: application/json
Referer: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
commonconfig: %7B%22brand%22%3A%22wix%22%2C%22BSI%22%3A%22%22%7D
x-wix-brand: wix
x-wix-client-artifact-id: chat-widget

Response headers

pragma: no-cache
Date: Tue, 01 Nov 2022 12:20:45 GMT
X-Content-Type-Options: nosniff
X-Wix-Request-Id: 1667305245.8646548189411427258
Server: Pepyaka/1.19.10
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Content-Type: application/json; charset=utf-8
cache-control: no-store, no-cache
Connection: keep-alive
Content-Length: 2
X-Seen-By: tHzHG6QeSsyukPkElY9D5KnPWIDxfKj16yM6xXYJ3IE=,m0j2EEknGIVUW/liY8BLLsSJypgSIfn8O+tULO/TbOeWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrUkGH15X/c0QRC0a+JX05FxEQfi00LSS7LJu7sdkoLsDMl18P79CwdAic37aFlhOng==,r6yY0ta7bIKrqK70x072leNKJwoMV94H/RNCTpq2TmM=,ha2BjfnpoaWsa89DnyiXUPdQCpvjfak64L0yt4cVD2Y=,n7nfHveCLqFOR3soqbSfo8pOyoaUsteNNE0esR03WSlEQfi00LSS7LJu7sdkoLsDn33jJ1vq/98u/4C0qYE6fw==

GET
H3 200 expanded-widget.chunk.min.css
static.parastorage.com/services/chat-widget/1.2357.0/ Frame 248F 95 KB
17 KB 24ms
23ms Stylesheet
text/css 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/chat-widget/1.2357.0/expanded-widget.chunk.min.css
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.0 /
Resource Hash: 97517377306825a6e9e21720e1f9f6e3f5b5625cbd4fac97b867d2c8b5b2f61a

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:45:47 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5186098
x-amz-cf-pop: FRA2-C2
x-cache-status: MISS
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 16148
x-wix-request-id: 1662119146.90112979881910328478
last-modified: Mon, 29 Aug 2022 13:04:36 GMT
server: Pepyaka/1.19.0
etag: W/"7831066959adc66dbde875392c2eb6f2"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 535351311
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: llmv8xhgzvsb7IL6I1YupbLZtTjn6WDUNKCaleKIli42B199Up-qxg==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcwnP9a1Ia0LRvqhhntyPznoQXT2AyjWfyxKagyd4/pDD,2iuX5LYwvZa9CoGaG8ZUZgqsM72LknxyIGq7MjJjVJPCifhrzEvF3Uo1RRJ0RM54

GET
H3 200 expanded-widget.chunk.min.js Show response
static.parastorage.com/services/chat-widget/1.2357.0/ Frame 248F 825 KB
188 KB 27ms
27ms Script
application/javascript 2600:9000:21f3:d400:c:68f7:80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.parastorage.com/services/chat-widget/1.2357.0/expanded-widget.chunk.min.js
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/chat-widget.bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21f3:d400:c:68f7:80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pepyaka/1.19.0 /
Resource Hash: 9bcad0286d899dfb4787e3e9fb501f94b4b3af0f8e8d4c1072799ba4d1ddfda3

Request headers

Referer: https://engage.wixapps.net/
Origin: https://engage.wixapps.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 13:09:15 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.0), 1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
age: 5526692
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 192254
x-wix-request-id: 1661778555.781124433231501321249
last-modified: Mon, 29 Aug 2022 13:04:36 GMT
server: Pepyaka/1.19.0
etag: W/"f7273e98fd53b93757393497ad5769de"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=7776000, immutable
x-varnish: 371869567 371995127
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-*
x-amz-cf-id: wnronz1qtpwln4-75NxfciBpymGviREmr2yNQGY52hfsrsjvU5cHcA==
x-seen-by: zj0K/N8xR7eC1M9gyLLPhec8x6p2CWcEzwFyRVShrchkavE0ZtMXws1mfakihq4B,aVxMblM8KFG3we5NLvyVcyeTzFUhjLKPB6lD0luXXHcfbJaKSXYQ/lskq2jK6SGP

