urlscan.io logo urlscan.io
SecurityTrails logo

staging.zipzip.ai Open in urlscan Pro
172.67.149.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://staging.zipzip.ai/
Effective URL: https://staging.zipzip.ai/
Submission Tags: @phish_report
Submission: On August 18 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 30 HTTP transactions. The main IP is 172.67.149.70, located in United States and belongs to CLOUDFLARENET, US. The main domain is staging.zipzip.ai.
TLS certificate: Issued by WE1 on August 18th 2024. Valid for: 3 months.
This is the only time staging.zipzip.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 172.67.149.70 13335 (CLOUDFLAR...)
1 104.16.79.73 13335 (CLOUDFLAR...)
2 103.180.114.1 200325 (BUNNYCDN)
6 142.251.220.163 15169 (GOOGLE)
1 142.251.220.131 15169 (GOOGLE)
2 142.251.221.46 15169 (GOOGLE)
2 216.239.36.54 ()
30 8
8    172.67.149.70 (United States)

ASN13335 (CLOUDFLARENET, US)
staging.zipzip.ai
1    104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    103.180.114.1 (Australia)

ASN200325 (BUNNYCDN, SI)
plausible.io
6    142.251.220.163 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s02-in-f3.1e100.net
www.gstatic.com
1    142.251.220.131 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: mnl07s01-in-f3.1e100.net
fonts.gstatic.com
2    142.251.221.46 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: mnl08s03-in-f14.1e100.net
apis.google.com
2    216.239.36.54 (None, )

ASN- ()
asia-south1-truecaller-web.cloudfunctions.net
Apex Domain
Subdomains		 Transfer
8 zipzip.ai
staging.zipzip.ai
12 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
2 MB
2 cloudfunctions.net
asia-south1-truecaller-web.cloudfunctions.net
240 B
2 google.com
apis.google.com — Cisco Umbrella Rank: 225
43 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 12506
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
0 nip.io Failed
22a01832.nip.io Failed
0 firebaseapp.com Failed
truebot-148a2.firebaseapp.com Failed
30 8
Domain Requested by
8 staging.zipzip.ai staging.zipzip.ai
static.cloudflareinsights.com
6 www.gstatic.com staging.zipzip.ai
www.gstatic.com
2 asia-south1-truecaller-web.cloudfunctions.net staging.zipzip.ai
2 apis.google.com www.gstatic.com
apis.google.com
2 plausible.io staging.zipzip.ai
plausible.io
1 fonts.gstatic.com staging.zipzip.ai
1 static.cloudflareinsights.com staging.zipzip.ai
0 22a01832.nip.io Failed staging.zipzip.ai
0 truebot-148a2.firebaseapp.com Failed apis.google.com
30 9

This site contains no links.

Subject Issuer Validity Valid
staging.zipzip.ai
WE1		 2024-08-18 -
2024-11-16		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
plausible.io
R11		 2024-07-20 -
2024-10-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.apis.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
misc.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://staging.zipzip.ai/
Frame ID: 2B6C22E5CDB6B4C362FA8C29876D130C
Requests: 27 HTTP requests in this frame

Frame: https://truebot-148a2.firebaseapp.com/__/auth/iframe?apiKey=AIzaSyDOiXj3d7KiUA4p-FSIA_u4zMbWj_UEPNM&appName=%5BDEFAULT%5D&v=9.18.0&eid=p&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.pGGAptgAK4s.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo-Cic-4VdRMZ7mFCYOA3wzpF7O-6g%2Fm%3D__features__
Frame ID: 1D9B650DD2F20DBE225051842173737E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ZipZip

Page URL History Show full URLs

  1. http://staging.zipzip.ai/ HTTP 307
    https://staging.zipzip.ai/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

