urlscan.io logo urlscan.io
SecurityTrails logo

www.zodiacterms.com Open in urlscan Pro
198.252.100.246  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zodiacterms.com/
Effective URL: https://www.zodiacterms.com/
Submission: On September 06 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 11 domains to perform 33 HTTP transactions. The main IP is 198.252.100.246, located in Chantilly, United States and belongs to HAWKHOST, CA. The main domain is www.zodiacterms.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 6th 2020. Valid for: 3 months.
This is the only time www.zodiacterms.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 198.252.100.246 20068 (HAWKHOST)
1 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 51.254.235.119 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
9 139.45.196.139 9002 (RETN-AS)
4 104.22.3.144 13335 (CLOUDFLAR...)
1 192.0.78.27 2635 (AUTOMATTIC)
2 95.211.229.246 60781 (LEASEWEB-...)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 192.0.76.3 2635 (AUTOMATTIC)
33 12
9    198.252.100.246 (Chantilly, United States)

ASN20068 (HAWKHOST, CA)
PTR: 198.252.100.246-static.reverse.arandomserver.com
zodiacterms.com
www.zodiacterms.com
1    2606:2800:234:4cc4:5670:35d5:1e00:b394 (United States)

ASN15133 (EDGECAST, US)
ads.exdynsrv.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
feeds.feedburner.com
1    2a02:26f0:10c:484::30ec (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
image.flaticon.com
1    51.254.235.119 (France)

ASN16276 (OVH, FR)
PTR: ip119.ip-51-254-235.eu
image0.flaticon.com
1    2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh4.googleusercontent.com
9    139.45.196.139 (Ascension Island)

ASN9002 (RETN-AS, EU)
basepush.com
4    104.22.3.144 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
1    192.0.78.27 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wordpress.com
2    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exdynsrv.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
pixel.wp.com
Domain Requested by
9 basepush.com www.zodiacterms.com
basepush.com
8 www.zodiacterms.com www.zodiacterms.com
2 router.infolinks.com resources.infolinks.com
2 syndication.exdynsrv.com ads.exdynsrv.com
2 resources.infolinks.com www.zodiacterms.com
1 pixel.wp.com www.zodiacterms.com
1 www.facebook.com www.zodiacterms.com
1 stats.wordpress.com www.zodiacterms.com
1 lh4.googleusercontent.com www.zodiacterms.com
1 image0.flaticon.com www.zodiacterms.com
1 image.flaticon.com 1 redirects
1 feeds.feedburner.com www.zodiacterms.com
1 ads.exdynsrv.com www.zodiacterms.com
1 zodiacterms.com 1 redirects
0 s10.histats.com Failed www.zodiacterms.com
33 15

This site contains links to these domains. Also see Links.

Domain
feeds.feedburner.com
go.ad2upapp.com
www.wordpress.org
www.histats.com
Subject Issuer Validity Valid
zodiacterms.com
Let's Encrypt Authority X3		 2020-07-06 -
2020-10-04		 3 months crt.sh
*.ackcdn.net
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-08-07 -
2021-08-01		 a year crt.sh
*.flaticon.com
Let's Encrypt Authority X3		 2020-07-22 -
2020-10-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2020-08-19 -
2020-11-11		 3 months crt.sh
basepush.com
Let's Encrypt Authority X3		 2020-09-03 -
2020-12-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-15 -
2021-08-15		 a year crt.sh
*.wordpress.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-12 -
2022-11-14		 2 years crt.sh
exdynsrv.com
Let's Encrypt Authority X3		 2020-08-15 -
2020-11-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://www.zodiacterms.com/
Frame ID: DC57C900B5FAF3676BCD59FC5D111A6E
Requests: 26 HTTP requests in this frame

Frame: https://syndication.exdynsrv.com/ads-iframe-display.php?idzone=2365275&type=728x90&p=https%3A//www.zodiacterms.com/&dt=1599394136919&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: F8DE73D347FA7814E6F94205CF3727AA
Requests: 1 HTTP requests in this frame