POST
H/1.1 200
OK real-time-tokens Show response
engage.wixapps.net/_api/chat-web/v1/ Frame 248F 1 KB
2 KB 232ms
231ms XHR
application/json 185.230.61.202
WIX_COM

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.wixapps.net/_api/chat-web/v1/real-time-tokens?chatToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1MWNlNGIwOS0yNTU2LTQ2ZTctYTkwZi1kYWM1Mzc5NjBmNGQiLCJwYXJ0aWNpcGFudElkcyI6WyI1MWNlNGIwOS0yNTU2LTQ2ZTctYTkwZi1kYWM1Mzc5NjBmNGQiXSwidXNlclR5cGUiOiJjb250YWN0IiwiaGlzdG9yeURpc2FsbG93ZWQiOmZhbHNlLCJoaXN0b3J5U2luY2VUaW1lc3RhbXAiOm51bGwsImNoYXRyb29tRmlsdGVyIjpudWxsLCJ0ZW5hbnRJZCI6IkluYm94IiwiaXNzIjoiY2hhdC1zZXJ2ZXIiLCJleHAiOjE2NjczOTE2NDMsImlhdCI6MTY2NzMwNTI0M30.qWrIs9T-1huiAMx5qj-VAeTZFq3zGeZ60tgC3JoWZ7Y

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/expanded-widget.chunk.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.230.61.202 San Jose, United States, ASN58182 (WIX_COM, IL),

Reverse DNS

unalocated.61.wixsite.com

Software

Pepyaka/1.19.10 /

Resource Hash

66effb596747ea327aba5f26d90bee1262e85de5392e2c0392ff45694987fd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-XSRF-TOKEN: 1667305245|VeaND41QhrlG
consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json
x-wix-linguist: en|en-us|true|4c47234e-0a3f-4b4b-92b3-d5c818de93c9
Accept: application/json, text/plain, */*
Referer: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
commonConfig: %7B%22brand%22%3A%22wix%22%2C%22BSI%22%3A%22%22%7D
x-wix-brand: wix
X-Wix-Client-Artifact-Id: chat-widget

Response headers

Date: Tue, 01 Nov 2022 12:20:45 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Wix-Request-Id: 1667305245.952655718593315725
Server: Pepyaka/1.19.10
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
cache-control: no-cache
Connection: keep-alive
X-Seen-By: tHzHG6QeSsyukPkElY9D5KnPWIDxfKj16yM6xXYJ3IE=,m0j2EEknGIVUW/liY8BLLrS05hBBS9A501v3s0sLQFmWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrUBMqK8Z/g9XXts2fhEdaeZEQfi00LSS7LJu7sdkoLsDwY+FMx836se4/HnJG0m8vg==,r6yY0ta7bIKrqK70x072leNKJwoMV94H/RNCTpq2TmM=,ha2BjfnpoaWsa89DnyiXUM0DaWU14i4R2NAq2VZkTs8I41TNktt7GlLc8RlpQX3q,fFdc+HNI74ti7sKhiBMz44v3jzOjvXgKXYCVP0+XsYZtnStj92Sif0Wk7/QzwEXSLbDsBUzla/HRrq8XeDO7+Q==

GET
H/1.1 200
OK current-user Show response
engage.wixapps.net/_api/chat-web/v1/display-data/ Frame 248F 4 B
790 B 405ms
205ms XHR
application/json 185.230.61.202
WIX_COM

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.wixapps.net/_api/chat-web/v1/display-data/current-user?chatToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1MWNlNGIwOS0yNTU2LTQ2ZTctYTkwZi1kYWM1Mzc5NjBmNGQiLCJwYXJ0aWNpcGFudElkcyI6WyI1MWNlNGIwOS0yNTU2LTQ2ZTctYTkwZi1kYWM1Mzc5NjBmNGQiXSwidXNlclR5cGUiOiJjb250YWN0IiwiaGlzdG9yeURpc2FsbG93ZWQiOmZhbHNlLCJoaXN0b3J5U2luY2VUaW1lc3RhbXAiOm51bGwsImNoYXRyb29tRmlsdGVyIjpudWxsLCJ0ZW5hbnRJZCI6IkluYm94IiwiaXNzIjoiY2hhdC1zZXJ2ZXIiLCJleHAiOjE2NjczOTE2NDMsImlhdCI6MTY2NzMwNTI0M30.qWrIs9T-1huiAMx5qj-VAeTZFq3zGeZ60tgC3JoWZ7Y