30
Requests

73 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

1745 kB
Transfer

9587 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://staging.zipzip.ai/ HTTP 307
    https://staging.zipzip.ai/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
staging.zipzip.ai/
Redirect Chain
  • http://staging.zipzip.ai/
  • https://staging.zipzip.ai/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0b8ef91615143d24f9f9b7909b320a1cc71d7bfb01e35ffbc8f78ff3815fb1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b54f821586b5d2c-SYD
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 18 Aug 2024 21:24:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58JGXWW7zSJVDuKyAO0wcVq9NodN23g9r%2BlBDSpZ4z0t2U7NKiVC5G3CRQhqDnFTLub6p94dj3NAvzqwxYtO68OlFd%2FadiBWwguUadZn%2BPDavC0Yw39yLwL8gPNtSPAhnZKucQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Location
https://staging.zipzip.ai/
Non-Authoritative-Reason
HttpsUpgrades
flutter.js
staging.zipzip.ai/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/flutter.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b706f51b33636a563d519b041919b521c54b58c62f12364a0c3f3cfcb92fd5a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"8d0830cd4deefca91a09b7bb05eae2bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YW2Qk5WTwzSJOYlQ1hskca140KUXYugdHbY%2FDm8H7WTz%2Bqzy3LIZcQcb9%2FbKJ8r75r8LMR8SYsZ5eL7wNpnu11NMy5zNATaOt53LEuQMLjwwuhGSPMHw0U3ZnDWpvQNEsAwLnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b54f821f8e15d2c-SYD
priority
u=3,i=?0
resize.js
staging.zipzip.ai/ 		352 B
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/resize.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0824be13ed9e9be92b04c83e2adeaaf4dd377d3849401d85248064859f086a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"00ffd12e09333c0df74b5ff437ad77d6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfXxAwz5bzuircqy72czr2vK%2Bl62RqnSPxsOjZlMVWG4yrqT2Nvhu1V0PRKLmrQT8j%2BjiTALvh3Z9LQSgHxj4aS35RoXo%2FNuuomJPLBdBciAgQnBEYfO4JdA%2BcbsHNTky7Qe%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b54f821f8e35d2c-SYD
priority
u=1,i=?0
analytics.js
staging.zipzip.ai/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/analytics.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c1e00652edfeb3ca9a71a3e114094f116ca137712734a631b3436cb3b3949a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"640408077d28f5438b294aa58e6857e7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZQzbLvybxAiw%2F1SBoX%2FbLfBgM3zpL61g0H2uGu1L4%2BvKsGrgGwZq6nVTS3MRXJ3n3KY7BkO6dygsG1wECSaEK9w%2FHuQp6KRq27Y4DjV1%2FDfg0TWR7kWbk2vMTQHpuXgwopz9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b54f821f8e65d2c-SYD
priority
u=1,i=?0
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://staging.zipzip.ai/
Origin
https://staging.zipzip.ai
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8b54f8225f585d14-SYD
script.js
plausible.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/script.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1151
cdn-cachedat
08/18/2024 09:39:25
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
127.0.0.1
alt-svc
h3=":9443"; ma=2592000
server
BunnyCDN-SYD1-1151
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, must-revalidate, max-age=86400
permissions-policy
interest-cohort=()
cdn-requestid
edd0d3f938763fae9232da06ddb8f803
cdn-requestcountrycode
AU
cdn-status
200
cdn-requestpullsuccess
True
event
plausible.io/api/ 		2 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.180.114.1 , Australia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-SYD1-1151 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
cdn-edgestorageid
1151
cdn-cachedat
08/18/2024 21:24:11
cdn-pullzone
682664
application
127.0.0.1
alt-svc
h3=":9443"; ma=2592000
content-length
2
x-request-id
F-zvpX8e6pAB2qNExdGU
server
BunnyCDN-SYD1-1151
cdn-proxyver
1.04
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
x-plausible-dropped
1
cdn-requestid
62b86d87cae9e6ee8eaa96130749e5d3
cdn-requestcountrycode
AU
cdn-requestpullsuccess
True
rum
staging.zipzip.ai/cdn-cgi/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type
application/json