Frame: https://syndication.exdynsrv.com/ads-iframe-display.php?idzone=2365287&type=300x600&p=https%3A//www.zodiacterms.com/&dt=1599394136970&sub=&tags=&screen_resolution=1600x1200&el=%22
Frame ID: 659AF80FA2EA3AF56AF0526C7F5124FE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fzodiacterms&width=300&colorscheme=light&show_faces=false&border_color=%23ffffff&stream=false&header=false&height=87
Frame ID: 7267D9E199D6359AB74CE722B8B20211
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=null&wsid=0
Frame ID: BD19BCB433E860B2B1F6B03970D896FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://zodiacterms.com/ HTTP 301
    https://www.zodiacterms.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- All in One SEO Pack ([\d.]+) /i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- All in One SEO Pack ([\d.]+) /i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- All in One SEO Pack ([\d.]+) /i
Overall confidence: 100%
Detected patterns
  • html /<!-- All in One SEO Pack ([\d.]+) /i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

33
Requests

88 %
HTTPS

42 %
IPv6

11
Domains

15
Subdomains

12
IPs

6
Countries

414 kB
Transfer

1189 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zodiacterms.com/ HTTP 301
    https://www.zodiacterms.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://image.flaticon.com/icons/png/128/61/61222.png HTTP 301
  • https://image0.flaticon.com/icons/png/128/61/61222.png

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zodiacterms.com/
Redirect Chain
  • https://zodiacterms.com/
  • https://www.zodiacterms.com/
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.100.246 Chantilly, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.100.246-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/5.3.29
Resource Hash
16a426a2d09cd7779986552a40f820241243525c8042cdee82e081c48305b021

Request headers

:method
GET
:authority
www.zodiacterms.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-powered-by
PHP/5.3.29
content-type
text/html; charset=UTF-8
link
<https://www.zodiacterms.com/wp-json/>; rel="https://api.w.org/" <http://wp.me/2Cxb4>; rel=shortlink
etag
"2866-1598829811;br"
x-litespeed-cache
hit
content-encoding
br
vary
Accept-Encoding
content-length
5457
date
Sun, 06 Sep 2020 12:08:56 GMT
server
LiteSpeed

Redirect headers

status
301
x-powered-by
PHP/5.3.29
content-type
text/html; charset=UTF-8
location
https://www.zodiacterms.com/
x-litespeed-cache
hit
content-length
0
date
Sun, 06 Sep 2020 12:08:56 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
style.css
www.zodiacterms.com/wp-content/themes/friendlyfast/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.100.246 Chantilly, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.100.246-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
ac4d7a1ed0cba33652e384e619d94884c5349440d1067ff90526bd119867f027

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:56 GMT
content-encoding
br
last-modified
Tue, 06 Nov 2012 18:16:14 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2509
expires
Sun, 13 Sep 2020 12:08:56 GMT
ads.js
ads.exdynsrv.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.exdynsrv.com/ads.js
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:4cc4:5670:35d5:1e00:b394 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
b30ef18abec7fb3ca040ae4b0c8e85a816af81f52f59c797aa3b14fe708edfd9

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:56 GMT
content-encoding
gzip
last-modified
Sun, 06 Sep 2020 10:35:19 GMT
server
ECS (fcn/40E2)
age
5617
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-length
929
expires
Sun, 06 Sep 2020 15:08:56 GMT
sitesketch101
feeds.feedburner.com/~fc/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://feeds.feedburner.com/~fc/sitesketch101?bg=0066FF&fg=000000&anim=1
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03951051f4a297e64aaf4aa58b21b32c261bc4887638badc6dc5e71319a78345
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 06 Sep 2020 12:08:56 GMT
X-Content-Type-Options
nosniff
Server
GSE
Content-Type
image/gif
Cache-Control
max-age=7200
Content-Length
3698
X-XSS-Protection
1; mode=block
Expires
Sun, 06 Sep 2020 14:08:56 GMT
61222.png
image0.flaticon.com/icons/png/128/61/
Redirect Chain
  • http://image.flaticon.com/icons/png/128/61/61222.png
  • https://image0.flaticon.com/icons/png/128/61/61222.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image0.flaticon.com/icons/png/128/61/61222.png
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.254.235.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ip119.ip-51-254-235.eu
Software
nginx /
Resource Hash
cc2f65d700be004abad408169c0344607b3546f569d1c827e7a6bcda58b3c8ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Sun, 06 Sep 2020 12:08:57 GMT
last-modified
Tue, 07 Jun 2016 08:37:52 GMT
server
nginx
status
200
etag
"575687e0-839"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2105
expires
Tue, 06 Oct 2020 12:08:57 GMT