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/expanded-widget.chunk.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.230.61.202 San Jose, United States, ASN58182 (WIX_COM, IL),

Reverse DNS

unalocated.61.wixsite.com

Software

Pepyaka/1.19.10 /

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-XSRF-TOKEN: 1667305245|VeaND41QhrlG
consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-wix-linguist: en|en-us|true|4c47234e-0a3f-4b4b-92b3-d5c818de93c9
Accept: application/json, text/plain, */*
Referer: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
commonConfig: %7B%22brand%22%3A%22wix%22%2C%22BSI%22%3A%22%22%7D
x-wix-brand: wix
X-Wix-Client-Artifact-Id: chat-widget

Response headers

Date: Tue, 01 Nov 2022 12:20:46 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Wix-Request-Id: 1667305246.1496548189411527258
Server: Pepyaka/1.19.10
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
cache-control: no-cache
Connection: keep-alive
X-Seen-By: tHzHG6QeSsyukPkElY9D5KnPWIDxfKj16yM6xXYJ3IE=,m0j2EEknGIVUW/liY8BLLsSJypgSIfn8O+tULO/TbOeWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrZeAGvmvIucZI7YctTDK5ZhEQfi00LSS7LJu7sdkoLsDR8whVQi9o7VeuSXp9YmMFA==,r6yY0ta7bIKrqK70x072lW+6FxCPpTetOhNJn6hLQwc=,ha2BjfnpoaWsa89DnyiXUEpWERHDvPtBMfqUVSFAuRpJhuVYnX4jg0KJdf6rkkw8,fFdc+HNI74ti7sKhiBMz4/5sdHUj2qxhBjpVzld4I7xtnStj92Sif0Wk7/QzwEXSN7a5/hk1T/NQWfaPn1mYjA==

POST
H/1.1 200
OK chatrooms-for-list-view Show response
engage.wixapps.net/_api/chat-web/v1/ Frame 248F 85 B
845 B 429ms
203ms XHR
application/json 185.230.61.202
WIX_COM

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.wixapps.net/_api/chat-web/v1/chatrooms-for-list-view?chatToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1MWNlNGIwOS0yNTU2LTQ2ZTctYTkwZi1kYWM1Mzc5NjBmNGQiLCJwYXJ0aWNpcGFudElkcyI6WyI1MWNlNGIwOS0yNTU2LTQ2ZTctYTkwZi1kYWM1Mzc5NjBmNGQiXSwidXNlclR5cGUiOiJjb250YWN0IiwiaGlzdG9yeURpc2FsbG93ZWQiOmZhbHNlLCJoaXN0b3J5U2luY2VUaW1lc3RhbXAiOm51bGwsImNoYXRyb29tRmlsdGVyIjpudWxsLCJ0ZW5hbnRJZCI6IkluYm94IiwiaXNzIjoiY2hhdC1zZXJ2ZXIiLCJleHAiOjE2NjczOTE2NDMsImlhdCI6MTY2NzMwNTI0M30.qWrIs9T-1huiAMx5qj-VAeTZFq3zGeZ60tgC3JoWZ7Y&pageSize=30&lastMessageLimit=10&unreadChatroomLimit=100

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/expanded-widget.chunk.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.230.61.202 San Jose, United States, ASN58182 (WIX_COM, IL),

Reverse DNS

unalocated.61.wixsite.com

Software

Pepyaka/1.19.10 /

Resource Hash

20557a9ba3a6ff220f44a495458f4c1c3dc92c67d3d27738b472b0a305c13413

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-XSRF-TOKEN: 1667305245|VeaND41QhrlG
consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json
x-wix-linguist: en|en-us|true|4c47234e-0a3f-4b4b-92b3-d5c818de93c9
Accept: application/json, text/plain, */*
Referer: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
commonConfig: %7B%22brand%22%3A%22wix%22%2C%22BSI%22%3A%22%22%7D
x-wix-brand: wix
X-Wix-Client-Artifact-Id: chat-widget

