Submitted URL: https://contato.fitasprogresso.com.br/
Effective URL: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Submission: On September 02 via automatic, source certstream-suspicious — Scanned from IT

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 104.18.17.109, located in and belongs to CLOUDFLARENET, US. The main domain is chat.blip.ai.
TLS certificate: Issued by WE1 on August 25th 2024. Valid for: 3 months.
This is the only time chat.blip.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 170.81.238.195 266429 (EES COMUN...)
10 104.18.17.109 13335 (CLOUDFLAR...)
1 142.250.181.234 15169 (GOOGLE)
1 152.199.19.161 15133 (EDGECAST)
13 4
Apex Domain
Subdomains
Transfer
10 blip.ai
chat.blip.ai
3 MB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 5485
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1009 B
1 fitasprogresso.com.br
contato.fitasprogresso.com.br
363 B
0 dynatrace.com Failed
js-cdn.dynatrace.com Failed
13 5
Domain Requested by
10 chat.blip.ai chat.blip.ai
1 az416426.vo.msecnd.net chat.blip.ai
1 fonts.googleapis.com chat.blip.ai
1 contato.fitasprogresso.com.br 1 redirects
0 js-cdn.dynatrace.com Failed chat.blip.ai
13 5

This site contains no links.

Subject Issuer Validity Valid
chat.blip.ai
WE1
2024-08-25 -
2024-11-23
3 months crt.sh
upload.video.google.com
WR2
2024-08-05 -
2024-10-28
3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2024-06-06 -
2025-06-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Frame ID: 6585B67748E7BD95F73CCF30A298EAA2
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

BLiP Chat

Page URL History Show full URLs

  1. https://contato.fitasprogresso.com.br/ HTTP 302
    https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYw... Page URL

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

2767 kB
Transfer

6999 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://contato.fitasprogresso.com.br/ HTTP 302
    https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
chat.blip.ai/
Redirect Chain
  • https://contato.fitasprogresso.com.br/
  • https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
781 B
3 KB
Document
General
Full URL
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d6ff1c6fdcfe664f56807157902368aa6d9daac790ff35eab0a5a9dd2e3f8b96
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bc9d8b4cd8dbae5-MXP
content-encoding
gzip
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
content-type
text/html
date
Mon, 02 Sep 2024 01:49:58 GMT
last-modified
Wed, 03 Jul 2024 14:36:22 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
ASP.NET

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 02 Sep 2024 01:49:57 GMT
Keep-Alive
timeout=5, max=100
Location
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
X-Powered-By
PHP/7.4.28
51a57ded5ceb58bf_complete.js
js-cdn.dynatrace.com/jstag/16898c892dc/bf88991hgd/
0
0

css
fonts.googleapis.com/
5 KB
1009 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito:400,600,700
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
d0e980bb283c68d019c94eaf820686ab2d446f21a95bc98a5db4018faf3dc573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://chat.blip.ai/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 02 Sep 2024 01:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 01 Sep 2024 23:50:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 02 Sep 2024 01:49:59 GMT
app.css
chat.blip.ai/static/css/
745 KB
103 KB
Stylesheet
General
Full URL
https://chat.blip.ai/static/css/app.css?v=6839381226d7bc6feecb5a6af634889b
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
46d1d43770db4373c5ec4e34411b0eb0229a1e7c61799afaa2f88a3265839d74
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
105498
last-modified
Wed, 03 Jul 2024 14:36:22 GMT
server
cloudflare
etag
"037dc5f56cdda1:0"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bc9d8bac95bbae5-MXP
expires
Mon, 02 Sep 2024 05:49:59 GMT
manifest.js
chat.blip.ai/static/js/
4 KB
5 KB
Script
General
Full URL
https://chat.blip.ai/static/js/manifest.js?v=b1e26fb2060326b281e9
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
34dc132e6d09f3281a5153bef76ed7cca4d86b7e895e801ff7f17aa1dc0894a6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
EXPIRED
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
3100
last-modified
Wed, 10 Jul 2024 01:25:08 GMT
server
cloudflare
etag
"88b6d068d2da1:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bc9d8bac95cbae5-MXP
expires
Mon, 02 Sep 2024 05:49:59 GMT
vendor.js
chat.blip.ai/static/js/
2 MB
890 KB
Script
General
Full URL
https://chat.blip.ai/static/js/vendor.js?v=3c09e936147605511177
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
49fdcf8ea916484eea04aee921d470923b173915b094d1a43f5f70a58d06f5d1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
EXPIRED
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jul 2024 01:25:08 GMT
server
cloudflare
etag
"7b3978068d2da1:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
8bc9d8bac95dbae5-MXP
expires
Mon, 02 Sep 2024 05:49:59 GMT
app.js
chat.blip.ai/static/js/
250 KB
69 KB
Script
General
Full URL
https://chat.blip.ai/static/js/app.js?v=6dfe85c80d76989d8a3d
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f72ca1c4388bb900635596d37c125fd2cdba7602423e54eef2e1d05547a00359
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jul 2024 01:25:08 GMT
server
cloudflare
etag
"c8ee6c068d2da1:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
8bc9d8bac95fbae5-MXP
expires
Mon, 02 Sep 2024 05:49:59 GMT
settings.json
chat.blip.ai/static/
1 KB
1 KB
XHR
General
Full URL
https://chat.blip.ai/static/settings.json
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/static/js/app.js?v=6dfe85c80d76989d8a3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
baee12aec9d644323f292d215a4bf05ae5bb245ead34755f61342fa0c512faa6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
876
last-modified
Wed, 10 Jul 2024 01:25:09 GMT
server
cloudflare
etag
"9d35b3068d2da1:0"
vary
Accept-Encoding
content-type
application/json
accept-ranges
bytes
cf-ray
8bc9d8c1ded7bae5-MXP
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e2f41dc48a96efe60a0b7319a3c5408e889d3b413281567972601e378224e8b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a30865f88377fd6ac75b1d764bd48377cc80085122da56b2cce26ff78adbd80f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
784 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59a3e8651f414cc928ac861623c5bffba04fa83434111a0ef5a50f5bad7a823c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
808 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0263a12443974013519966ea6b164900c12cc831dda9d79d26f379d5dd78fa8f