Redirect headers

Location
https://image0.flaticon.com/icons/png/128/61/61222.png
Date
Sun, 06 Sep 2020 12:08:56 GMT
X-default-rule
YES
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
oie_oie_animation.gif
lh4.googleusercontent.com/-CUaPEOmztpc/T6JEjIgZSfI/AAAAAAAABO0/PPaovWDHM8w/s113/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/-CUaPEOmztpc/T6JEjIgZSfI/AAAAAAAABO0/PPaovWDHM8w/s113/oie_oie_animation.gif
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
dc2d9e4ce41d75f99ed8b5d3d14cb61a1ec2e7708c0d34203a6cad85309ff481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:56 GMT
x-content-type-options
nosniff
status
200
content-disposition
inline;filename="oie_oie_animation.gif"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41233
x-xss-protection
0
server
fife
etag
"v8f1"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 07 Sep 2020 12:08:56 GMT
ntfc.php
basepush.com/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://basepush.com/ntfc.php?p=1591633
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
c18b5a5d82547778d1e4a2e0030b223e45891cb9fe4724c59b042b538e731aab

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 06 Sep 2020 12:08:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 08:37:13 GMT
Server
nginx
ETag
W/"5f50ab39-a750"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js?pid=0&wsid=0
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ef03d444a458bd5ce39b4df08dce0cc240ce322906c991ca0e4ee330a7774aa

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5ce8140b2f71c76d-AMS
date
Sun, 06 Sep 2020 12:08:56 GMT
via
1.1 google
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Sep 2020 16:12:56 GMT
server
cloudflare
etag
W/"b11-5ae7f2443e655"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=3600
content-encoding
gzip
cf-request-id
0504eadafa0000c76d059d0200000001
expires
Sun, 06 Sep 2020 13:08:56 GMT
wp-embed.min.js
www.zodiacterms.com/wp-includes/js/ 		1 KB
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zodiacterms.com/wp-includes/js/wp-embed.min.js?ver=4.4.23
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.100.246 Chantilly, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.100.246-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:56 GMT
content-encoding
br
last-modified
Fri, 06 May 2016 19:42:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
639
expires
Sun, 13 Sep 2020 12:08:56 GMT
e-202035.js
stats.wordpress.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wordpress.com/e-202035.js
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:57 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
strict-transport-security
max-age=15552000
expires
Mon, 06 Sep 2021 12:08:57 GMT
style.css
www.zodiacterms.com/wp-content/plugins/simple-contact-form/ 		0
0
simple-contact-form.js
www.zodiacterms.com/wp-content/plugins/simple-contact-form/ 		0
0
Cookie set ads-iframe-display.php
syndication.exdynsrv.com/ Frame F8DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/ads-iframe-display.php?idzone=2365275&type=728x90&p=https%3A//www.zodiacterms.com/&dt=1599394136919&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: ads.exdynsrv.com
URL: https://ads.exdynsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exdynsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.zodiacterms.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zodiacterms.com/