Response headers

Date: Tue, 01 Nov 2022 12:20:46 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Wix-Request-Id: 1667305246.178655718593325725
Server: Pepyaka/1.19.10
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
cache-control: no-cache
Connection: keep-alive
X-Seen-By: tHzHG6QeSsyukPkElY9D5KnPWIDxfKj16yM6xXYJ3IE=,m0j2EEknGIVUW/liY8BLLrS05hBBS9A501v3s0sLQFmWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrZHmnYIF7gQdND5oOOikK0hEQfi00LSS7LJu7sdkoLsDPJf0+u35G4TUiGmT6+LDMg==,r6yY0ta7bIKrqK70x072leNKJwoMV94H/RNCTpq2TmM=,ha2BjfnpoaWsa89DnyiXUMSIQgqgFdk+rDZXaj14ThgI41TNktt7GlLc8RlpQX3q,fFdc+HNI74ti7sKhiBMz4yTt8LBtbwhs2cht+86FdgVtnStj92Sif0Wk7/QzwEXS2vab3TxxXzNHBzbPfA2PzQ==

POST
H2 204 fed
frog.wix.com/ Frame 248F 0
255 B 109ms
108ms Ping
text/plain 52.72.171.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://frog.wix.com/fed
Requested by: Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg-semver/fedops-logger@5/fedops-logger.bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.171.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-171-244.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://engage.wixapps.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://engage.wixapps.net
date: Tue, 01 Nov 2022 12:20:45 GMT
access-control-allow-credentials: true
server: nginx
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST

POST
H3 200 verifyCustomToken Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 248F 1 KB
1 KB 357ms
357ms XHR
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=AIzaSyCQ-J0GYelaW_7NhsmoX6VXDK1LTxp8yPc

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/firebase@8.4.3/firebase-auth.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99b4b48f6f14de556aecfd25bb2c01dd06132fc10ae6be90b268c0fdb3cb6f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://engage.wixapps.net/
X-Client-Version: Chrome/JsCore/8.4.3/FirebaseCore-web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 12:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://engage.wixapps.net
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1011
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 verifyCustomToken
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 122ms
121ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyCustomToken?key=AIzaSyCQ-J0GYelaW_7NhsmoX6VXDK1LTxp8yPc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://engage.wixapps.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://engage.wixapps.net
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 01 Nov 2022 12:20:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK enriched Show response
engage.wixapps.net/_api/chat-web/v1/chatrooms/b701a0a0-8253-3145-8f8c-ea224e06a685/ Frame 248F 3 KB
2 KB 236ms
236ms XHR
application/json 185.230.61.202
WIX_COM

General

Check archive.org

Show headers Download Go to

Full URL

https://engage.wixapps.net/_api/chat-web/v1/chatrooms/b701a0a0-8253-3145-8f8c-ea224e06a685/enriched?chatToken=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiI1MWNlNGIwOS0yNTU2LTQ2ZTctYTkwZi1kYWM1Mzc5NjBmNGQiLCJwYXJ0aWNpcGFudElkcyI6WyI1MWNlNGIwOS0yNTU2LTQ2ZTctYTkwZi1kYWM1Mzc5NjBmNGQiXSwidXNlclR5cGUiOiJjb250YWN0IiwiaGlzdG9yeURpc2FsbG93ZWQiOmZhbHNlLCJoaXN0b3J5U2luY2VUaW1lc3RhbXAiOm51bGwsImNoYXRyb29tRmlsdGVyIjpudWxsLCJ0ZW5hbnRJZCI6IkluYm94IiwiaXNzIjoiY2hhdC1zZXJ2ZXIiLCJleHAiOjE2NjczOTE2NDMsImlhdCI6MTY2NzMwNTI0M30.qWrIs9T-1huiAMx5qj-VAeTZFq3zGeZ60tgC3JoWZ7Y

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/services/chat-widget/1.2357.0/expanded-widget.chunk.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

