bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com Open in urlscan Pro
2606:4700::6811:600d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html
Effective URL:
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Submission: On May 08 via automatic, source openphish (May 8th 2024, 1:19:42 pm UTC) — Scanned from DE

Summary HTTP 50 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2606:4700::6811:600d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com.
TLS certificate: Issued by E1 on March 16th 2024. Valid for: 3 months.

This is the only time bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700::68... 2606:4700::6811:600d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	54.83.64.233 54.83.64.233	14618 (AMAZON-AES) (AMAZON-AES)
3	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	104.19.175.188 104.19.175.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
3	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
2	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
50	12

3 2606:4700::6811:600d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cf-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 54.83.64.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-64-233.compute-1.amazonaws.com

grateful-summer-afterthought.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.175.188 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	glitch.me grateful-summer-afterthought.glitch.me	2 MB
5	gstatic.com www.gstatic.com fonts.gstatic.com	345 KB
5	liveperson.net va.v.liveperson.net — Cisco Umbrella Rank: 4263 lptag.liveperson.net — Cisco Umbrella Rank: 3903	133 KB
4	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3782 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4020	19 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	916 B
3	cf-ipfs.com 1 redirects cf-ipfs.com bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com	7 KB
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4333 perf.hsforms.com — Cisco Umbrella Rank: 13925	4 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
0	metamask.io Failed metamask.io Failed
50	9

	Domain	Requested by
21	grateful-summer-afterthought.glitch.me	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com grateful-summer-afterthought.glitch.me
3	www.google.com	grateful-summer-afterthought.glitch.me www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com
3	va.v.liveperson.net	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com lptag.liveperson.net
2	lpcdn.lpsnmedia.net	lptag.liveperson.net
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	lptag.liveperson.net	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
2	www.gstatic.com	grateful-summer-afterthought.glitch.me www.google.com
2	fonts.googleapis.com	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com grateful-summer-afterthought.glitch.me
2	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
1	perf.hsforms.com	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
1	forms.hsforms.com	grateful-summer-afterthought.glitch.me
1	cf-ipfs.com	1 redirects
0	metamask.io Failed
50	14

This site contains links to these domains. Also see Links.

Domain
metamask.io
metamask.zendesk.com
community.metamask.io
consensys.net
medium.com
docs.metamask.io
metamask.github.io
github.com
gitcoin.co
shop.spreadshirt.com
twitter.com

Subject Issuer	Validity	Valid
cf-ipfs.com E1	`2024-03-16` - `2024-06-14`	3 months	crt.sh
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Frame ID: D2ADB71F99A859BF06725934394E5C6E
Requests: 44 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource.html
Frame ID: 06E6E2BA5F93A31411559173690FA96C
Requests: 1 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/anchor.html
Frame ID: 8B0D54CF4AD2C6ECC3196136BC98F910
Requests: 1 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Frame ID: DBFF6280C2AFDAFFA1F42B1A13310CFF
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.26.0.0-release_5111/storage.secure.min.html?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com&site=88982875&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 2461C40FE402E98998FE09F5406511F8
Requests: 1 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/bframe.html
Frame ID: 7DA712C18EFB498ADFAE64231AB64B69
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&badge=inline&cb=b5ksdvz8wnxf
Frame ID: DF2096E3ABB8B868649E1CFA3564C24D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: D457CF04D874C1FAA0A24E1DDF402504
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MetaMask - A crypto wallet & gateway to blockchain apps

Page URL History Show full URLs

http://cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html HTTP 307
https://cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html HTTP 301
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

88 %
HTTPS

36 %
IPv6

9
Domains

14
Subdomains

12
IPs

3
Countries

2359 kB
Transfer

2948 kB
Size

6
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://metamask.io/index.html

Search URL Search Domain Scan URL

URL: https://metamask.io/swaps.html
Title: Swaps

Search URL Search Domain Scan URL

URL: https://metamask.io/1559.html
Title: EIP-1559

Search URL Search Domain Scan URL

URL: https://metamask.io/faqs.html
Title: FAQs

Search URL Search Domain Scan URL

URL: https://metamask.zendesk.com/hc/en-us
Title: Get Support

Search URL Search Domain Scan URL

URL: https://community.metamask.io/
Title: Community

Search URL Search Domain Scan URL

URL: https://metamask.io/about.html
Title: Team

Search URL Search Domain Scan URL

URL: https://consensys.net/open-roles/?discipline=32543
Title: Careers

Search URL Search Domain Scan URL

URL: https://medium.com/metamask
Title: Blog

Search URL Search Domain Scan URL

URL: https://docs.metamask.io/guide/
Title: Developers

Search URL Search Domain Scan URL

URL: https://metamask.io/institutions.html
Title: Institutions

Search URL Search Domain Scan URL

URL: https://metamask.io/download.html
Title: Download

Search URL Search Domain Scan URL

URL: https://consensys.net/privacy-policy/
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://consensys.net/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://metamask.io/cla.html
Title: Contributor License Agreement