Response headers

Server
nginx
Date
Sun, 06 Sep 2020 12:08:56 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%225f54d158eb2134.1165890652457742%22%3B%7D; expires=Tue, 06 Sep 2022 12:08:56 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none impressions=x%9CM%90MN%861%08%84%EF%D2%F5%DB%04f%A6P%BC%8A%F1%24%C6%BB%8B%F9%D4v%C1%8A%87%F9%E1s%90%84%EF5%2982s%BC%BD%FB%E3%AB%8A%CEE%3D%C3%25%1B%1F%CF%60%B1%04%9B%3D%E5%15%B8%40%F9%CA%0BD%EF%3D%27%19%99N%1E%B0%2F%0D%07%84%D2J%7B%CA%21%B0%D6%01U%BD%3A%A0%CCL%3B%A6h%7D%E0%FB%80%CB%0A%FB%06%E5%EE%9D%91%AB%18%F8%C9%88_PQ%FE%8C%C4%CB9%D9z1%B1%18%2B%A1%8B%DB%9D%F1%16%F4x%09%22%01%EArn%F0%FENVX%97%16%CA6xE%8C%B5w%FC%3B3%3C%14%9Cj%1B%29%AF%CE%5D%8C%F1%27%F8%F5%0DM%E5R%FA; expires=Mon, 07 Sep 2020 12:08:56 GMT; path=/; domain=.exdynsrv.com; Secure; SameSite=none
Content-Encoding
gzip
bg.gif
www.zodiacterms.com/wp-content/themes/friendlyfast/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zodiacterms.com/wp-content/themes/friendlyfast/images/bg.gif
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.100.246 Chantilly, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.100.246-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
dcd340fadc6d80a05f7546ee00bc2da9819f1cb10f3c694592d5f3909c487f82

Request headers

Referer
https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:56 GMT
last-modified
Fri, 08 Oct 2010 18:00:14 GMT
server
LiteSpeed
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11599
expires
Sun, 13 Sep 2020 12:08:56 GMT
bg-top.png
www.zodiacterms.com/wp-content/themes/friendlyfast/images/ 		210 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zodiacterms.com/wp-content/themes/friendlyfast/images/bg-top.png
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.100.246 Chantilly, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.100.246-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
b3edfce8ead8ecf499c03ac6e75aae9165c4cabae075ba34e438a04673cd655b

Request headers

Referer
https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:56 GMT
last-modified
Fri, 08 Oct 2010 18:00:12 GMT
server
LiteSpeed
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
210
expires
Sun, 13 Sep 2020 12:08:56 GMT
wptheader.jpg
www.zodiacterms.com/wp-content/themes/friendlyfast/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zodiacterms.com/wp-content/themes/friendlyfast/images/wptheader.jpg
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.100.246 Chantilly, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.100.246-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
17c0babc9953bfd1d5017ce654b634c88c6bc11c7e3cbfb23a679f6e3bd091ad

Request headers

Referer
https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:56 GMT
last-modified
Fri, 08 Oct 2010 18:00:16 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
26297
expires
Sun, 13 Sep 2020 12:08:56 GMT
sidelink.gif
www.zodiacterms.com/wp-content/themes/friendlyfast/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zodiacterms.com/wp-content/themes/friendlyfast/images/sidelink.gif
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.100.246 Chantilly, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.100.246-static.reverse.arandomserver.com
Software
LiteSpeed /
Resource Hash
56e3926697afe82ce05894149466b9651bcea46b9936a076784e6523a6b0adc2

Request headers

Referer
https://www.zodiacterms.com/wp-content/themes/friendlyfast/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:56 GMT
last-modified
Fri, 08 Oct 2010 18:00:16 GMT
server
LiteSpeed
content-type
image/gif
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1065
expires
Sun, 13 Sep 2020 12:08:56 GMT
Cookie set ads-iframe-display.php
syndication.exdynsrv.com/ Frame 659A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/ads-iframe-display.php?idzone=2365287&type=300x600&p=https%3A//www.zodiacterms.com/&dt=1599394136970&sub=&tags=&screen_resolution=1600x1200&el=%22
Requested by
Host: ads.exdynsrv.com
URL: https://ads.exdynsrv.com/ads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
syndication.exdynsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.zodiacterms.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zodiacterms.com/

Response headers

Server
nginx
Date
Sun, 06 Sep 2020 12:08:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225f54d158f2a542.433801641909211353%22%3B%7D; expires=Tue, 06 Sep 2022 12:08:56 GMT; path=; domain=.exdynsrv.com; Secure; SameSite=none
Content-Encoding
gzip
likebox.php
www.facebook.com/plugins/ Frame 7267 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fzodiacterms&width=300&colorscheme=light&show_faces=false&border_color=%23ffffff&stream=false&header=false&height=87
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fzodiacterms&width=300&colorscheme=light&show_faces=false&border_color=%23ffffff&stream=false&header=false&height=87
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.zodiacterms.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zodiacterms.com/