185.230.61.202 San Jose, United States, ASN58182 (WIX_COM, IL),

Reverse DNS

unalocated.61.wixsite.com

Software

Pepyaka/1.19.10 /

Resource Hash

a7b03af1b1baada9c00a6afa050b384e5ddf3842bda851ce759447170b47ae4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-XSRF-TOKEN: 1667305245|VeaND41QhrlG
consent-policy: %7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
x-wix-linguist: en|en-us|true|4c47234e-0a3f-4b4b-92b3-d5c818de93c9
Accept: application/json, text/plain, */*
Referer: https://engage.wixapps.net/chat-widget-server/renderChatWidget/index?lang=en&dateNumberFormat=en-us&isPrimaryLanguage=true&pageId=masterPage&compId=comp-jv8k4kqr&viewerCompId=comp-jv8k4kqr&siteRevision=1495&viewMode=site&deviceType=desktop&locale=en&tz=America%2FNew_York&regionalLanguage=en&width=94&height=94&instance=oo29ucBzCKVXZMnVtSoPUiHWccee62fwpD7ZOUVhEKg.eyJpbnN0YW5jZUlkIjoiNGM0NzIzNGUtMGEzZi00YjRiLTkyYjMtZDVjODE4ZGU5M2M5IiwiYXBwRGVmSWQiOiIxNDUxN2UxYS0zZmYwLWFmOTgtNDA4ZS0yYmQ2OTUzYzM2YTIiLCJtZXRhU2l0ZUlkIjoiOGRmZDFiOWEtMWQ2ZC00MjMzLWFmNGItMjZiMDk0NWI3MmI5Iiwic2lnbkRhdGUiOiIyMDIyLTExLTAxVDEyOjIwOjQxLjcyM1oiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjUxY2U0YjA5LTI1NTYtNDZlNy1hOTBmLWRhYzUzNzk2MGY0ZCIsImJpVG9rZW4iOiJjMWJhMzhkNC0xNzUyLTA5NzgtM2RmOC1mMzc4OGM4NWUxNzAiLCJzaXRlT3duZXJJZCI6IjBlOGNjOTM2LTM4YTQtNGQwOS1hNzcyLWZjM2M4ZWNjYThhMSJ9&currency=USD&currentCurrency=USD&commonConfig=%7B%22brand%22%3A%22wix%22%2C%22bsi%22%3A%22%22%2C%22BSI%22%3A%22%22%7D&consent-policy=%7B%22func%22%3A0%2C%22anl%22%3A0%2C%22adv%22%3A0%2C%22dt3%22%3A1%2C%22ess%22%3A1%7D&vsi=637e8d9c-8808-4ae4-9304-93f52bc4ec98
commonConfig: %7B%22brand%22%3A%22wix%22%2C%22BSI%22%3A%22%22%7D
x-wix-brand: wix
X-Wix-Client-Artifact-Id: chat-widget

Response headers

Date: Tue, 01 Nov 2022 12:20:46 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Wix-Request-Id: 1667305246.384655718593335725
Server: Pepyaka/1.19.10
Transfer-Encoding: chunked
vary: Accept-Encoding
Content-Type: application/json;charset=utf-8
cache-control: no-cache
Connection: keep-alive
X-Seen-By: tHzHG6QeSsyukPkElY9D5KnPWIDxfKj16yM6xXYJ3IE=,m0j2EEknGIVUW/liY8BLLrS05hBBS9A501v3s0sLQFmWWveFEnegpnkLxzZh8fhS,jdDt270t0fniy2BugWKBrZuGYHUwZS6wc1VWTBx0FtpEQfi00LSS7LJu7sdkoLsDOQwIwtemciEBX0wcFbBfKA==,r6yY0ta7bIKrqK70x072lXANVlgvctnjyKL7gVAxkGU=,ha2BjfnpoaWsa89DnyiXUPRjK4axFLpFhcZ0p9R8AyZYgeUJqUXtid+86vZww+nL,fFdc+HNI74ti7sKhiBMz486NnSz8V2Ogt+Q6wu07ulNtnStj92Sif0Wk7/QzwEXSJJ/Wbnr+jUKTpa1ujXLcvA==

POST
H3 200 getAccountInfo Show response
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 248F 292 B
241 B 143ms
142ms XHR
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyCQ-J0GYelaW_7NhsmoX6VXDK1LTxp8yPc