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://staging.zipzip.ai
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8b54f822c9b55d2c-SYD
favicon.ico
staging.zipzip.ai/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3866bcaa80e4383744a8384decb6129ed46da3795da3926443b4b5ffdc54755
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ca785351eba84e3c21aa19437929ae21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zxa%2FPyNWxBqiCdW9gOVzbyP9V9cUf7IdH3GF7EiDqzYxWYFPBRGJEonc61wEeRt86pBOv3rmcr1JslxUQDcJbqb%2FYQZwoitj9%2BJg%2FkYmI0h43LXnOFKUOMyTnWcFZq%2BLLFE82Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b54f822c9b65d2c-SYD
priority
u=1,i
favicon.ico
staging.zipzip.ai/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3866bcaa80e4383744a8384decb6129ed46da3795da3926443b4b5ffdc54755
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ca785351eba84e3c21aa19437929ae21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zxa%2FPyNWxBqiCdW9gOVzbyP9V9cUf7IdH3GF7EiDqzYxWYFPBRGJEonc61wEeRt86pBOv3rmcr1JslxUQDcJbqb%2FYQZwoitj9%2BJg%2FkYmI0h43LXnOFKUOMyTnWcFZq%2BLLFE82Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b54f822c9b65d2c-SYD
priority
u=1,i
favicon-32x32.png
staging.zipzip.ai/icons/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/icons/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.149.70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188ca1e6de76f50dd09d056f2b3e9af2edb8e76fb2ebe4e2952f00b5380aa588
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1931
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"312567b32758f4e68fdb2d4baee6f005"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhGykRIFinVuWivlBCE3FpU1PAIN9VIi6QsRFIzkwiD1GG4QJxJlchgxVk%2FnuwGfTbGH%2BLP2WtfqD83%2F56Tfw%2BcI6xpd%2BWh9JKE60ke8Db2w%2BgmgeEIJNND62D%2FaBvap%2FWb4jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b54f8230a145d2c-SYD
priority
u=1,i
main.dart.js
staging.zipzip.ai/ 		4 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/main.dart.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/flutter.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
94f6f9097c0dcf20e846c14e1689dce3976229efc1f96c227e5423fff9932c9f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a646400df783041bf87f84699ca58bc1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGtWatWxTVQfD1tGY%2BzF5Su0K12yFBCmK%2BT8PWDI2%2BAA7byEk4tS7CBt4x%2FW2cdn4CqcMuv8dUIuv9488IGnF830JKx0WmH3FajW5Sq3iEFfprwLAs1kJtf7f%2BlfCelg8HJajQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b54f8230a1c5d2c-SYD
priority
u=1,i
canvaskit.js
www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/chromium/ 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/chromium/canvaskit.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.163 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f3.1e100.net
Software
sffe /
Resource Hash
36e982e5547689d39881245052762524d943ce03e936fb414af0a5e803c6283a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 08:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26256
x-xss-protection
0
last-modified
Tue, 16 May 2023 18:11:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="flutter-team"
vary
Accept-Encoding
report-to
{"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Aug 2025 08:44:21 GMT
FontManifest.json
staging.zipzip.ai/assets/ 		208 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/assets/FontManifest.json
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7e03645bc44b2dd47b7cb626f51c4ecbf55a197ab77241628b47ac165fbe21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"bc4f22528125c2a16f14c9915e58c816"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5Mg58LJrDJEhWgMWj4zFk%2BVEx4hbaCz56RgMbJdOvbVWWHjD7BSMPMGjmruTkKJZOcHk%2BGMjnYz1StzNpaC9Ny0Yt6u58DEm6oaXUcNolSi%2B39X3pboBhXVbwvtuNpe9V1dpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8b54f8236a815d2c-SYD
priority
u=1,i
MaterialIcons-Regular.otf
staging.zipzip.ai/assets/fonts/ 		11 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/assets/fonts/MaterialIcons-Regular.otf
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5b858c5770943d7034feb9d441fd67883473eddf720b7351a021eba3a5b024ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:12 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11412
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"01871ea21205c3ae47087d1b1bcc2fdf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BMdxw5HEnS6Fy3gTrl4hxCdFF0jXHTH%2BscXPRfT3GNaZ4E6kkgq%2Ba%2Fa7jufSkfJ4BCSPJK3P9b6%2B3U9I8CuXYPh2WNfiaKhOwDusL0Z%2BNEwtJvWUEIMmKblVj5feBBe1mm%2B6WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b54f82a69385d2c-SYD
priority
u=1,i
CupertinoIcons.ttf
staging.zipzip.ai/assets/packages/cupertino_icons/assets/ 		1 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7faebfc34fcf9aeed5ed14c8d859995da91d26ee4d515a5d5a632a14cc6b3d98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:12 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1236
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"14476b55fa3a3749ac14a359cbc37415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqbWBdRZcwecNAOuYf1EkKE0JDrucJnMKpviJi39BhfCrcHjetRZr6tfqgM6VwI68zQFndYxVDY0yrWPH9r%2BIiOFu66eS7jZ%2FfbOf88opoccPiSI7YfRLytzPNsydFMnbIcrvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8b54f82a69395d2c-SYD
priority
u=1,i
KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
fonts.gstatic.com/s/roboto/v20/ 		167 KB
90 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.220.131 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s01-in-f3.1e100.net
Software
sffe /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 17 Aug 2024 01:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91230
x-xss-protection
0
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Aug 2025 01:53:53 GMT
canvaskit.wasm
www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/chromium/ 		5 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/chromium/canvaskit.wasm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/flutter-canvaskit/b4fb11214dd2dda6ce012dd98ea498e9e8b91262/chromium/canvaskit.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.163 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f3.1e100.net
Software
sffe /
Resource Hash
c163375d22119ddb60045f34f2c838b42550a9e9ffccd52511e892b2e1bcba53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 08:44:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1532457
x-xss-protection
0
last-modified
Tue, 16 May 2023 18:11:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="flutter-team"
vary
Accept-Encoding
report-to
{"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type
application/wasm
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Aug 2025 08:44:21 GMT
flutter_dropzone.js
staging.zipzip.ai/assets/packages/flutter_dropzone_web/assets/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.zipzip.ai/assets/packages/flutter_dropzone_web/assets/flutter_dropzone.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/main.dart.js