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
723 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e18fe2b2c39caac7e61989cd3c08860b29956e49eec34d41430cc6c88b02d7e5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
740 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5bc4c084b53534fc95bc6b471fd6c1e4001955a7dedacfbf1e5eb8f6fe6bb65

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
745 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9f44d8bfa28f3d300a4f52e3cd13205826bf50a19ef8f263e827a233a47cf5b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5361fedcb4bcb90f3842b6584588cfd207f4a2f0a12081c2c82bd7b668383072

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
45.js
chat.blip.ai/static/js/
6 KB
3 KB
Script
General
Full URL
https://chat.blip.ai/static/js/45.js?v=a99b42e6cc140d64bece
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/static/js/manifest.js?v=b1e26fb2060326b281e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b60733861580710b2bba02f4e89701430a6c2010e3b23148c82b449adbc6f356
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2991
last-modified
Wed, 10 Jul 2024 01:25:08 GMT
server
cloudflare
etag
"d21718068d2da1:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bc9d8c43848bae5-MXP
expires
Mon, 02 Sep 2024 05:50:00 GMT
57.js
chat.blip.ai/static/js/
3 MB
2 MB
Script
General
Full URL
https://chat.blip.ai/static/js/57.js?v=b819969733017ae1906f
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/static/js/manifest.js?v=b1e26fb2060326b281e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b5b505a7863c2f4de0ab495f40fd278e580821ad1ed26c10cfbbe58caac52d29
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:50:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 10 Jul 2024 01:25:08 GMT
server
cloudflare
etag
"91d325068d2da1:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
8bc9d8c43849bae5-MXP
expires
Mon, 02 Sep 2024 05:50:00 GMT
58.js
chat.blip.ai/static/js/
44 KB
8 KB
Script
General
Full URL
https://chat.blip.ai/static/js/58.js?v=3b61a1a759dc49f645b1
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/static/js/manifest.js?v=b1e26fb2060326b281e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
623ab9ac533078fedea874c2f315b0865c48510a762db4fc4f5bae076eaa1c93
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
7678
last-modified
Wed, 10 Jul 2024 01:25:08 GMT
server
cloudflare
etag
"d69626068d2da1:0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8bc9d8c4384abae5-MXP
expires
Mon, 02 Sep 2024 05:50:01 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: chat.blip.ai
URL: https://chat.blip.ai/static/js/vendor.js?v=3c09e936147605511177
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C34) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://chat.blip.ai/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 02 Sep 2024 01:50:00 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
347
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (mil/6C34)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2c9ba2be-b01e-00fa-23d9-fccf07000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 02 Sep 2024 02:20:00 GMT
favicon.ico
chat.blip.ai/
103 B
189 B
Other
General
Full URL
https://chat.blip.ai/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.109 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 01:50:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
cf-cache-status
EXPIRED
server
cloudflare
content-encoding
gzip
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html
cache-control
public, max-age=14400
cf-ray
8bc9d8ca9c7cbae5-MXP
alt-svc
h3=":443"; ma=86400
expires
Mon, 02 Sep 2024 05:50:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js-cdn.dynatrace.com
URL
https://js-cdn.dynatrace.com/jstag/16898c892dc/bf88991hgd/51a57ded5ceb58bf_complete.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| SimpleScrollbar function| _ function| P object| appInsights function| Lame function| Presets function| GainAnalysis function| QuantizePVT function| Quantize function| Takehiro function| Reservoir function| MPEGMode function| BitStream object| AI object| Microsoft function| __extends function| _endsWith