Requested by

Host: static.parastorage.com
URL: https://static.parastorage.com/unpkg/firebase@8.4.3/firebase-auth.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

214aed60369793eaa938d3fb88e21315cc8f383c5972854eb4e09960c7bf3fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://engage.wixapps.net/
X-Client-Version: Chrome/JsCore/8.4.3/FirebaseCore-web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 01 Nov 2022 12:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://engage.wixapps.net
access-control-expose-headers: date,vary,vary,vary,content-encoding,server,content-length
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 getAccountInfo
www.googleapis.com/identitytoolkit/v3/relyingparty/ Frame 0
0 123ms
122ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=AIzaSyCQ-J0GYelaW_7NhsmoX6VXDK1LTxp8yPc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-client-version
Access-Control-Request-Method: POST
Origin: https://engage.wixapps.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-client-version
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://engage.wixapps.net
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 01 Nov 2022 12:20:46 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.advintel.io/post	1970-01-20 07:08:25	Name: ssr-caching Value: cache#desc=miss#varnish=miss_miss#dc#desc=fastly
.www.advintel.io/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 1667305241\|Q3QckSlpaMbu
.www.advintel.io/	1969-12-31 23:59:59	Name: hs Value: 1877860988
.www.advintel.io/	1970-01-20 16:44:25	Name: svSession Value: 2a477dbd43d334b911f66d80915273c9108aa7208d8193fba4db6abacec4c4790a8b24d94e16e7e0c236caba8c5cf39b1e60994d53964e647acf431e4f798bcd318c580710ccf3b01c11e5f6b88d15d85604c31a85e926f47dc7fad0a372bf0c0800d29fbd3864ea17bcd8559ca29ca6d0c38cab412a95fb94eb775e8eae0a0a6b3f3b03f00fd6f283d913289f4aab2b
www.advintel.io/	1970-01-20 07:08:25	Name: fedops.logger.defaultOverrides Value: %7B%22paramsOverridesForApp%22%3A%7B%22bookings-fbe-integration-app.pages.index%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22bookings-fbe-integration-app-pages-index%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22engage-conversation-lazy%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22engage%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22music-manager-my-albums%22%3A%7B%22is_rollout%22%3Atrue%7D%2C%22bookings-premium-statics%22%3A%7B%22is_rollout%22%3Atrue%7D%7D%7D
.engage.wixapps.net/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 1667305245\|VeaND41QhrlG