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-type
text/html; charset="utf-8"
x-fb-debug
mYhbZjQW9uudL9tuPMehaWHz+ST8rqtHOaMBKc8jrWHgOqNlWmxDIP59wLg1I/cKnYIz5GqvJepGa4YurysnTA==
date
Sun, 06 Sep 2020 12:08:57 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
js15.js
s10.histats.com/ 		0
0
ice.js
resources.infolinks.com/js/1702.018-2.093/ 		857 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1702.018-2.093/ice.js
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4a2b3f6e90dcd44f4e8b454a71543074905055040e09e016d24f4135e5ced8

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:57 GMT
via
1.1 google
cf-cache-status
HIT
age
11278
status
200
content-encoding
gzip
cf-request-id
0504eadbab0000c76d059dd200000001
last-modified
Mon, 31 Aug 2020 10:09:21 GMT
server
cloudflare
etag
W/"d6260-5ae2998a30256"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
5ce8140c4905c76d-AMS
expires
Tue, 06 Oct 2020 09:00:59 GMT
zone
basepush.com/ 		695 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://basepush.com/zone?pub=0&zone_id=1591633&is_mobile=false&domain=www.zodiacterms.com&var=&ymid=&var_3=
Requested by
Host: basepush.com
URL: https://basepush.com/ntfc.php?p=1591633
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
bf80e0052dca550a56f4c3a344c75c4a76bee3fc20a407c91ed3cbe8fe089e6a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id
bc46c9c62b403ff4123ecc685c5ff3af
Date
Sun, 06 Sep 2020 12:08:57 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.zodiacterms.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
695
universal.min.js
basepush.com/pfe/current/ 		143 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://basepush.com/pfe/current/universal.min.js?v=3.1.259
Requested by
Host: basepush.com
URL: https://basepush.com/ntfc.php?p=1591633
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
78c49b5b6c2475dac10ef696450901f564c076a0ad7ec63aff88f2e21fe51a87

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 06 Sep 2020 12:08:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Sep 2020 08:37:13 GMT
Server
nginx
ETag
W/"5f50ab39-23d8d"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://www.zodiacterms.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
g.gif
pixel.wp.com/ 		50 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?blog=38736674&v=ext&post=0&host=www.zodiacterms.com&ref=&fcp=836&rand=0.17031155987663094
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 06 Sep 2020 12:08:57 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
manage
router.infolinks.com/usync/ Frame BD19 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=null&wsid=0
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1702.018-2.093/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
router.infolinks.com
:scheme
https
:path
/usync/manage?pid=null&wsid=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.zodiacterms.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.zodiacterms.com/

Response headers

status
200
date
Sun, 06 Sep 2020 12:08:57 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d20b23dbc6c2f1be4de4cf5d21f495e581599394137; expires=Tue, 06-Oct-20 12:08:57 GMT; path=/; domain=.infolinks.com; HttpOnly; SameSite=Lax
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
0504eadcb30000c76d059ea200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5ce8140debf9c76d-AMS
content-encoding
gzip
gsd
router.infolinks.com/ 		0
70 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=null&pdom=www.zodiacterms.com&purl=https%3A%2F%2Fwww.zodiacterms.com%2F&jsv=1702.018-2.093&_cb=15993941372620
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1702.018-2.093/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Sep 2020 12:08:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200
cf-ray
5ce8140dec04c76d-AMS
content-length
0
cf-request-id
0504eadcb50000c76d059eb200000001
custom
basepush.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://basepush.com/custom
Protocol
HTTP/1.1
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.zodiacterms.com
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 06 Sep 2020 12:08:57 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://www.zodiacterms.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
basepush.com/ 		39 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://basepush.com/custom
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
a2311cd551468bb3b942f14d2f2e2ccd
Date
Sun, 06 Sep 2020 12:08:57 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.zodiacterms.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
sw.js
www.zodiacterms.com/ 		16 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.zodiacterms.com/sw.js
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.100.246 Chantilly, United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
198.252.100.246-static.reverse.arandomserver.com
Software
LiteSpeed / PHP/5.3.29
Resource Hash
27e04ae6b4a6b22eb3e50e11245b578c261feaf622c862390314ce5e7864c386