Protocol
H3
Server
-, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
df0d786c4f14065ba58f7a79a07efd76abed924a7a9fb50d743039cd95a01d1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 18 Aug 2024 21:24:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2f06e43e748faed82a3af54b88515e31"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7KMRqfXzeJZ8gF93o9d5FwjcUG5PL1uXx5KkAWawGAaU2UBtB2gitBslEXxwyAvSIdpT8aNA9nCcraZGgPK1d%2BJ%2BjcTZdrf2dPjqC7hZW3cZwOUHIvGoZUXp4YSQ%2BqDe8kLSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8b54f8343af95d2c-SYD
priority
u=3,i
firebase-app.js
www.gstatic.com/firebasejs/9.18.0/ 		91 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.18.0/firebase-app.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.163 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f3.1e100.net
Software
sffe /
Resource Hash
d7cc15aee6a27dbf64ccc8dcb248cec69ca1132360d0eb495659c63d4dbf5260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
Origin
https://staging.zipzip.ai
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 17 Aug 2024 06:28:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20695
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 21:56:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Aug 2025 06:28:56 GMT
firebase-app-check.js
www.gstatic.com/firebasejs/9.18.0/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.18.0/firebase-app-check.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.163 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f3.1e100.net
Software
sffe /
Resource Hash
7395e877ff72322acc86fbe9114609637d449dc107db83768c4ef5cc8cdfa371
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
Origin
https://staging.zipzip.ai
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 16 Aug 2024 23:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
166217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7193
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 21:56:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Aug 2025 23:13:57 GMT
firebase-remote-config.js
www.gstatic.com/firebasejs/9.18.0/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.18.0/firebase-remote-config.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.163 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f3.1e100.net
Software
sffe /
Resource Hash
ff8732af026a7acdb1c56c0d78660caa59f8acd3e50f3fdff9f47a90f2627486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
Origin
https://staging.zipzip.ai
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 15 Aug 2024 03:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
322095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8450
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 21:56:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Aug 2025 03:55:59 GMT
firebase-auth.js
www.gstatic.com/firebasejs/9.18.0/ 		115 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.18.0/firebase-auth.js
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.220.163 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl07s02-in-f3.1e100.net
Software
sffe /
Resource Hash
320ce021881ec592f45a18be844f7d7e311eb1f09cd47da597b2293bc2764c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
Origin
https://staging.zipzip.ai
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 17 Aug 2024 05:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33731
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 21:56:52 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Aug 2025 05:41:28 GMT
api.js
apis.google.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?onload=__iframefcb68519
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.18.0/firebase-auth.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.46 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f14.1e100.net
Software
sffe /
Resource Hash
074a794bd9faee0e4c6feb0513cda87d54098e4695f6125c8dd552ae29c588f6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 18 Aug 2024 21:24:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5923
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"bdbebb2238371a7e"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 21:24:14 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.pGGAptgAK4s.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo-Cic-4VdRMZ7mFCYOA3wzpF7O-6g/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.pGGAptgAK4s.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo-Cic-4VdRMZ7mFCYOA3wzpF7O-6g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?onload=__iframefcb68519
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.46 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mnl08s03-in-f14.1e100.net
Software
sffe /
Resource Hash
c651f82dab98bf2bcf6b9d4511dc083854fe80026a746973781623da78ffb1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 17 Aug 2024 15:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36930
x-xss-protection
0
last-modified
Thu, 11 Jul 2024 18:55:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Aug 2025 15:57:31 GMT
iframe
truebot-148a2.firebaseapp.com/__/auth/ Frame 1D9B 		0
0
v1
asia-south1-truecaller-web.cloudfunctions.net/geoip/ 		61 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://asia-south1-truecaller-web.cloudfunctions.net/geoip/v1
Requested by
Host: staging.zipzip.ai
URL: https://staging.zipzip.ai/main.dart.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
bc2c2668211890faa0d2d9ccb32345faa5fd65bac6e5b08a75ff7441fa722e09
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://staging.zipzip.ai/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Sun, 18 Aug 2024 21:24:15 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
cross-origin-opener-policy
same-origin
etag
W/"3d-+CaRBLBusGmR+lA26uel2j0Bo+c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
x-cloud-trace-context
58fbbc0198a96e940b259d6180e4346c
cache-control
private
function-execution-id
mi9yvso7lxu9
v1
asia-south1-truecaller-web.cloudfunctions.net/geoip/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://asia-south1-truecaller-web.cloudfunctions.net/geoip/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://staging.zipzip.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 18 Aug 2024 21:24:15 GMT
function-execution-id
mi9yi4zpdt9l
origin-agent-cluster
?1
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
x-cloud-trace-context
166908947b1842c78c276cb34979f159
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
meta
22a01832.nip.io/v0/ 		0
0
meta
22a01832.nip.io/v0/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truebot-148a2.firebaseapp.com
URL
https://truebot-148a2.firebaseapp.com/__/auth/iframe?apiKey=AIzaSyDOiXj3d7KiUA4p-FSIA_u4zMbWj_UEPNM&appName=%5BDEFAULT%5D&v=9.18.0&eid=p&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.pGGAptgAK4s.O%2Fam%3DAAAg%2Fd%3D1%2Frs%3DAHpOoo-Cic-4VdRMZ7mFCYOA3wzpF7O-6g%2Fm%3D__features__
Domain
22a01832.nip.io
URL
https://22a01832.nip.io/v0/meta
Domain
22a01832.nip.io
URL
https://22a01832.nip.io/v0/meta