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.advintel.io/post/backup-removal-solutions-from-conti-ransomware-with-love%22(Line 626) Message: Unrecognized feature: 'vr'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.pinterest.com
engage.wixapps.net
frog.wix.com
log.pinterest.com
siteassets.parastorage.com
static.parastorage.com
static.wixstatic.com
wix-engage-visitors-prod-13.firebaseio.com
www.advintel.io
www.googleapis.com
151.101.192.84
151.101.65.84
185.230.61.202
2600:1901:0:4d00::
2600:9000:21f3:d400:c:68f7:80:93a1
2a00:1450:4001:801::200a
2a04:4e42:62::84
34.102.176.152
52.72.171.244
01a86c66d91bd729da26f90b5e0b12a7b62e77d6e8ba997936daac316e4e0e25
06aa3f04326b17acd64f2b5d2ae710df9df863dcd5a74861a16f38b692af4ee4
07fee28413513b371da11925d4d94acc6be36694299784ad51ba8af2c519c5b1
09acb0f3227353ce4c392c5a359a07a31d2573212477ecefa457f9ea3fa115d3
0a4501aa1c51753d6243a1b12b63d1386a9af9eed05fc00b8df02f084cbc962a
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
0b75d6c1d97ba5e768090e97f017bebb1668b6bfc47c0bcc46089ac1618b64a5
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0ddce0e617794fd30b60e5c829fe12b9d7eeba14e561e7d89da5fcaf2fe900c3
113bc02eaadaca0e75a30fcbc183d6d512b3117e7b2ba46d6175d59a4e20d0cb
180d5cd83ed473eafc66150e50efd5560c99a7f41b8c86d375489ff5652be5ed
1bbf952cd22067636980956473b721dc142e8ebbd9c36f83e77482d7663e1198
1c808fa8105dd3812cef488473e42c9358a04996c91f88b1fa479b23373c6dcd
1d3cc3c58d05b610ac35646da2ff63e24204e239c6b9021c0b3106295feddb26
1f5a2a54e574f87f94d7e60c1780080c322eb4c8141a5df5feccaa40b70f5245
20557a9ba3a6ff220f44a495458f4c1c3dc92c67d3d27738b472b0a305c13413
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
214aed60369793eaa938d3fb88e21315cc8f383c5972854eb4e09960c7bf3fed
297ccbcfd8ef84bc4a56d0d888cf1549681b6ae17222a5aa43f1f471433dee4f
319a93d72316b4301cccace1d6ed58d81e30a4452a457d1f6894e3bdd6c88ce0
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
34d07529ea600ab692d6bb7a96d1d418acbd524a29114b8068dda873b51b37ca
366f98148cd13338e66bb208adea46618b61a959071307edd11c1a026b7b7b11
36b1bb47768b77b654a0c502657a16207d462fc331188b4008f3def1da672117
385bbf95bf4f0b545fd665de099761bbdc400787d70afaa40b66b0c3838b3ac5
397e27d816e4695d899f30aadbaca84b57800db7b864e3c7d4988256a0714970
3eabd5a9c76abec84de3489bc5429ba913c26edaf105af835b83c96fd7e17b40
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fad41b47c365095b2416915408dd00e6affbfda1928628691d2fb84e6c3ce31
431434c31722ba2a881ec13d58abc1e513a64177dd7bac7a64e445cd217cec95
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fb40e12580716f312bf21b709f9e4f45e9897f3b58adb375766c5de5184a00
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4d1f28f1bb0511ac841f81ffc67f32e46c0284b12a230a764fd865f5decbae8d
4e128ec13619825f39e42c248e64816a5d1141ad61ec74c700e46c528859f489
52f038fc547d08d6aced47bdd5fc0136324552a5dc54e37ddcb290575cd4e863
5571fff42dc7e301a496d7affcc5305688037d897a6a4cbad6a3de042e384717
57c4db4d71745047ffac4644e726c9e428727b813cd3de62924914dec6ba68a2
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
602987743e8c560fd55cfd37d2d8a22bf8ee1a72b73dd53d6f269e2cf875d592
60a2e7625edf6c2066f8bcfdb97c3df8ccd83e2465f57d58b01642982d94c936
66effb596747ea327aba5f26d90bee1262e85de5392e2c0392ff45694987fd07
6f527dde8b4edc9d347102fcb41e17d26cf00aff727693ea9140f7fc2a298842
700b8520efa2a5466dbc25a9a9a4ab76a866b9b39b56e8be8a51255df71ffc99
72223c5f23a10723f6ae2edf55b04cc2440ae2957e35119bc0a21b96ddb09715
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7579f1ed86164ef8c66c86803c7ee53252b78073da10bdd3be47631cad455273
7612dd8aa20e6b7f124ca2308f981b48bb8a4302494e1c91a4e0cffe2d6a43a1