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Sep 2020 12:08:57 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/5.3.29
x-litespeed-cache
miss
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
404
x-litespeed-cache-control
public,max-age=3600
cache-control
no-cache, must-revalidate, max-age=0
x-litespeed-tag
B1_URL.530e02806fd3a83d21ee1fbad74920ac,B1_ERR.404,B1_PGSRP,B1_
link
<https://www.zodiacterms.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
custom
basepush.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://basepush.com/custom
Protocol
HTTP/1.1
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.zodiacterms.com
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 06 Sep 2020 12:08:57 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://www.zodiacterms.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
basepush.com/ 		39 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://basepush.com/custom
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
aa0a2791f24842e0330116fa8fe313a8
Date
Sun, 06 Sep 2020 12:08:57 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.zodiacterms.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39
custom
basepush.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://basepush.com/custom
Protocol
HTTP/1.1
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.zodiacterms.com
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Sun, 06 Sep 2020 12:08:58 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Origin
https://www.zodiacterms.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age
86400
custom
basepush.com/ 		39 B
494 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://basepush.com/custom
Requested by
Host: www.zodiacterms.com
URL: https://www.zodiacterms.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.139 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zodiacterms.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Trace-Id
33ebb7ea914d10cef0540969f459f590
Date
Sun, 06 Sep 2020 12:08:58 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.zodiacterms.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
39

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.zodiacterms.com
URL
http://www.zodiacterms.com/wp-content/plugins/simple-contact-form/style.css?ver=4.4.23
Domain
www.zodiacterms.com
URL
http://www.zodiacterms.com/wp-content/plugins/simple-contact-form/simple-contact-form.js?ver=4.4.23
Domain
s10.histats.com
URL
http://s10.histats.com/js15.js

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| _wpemojiSettings string| ad_idzone string| ad_width string| ad_height object| exoDynamicParams string| exoDocumentProtocol string| infolinks_plugin_version object| $iceboot object| INFOLINKS object| _0x233f function| _0x549d object| _0x22a6 function| _0x54ee object| _0x550c function| _0x56ae object| zfgformats object| wp function| st_go function| linktracker_init object| wpcom object| _stq function| load_cmc object| _0x525c function| _0x20f8 object| sdk function| _typeof object| $ice object| $infolinks function| hb_iceChunk object| hb_ice object| _pbjsGlobals object| __core-js_shared__ object| $ICE_HB boolean| installOnFly