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| serviceWorkerVersion function| sendHeightChange function| sendWidthChange function| trueBotLoaded function| trueBotTrackCustomEvent object| _flutter object| __cfBeacon function| plausible function| _flutter_web_set_location_strategy function| CanvasKitInit object| flutterCanvasKit object| flutter_dropzone_web object| firebase_app_check object| firebase_core object| firebase_remote_config object| firebase_auth function| __iframefcb68519 object| gapi object| ___jsl object| _F_toggles object| osapi

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22a01832.nip.io
apis.google.com
asia-south1-truecaller-web.cloudfunctions.net
fonts.gstatic.com
plausible.io
staging.zipzip.ai
static.cloudflareinsights.com
truebot-148a2.firebaseapp.com
www.gstatic.com
22a01832.nip.io
truebot-148a2.firebaseapp.com
103.180.114.1
104.16.79.73
142.251.220.131
142.251.220.163
142.251.221.46
172.67.149.70
216.239.36.54
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
074a794bd9faee0e4c6feb0513cda87d54098e4695f6125c8dd552ae29c588f6
188ca1e6de76f50dd09d056f2b3e9af2edb8e76fb2ebe4e2952f00b5380aa588
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
320ce021881ec592f45a18be844f7d7e311eb1f09cd47da597b2293bc2764c8d
36e982e5547689d39881245052762524d943ce03e936fb414af0a5e803c6283a
5b858c5770943d7034feb9d441fd67883473eddf720b7351a021eba3a5b024ed
7395e877ff72322acc86fbe9114609637d449dc107db83768c4ef5cc8cdfa371
76c1e00652edfeb3ca9a71a3e114094f116ca137712734a631b3436cb3b3949a
7faebfc34fcf9aeed5ed14c8d859995da91d26ee4d515a5d5a632a14cc6b3d98
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
94f6f9097c0dcf20e846c14e1689dce3976229efc1f96c227e5423fff9932c9f
965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c
b706f51b33636a563d519b041919b521c54b58c62f12364a0c3f3cfcb92fd5a3
bc2c2668211890faa0d2d9ccb32345faa5fd65bac6e5b08a75ff7441fa722e09
c163375d22119ddb60045f34f2c838b42550a9e9ffccd52511e892b2e1bcba53
c651f82dab98bf2bcf6b9d4511dc083854fe80026a746973781623da78ffb1e8
cd7e03645bc44b2dd47b7cb626f51c4ecbf55a197ab77241628b47ac165fbe21
ce0824be13ed9e9be92b04c83e2adeaaf4dd377d3849401d85248064859f086a
d7cc15aee6a27dbf64ccc8dcb248cec69ca1132360d0eb495659c63d4dbf5260
df0d786c4f14065ba58f7a79a07efd76abed924a7a9fb50d743039cd95a01d1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0b8ef91615143d24f9f9b7909b320a1cc71d7bfb01e35ffbc8f78ff3815fb1e
f3866bcaa80e4383744a8384decb6129ed46da3795da3926443b4b5ffdc54755
ff8732af026a7acdb1c56c0d78660caa59f8acd3e50f3fdff9f47a90f2627486