4 Cookies

Domain/Path Name / Value
.chat.blip.ai/ Name: ARRAffinity
Value: 6697c4dafc38bd7f8805926a5ce7a2326c15454d46e063818e883935545f0d7d
.chat.blip.ai/ Name: ARRAffinitySameSite
Value: 6697c4dafc38bd7f8805926a5ce7a2326c15454d46e063818e883935545f0d7d
.blip.ai/ Name: __cf_bm
Value: .l1WdNBfzqXTj0PZPrNHjIVUd37bjy3om0cTf7YtIZw-1725241798-1.0.1.1-43IUByYfwnVHD2e9K5hpsQ04SfckVUYWvPJznySpGV4lWmhq9ObPeqnThqPusnObmbDrHPqZCEWAaLKz0y3YcA
chat.blip.ai/ Name: ai_user
Value: DsTgs|2024-09-02T01:50:00.948Z

6 Console Messages

Source Level URL
Text
security error URL: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
javascript error URL: https://chat.blip.ai/?appKey=Y2FjYXVzaG93Y29udmVuY2FvOmI3ZWIxODM3LTA2OGItNDg2NC04MmFkLTljMjM3ZjYwMGExYw==
Message:
Access to script at 'https://js-cdn.dynatrace.com/jstag/16898c892dc/bf88991hgd/51a57ded5ceb58bf_complete.js' from origin 'https://chat.blip.ai' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://js-cdn.dynatrace.com/jstag/16898c892dc/bf88991hgd/51a57ded5ceb58bf_complete.js
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://chat.blip.ai/static/js/vendor.js?v=3c09e936147605511177(Line 56)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://chat.blip.ai/static/js/vendor.js?v=3c09e936147605511177(Line 56)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
network error URL: https://chat.blip.ai/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; form-action 'self'; script-src 'report-sample' 'self' https://az416426.vo.msecnd.net/scripts/a/ai.0.js https://js-cdn.dynatrace.com/jstag/ https://unpkg.com/ https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js 'unsafe-inline' 'unsafe-eval'; style-src 'report-sample' 'self' https://fonts.googleapis.com https://unpkg.com 'unsafe-inline'; object-src 'none'; base-uri 'self'; connect-src 'self' https://*.msging.net https://dc.services.visualstudio.com wss://*.0mn.io https://*.0mn.io https://parsemetadata.azurewebsites.net https://*.dynatrace.com; font-src 'self' https://fonts.gstatic.com https://portalmfe.blip.ai; frame-src 'self' https: data:; child-src 'self'; img-src 'self' https: data: blob:; manifest-src 'self'; media-src 'self' https: data: blob:; report-uri https://613f9a97fa09349eaa6f0241.endpoint.csper.io/; worker-src 'none'; frame-ancestors *; upgrade-insecure-requests; prefetch-src 'self';
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
chat.blip.ai
contato.fitasprogresso.com.br
fonts.googleapis.com
js-cdn.dynatrace.com
js-cdn.dynatrace.com
104.18.17.109
142.250.181.234
152.199.19.161
170.81.238.195
0263a12443974013519966ea6b164900c12cc831dda9d79d26f379d5dd78fa8f
2e2f41dc48a96efe60a0b7319a3c5408e889d3b413281567972601e378224e8b
34dc132e6d09f3281a5153bef76ed7cca4d86b7e895e801ff7f17aa1dc0894a6
46d1d43770db4373c5ec4e34411b0eb0229a1e7c61799afaa2f88a3265839d74
49fdcf8ea916484eea04aee921d470923b173915b094d1a43f5f70a58d06f5d1
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5361fedcb4bcb90f3842b6584588cfd207f4a2f0a12081c2c82bd7b668383072
59a3e8651f414cc928ac861623c5bffba04fa83434111a0ef5a50f5bad7a823c
623ab9ac533078fedea874c2f315b0865c48510a762db4fc4f5bae076eaa1c93
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1
a30865f88377fd6ac75b1d764bd48377cc80085122da56b2cce26ff78adbd80f
b5b505a7863c2f4de0ab495f40fd278e580821ad1ed26c10cfbbe58caac52d29
b5bc4c084b53534fc95bc6b471fd6c1e4001955a7dedacfbf1e5eb8f6fe6bb65
b60733861580710b2bba02f4e89701430a6c2010e3b23148c82b449adbc6f356
baee12aec9d644323f292d215a4bf05ae5bb245ead34755f61342fa0c512faa6
d0e980bb283c68d019c94eaf820686ab2d446f21a95bc98a5db4018faf3dc573
d6ff1c6fdcfe664f56807157902368aa6d9daac790ff35eab0a5a9dd2e3f8b96
d9f44d8bfa28f3d300a4f52e3cd13205826bf50a19ef8f263e827a233a47cf5b
e18fe2b2c39caac7e61989cd3c08860b29956e49eec34d41430cc6c88b02d7e5
f72ca1c4388bb900635596d37c125fd2cdba7602423e54eef2e1d05547a00359