16 Cookies

Domain/Path Name / Value
.casalemedia.com/ Name: CMRUM3
Value: be5f54d15905a0&275f54d1590b40&9c5f54d15905a00&f15f54d15905a00&295f54d15905a00&2e5f54d15905a0&495f54d15905a00&415f54d15905a0
.casalemedia.com/ Name: CMST
Value: X1TRWV9U0VkA
.casalemedia.com/ Name: CMID
Value: X1TRWblQJvgAAHFOfi8AAAC5
.warumbistdusoarm.space/ Name: z_757fa41474171c19559cb26aca8cca9e
Value: 1
.warumbistdusoarm.space/ Name: c_e1d1af49a761bc1e720aef1b22268a8a
Value: 1
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 69CAC8AD-15D5-46E6-A21F-FCDCCDF96EC8
.casalemedia.com/ Name: CMPS
Value: 3279
.infolinks.com/ Name: IXUSERCOOKIE
Value: X1TRWblQJvgAAHFOfi8AAAC5&1102
.infolinks.com/ Name: SOVRNUSERCOOKIE
Value: 8b9c3820f240e0cd9520a0e5
.infolinks.com/ Name: R1USERCOOKIE
Value: OPTOUT
.exdynsrv.com/ Name: goals
Value: a%3A1%3A%7Bi%3A58753%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222020-09-06%22%3B%7D%7D
.exdynsrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225f54d158f2a542.433801641909211353%22%3B%7D
.casalemedia.com/ Name: CMPRO
Value: 1102
.exdynsrv.com/ Name: impressions
Value: x%9CM%90MN%861%08%84%EF%D2%F5%DB%04f%A6P%BC%8A%F1%24%C6%BB%8B%F9%D4v%C1%8A%87%F9%E1s%90%84%EF5%2982s%BC%BD%FB%E3%AB%8A%CEE%3D%C3%25%1B%1F%CF%60%B1%04%9B%3D%E5%15%B8%40%F9%CA%0BD%EF%3D%27%19%99N%1E%B0%2F%0D%07%84%D2J%7B%CA%21%B0%D6%01U%BD%3A%A0%CCL%3B%A6h%7D%E0%FB%80%CB%0A%FB%06%E5%EE%9D%91%AB%18%F8%C9%88_PQ%FE%8C%C4%CB9%D9z1%B1%18%2B%A1%8B%DB%9D%F1%16%F4x%09%22%01%EArn%F0%FENVX%97%16%CA6xE%8C%B5w%FC%3B3%3C%14%9Cj%1B%29%AF%CE%5D%8C%F1%27%F8%F5%0DM%E5R%FA
.infolinks.com/ Name: ZMNUSERCOOKIE
Value: 4JUywE0FUfzM95lvFmDQ
www.zodiacterms.com/ Name: logglytrackingsession
Value: 2aed4ed8-69f2-4f04-8e20-803ed0e3c65f

1 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
service worker path (u): /sw.js event domain: https://basepush.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.exdynsrv.com
basepush.com
feeds.feedburner.com
image.flaticon.com
image0.flaticon.com
lh4.googleusercontent.com
pixel.wp.com
resources.infolinks.com
router.infolinks.com
s10.histats.com
stats.wordpress.com
syndication.exdynsrv.com
www.facebook.com
www.zodiacterms.com
zodiacterms.com
s10.histats.com
www.zodiacterms.com
104.22.3.144
139.45.196.139
192.0.76.3
192.0.78.27
198.252.100.246
2606:2800:234:4cc4:5670:35d5:1e00:b394
2a00:1450:4001:809::200e
2a00:1450:4001:81b::2001
2a02:26f0:10c:484::30ec
2a03:2880:f11c:8183:face:b00c:0:25de
51.254.235.119
95.211.229.246
03951051f4a297e64aaf4aa58b21b32c261bc4887638badc6dc5e71319a78345
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
16a426a2d09cd7779986552a40f820241243525c8042cdee82e081c48305b021
17c0babc9953bfd1d5017ce654b634c88c6bc11c7e3cbfb23a679f6e3bd091ad
27e04ae6b4a6b22eb3e50e11245b578c261feaf622c862390314ce5e7864c386
56e3926697afe82ce05894149466b9651bcea46b9936a076784e6523a6b0adc2
5ef03d444a458bd5ce39b4df08dce0cc240ce322906c991ca0e4ee330a7774aa
78c49b5b6c2475dac10ef696450901f564c076a0ad7ec63aff88f2e21fe51a87
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891
ab4a2b3f6e90dcd44f4e8b454a71543074905055040e09e016d24f4135e5ced8
ac4d7a1ed0cba33652e384e619d94884c5349440d1067ff90526bd119867f027
b30ef18abec7fb3ca040ae4b0c8e85a816af81f52f59c797aa3b14fe708edfd9
b3edfce8ead8ecf499c03ac6e75aae9165c4cabae075ba34e438a04673cd655b
bf80e0052dca550a56f4c3a344c75c4a76bee3fc20a407c91ed3cbe8fe089e6a
c18b5a5d82547778d1e4a2e0030b223e45891cb9fe4724c59b042b538e731aab
cc2f65d700be004abad408169c0344607b3546f569d1c827e7a6bcda58b3c8ad
dc2d9e4ce41d75f99ed8b5d3d14cb61a1ec2e7708c0d34203a6cad85309ff481
dcd340fadc6d80a05f7546ee00bc2da9819f1cb10f3c694592d5f3909c487f82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881