77d70e83e6789b69ec878ea47a3498c8b23ea5cea781ab07dc090521b50c3a05
7e267c7067b4c103cc22c12daa62a267deab592f2da81c3cb3d6ff65a1fb8f9a
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
830415eac136b91e81f42ff500098213f138beb84b5a58c746cb37988e74529c
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b59100c2511d966f60b09d8e06bbea5482c6561c240404f5207282882818da7
8e0ef53da3ec9eb4a5559460cbe7bf4c07cb06ea38db55a62d6ee94fe510cc7f
8e3eed9703ab5ce126cfa0e19d7ab2785df27bc2a8f64740348868bd09ad34d8
9478acc1861faae1ddc542c79b9fffedf87ef6293f331f889bbf2e70e68b784c
97517377306825a6e9e21720e1f9f6e3f5b5625cbd4fac97b867d2c8b5b2f61a
99b4b48f6f14de556aecfd25bb2c01dd06132fc10ae6be90b268c0fdb3cb6f00
9b7c81d3e669c7bff62527a61525ad1b80f776021655fd3a63dc927b0f0d624b
9bcad0286d899dfb4787e3e9fb501f94b4b3af0f8e8d4c1072799ba4d1ddfda3
9bddc6ee47861a3d279db8913506a6dcc9394f9760faabfa7292173affb6454b
9cd04d1a84368fa539b48cc09d3721091127b9eb2858ff5e4863d6c127ccedae
9ce3ee1709f8ba7d27162429d46a3283c48fe20807c62d6eb206748f4dd42052
9dbb7dd2752fe08da9353a373f1653b0713d104eb6013a466323017e1f5ca9a8
9fee0e58cc99febee7b90c54f75a2f9ceef30c3de8b164b62c7a940eb2c263a1
a055462e069ab37c3c269bf8b80c7c1aafa72b7d2f0b7699833f87558b06a0cc
a477718a0c18dab93d52ba635655e0de3fdc362a53ed71d3371ac5a28084b725
a7b03af1b1baada9c00a6afa050b384e5ddf3842bda851ce759447170b47ae4b
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
b81d72275a74a94b4a823dc485fbf64fa3dcfc6ba99b6fda4729ac07abe82408
c00d09c746073aa83750bf3f45ce6a816b0fc5d4b2014ac9c5baa30e4a951988
c03889650bf962ae6108ba4f211ef470699aaf2d5784b8b15a4100ad9d76c4f5
c3cee27d4d5104c232f06c5ceaea7747c8ef35862b9e3c8689949ac04b22b269
c4b2f5ed2e5b58b3f2d22bd8e15425bfbb46790272c8f1789a867bbf97ca022a
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca63782b17b65bcfff660056425472ac29cc7fdfdc9e00fbd333afaeafb3e38b
cb93f19b1ffa2437995c99538da6914fec0df51909a20390f713752c4b63c644
ce901306ecc55554980fffb63e3a978cec2bafae373318d258d9ea32ed6d431f
cecc016d871503050653c68b7f4ad3ccc6a503f241e95f7837eaec96bfe84652
d2825f680b0a9bd81d07f36ababfc0a6279f53023eee1aba133b02b82be24364
d387f44c203e1c2bb2f4e129bdb096cd6c4323df07493a3ff92d93405a37da99
d493e43a39a2c5a022d4a1295f952f22079088c74dece36e94f2f8a760648819
d5a1812a74ef1aca314eac482fd8c48af2a8f6442a39be33aa75f3475a169771
d5f10f852b112a514a19f2b778eef5d2d1307878757f0a24539c051831cefaf8
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dd75ced5ad259948b6e55070c9966ac1fd6bdb1c199331089e33a1d48f58a699
e1f67cc75a65b657c623c6b4ec3869a7b8bccd0a7f0b670354fb55add6fcd6ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cf98946b73cbe4f1fc7de7b840997196e794e3a3ae7c44253b3a3ab7e6f970
e76b0f7b609a18da5b64254f1b82bdf2125415790bf47661be20aa2d79581e15
e7f209c6492eb79b0506ac0eda3155a37dfb4d2f8e85dbd289b48f81eff5663f
e83c4b7b7da7473164173a770ee1e0b09e1bae30166a73da8d42cdf1e0c92e60
eaa7d6245504c8116cfcb052edbd864a11bba2000b88717dba3df232c06690fe
ed443709a9c5267613f2a6598bd028fc7aa7c67f2947dd93fbf0e62be7820221
ed58e2d34146dd9b4786e89e43e5a3c45ddad22fe1131f263977af2a1cfc559d
f12e6c234c602028e5c53f9b073afb0b1c9695691af215c11943fdb12250f039
fa8a111d012ecb365aae3aefe58a59f41c2dd0a6b64c69c5f5b059409d15ad87

www.advintel.io Open in urlscan Pro 151.101.65.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

100 %HTTPS

44 %IPv6

8 Domains

10 Subdomains

10 IPs

2 Countries

1951 kBTransfer

6803 kBSize

6 Cookies

2 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.advintel.io Open in urlscan Pro
151.101.65.84 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

1951 kB
Transfer

6803 kB
Size

6
Cookies

112 HTTP transactions
5 data transactions