Search URL Search Domain Scan URL

URL: https://metamask.io/sitemap.html
Title: Site Map

Search URL Search Domain Scan URL

URL: https://metamask.github.io/metamask-docs/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://github.com/MetaMask/metamask-extension
Title: GitHub

Search URL Search Domain Scan URL

URL: https://gitcoin.co/metamask/
Title: Gitcoin

Search URL Search Domain Scan URL

URL: https://shop.spreadshirt.com/metamask/
Title: Swag Shop

Search URL Search Domain Scan URL

URL: https://metamask.zendesk.com/hc/en-us/requests/new?ticket_form_id=360001539191
Title: Press & Partnerships

Search URL Search Domain Scan URL

URL: https://twitter.com/metamask
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html HTTP 307
https://cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html HTTP 301
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request secure.html Show response
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Redirect Chain

http://cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html
https://cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

21 KB
6 KB

318ms
193ms

Document
text/html

2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8508c8a9cb51d906d5b92ca25dd9daace42415b05d4f14bf6b07928531b3d9fa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
age: 48622
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: HIT
cf-ray: 8809be111a409be0-FRA
content-encoding: br
content-type: text/html
date: Wed, 08 May 2024 13:19:37 GMT
etag: W/"bafkreiefbdekts2r3ednlojmujo5twvm4qsblmc5j4kl62yhskctdm6z7i"
server: cloudflare
vary: Accept-Encoding
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/secure.html
x-ipfs-roots: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla,bafkreiefbdekts2r3ednlojmujo5twvm4qsblmc5j4kl62yhskctdm6z7i

Redirect headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
age: 43993
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
cf-ray: 8809be0fe9ea9752-FRA
content-length: 131
content-type: text/html; charset=utf-8
date: Wed, 08 May 2024 13:19:37 GMT
location: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
server: cloudflare
vary: Accept-Encoding
x-cf-ipfs-cache-status: hit

GET
H2 200 normalize.css
grateful-summer-afterthought.glitch.me/ 8 KB
8 KB 698ms
500ms Stylesheet
text/css 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/normalize.css
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
x-amz-version-id: 8FygmLAq835jdMdey8BAwnOxwypqybk1
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: 7F33T2GFE62YGZR9
etag: "4951cc88307c632cf285d3ba988ab283"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 7772
x-amz-id-2: 50Di//Oj8DvPeYz+VKVh9Uc5WDQoSYRAhTYw8ChvOWJn89i3bCZH0DR9hS47M+CO1dVoXzOQ4yk=

GET
H2 200 webflow.css
grateful-summer-afterthought.glitch.me/ 38 KB
39 KB 698ms
499ms Stylesheet
text/css 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/webflow.css
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
x-amz-version-id: VpGosWU.ymaRj4rI8WAdhxXxK8NkYodE
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: 7F31PC6FFFW3ZAEB
etag: "13fc860cb6eddbf469d986e1a6b6480b"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 39109
x-amz-id-2: xBOT2Y2NtNJTc4v7s8vqSG6b+2f/dlvM/T3iH8DI0uIuArfD04W9OZJfipJi+j4PHUTd0RzQeH0=

GET
H2 200 metamask-staging-2.webflow.css
grateful-summer-afterthought.glitch.me/ 139 KB
139 KB 519ms
321ms Stylesheet
text/css 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c9d35e1cd1c788900451f6b5011bfb3068bd65afcaca9a3469aa570a863ec074

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
x-amz-version-id: FGJzfWljwWKudZkkQden2BkVXb6GeUAd
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: 7F37YTFV971K2HT1
etag: "1aed8830738b6a1e846ca6af968e7917"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 142039
x-amz-id-2: /AFmgtesh/iZd6zWMqUD+UM0q90iGLitoYkljvas+firu+w7ImBlm1b2Vut7cz5w+B/0FgokitpG2K8Dgz9eAYKXeNJi7KNgezV5NNvgW8s=

GET
H2 404 plx.chock.js
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/ 0
0 198ms
197ms Script
text/plain 2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/plx.chock.js

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-cf-ipfs-cache-status: miss
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control: no-store
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/meta/plx.chock.js
cf-ray: 8809be125bed9be0-FRA
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With

GET recaptcha__nl.js.download
grateful-summer-afterthought.glitch.me/ 0
0

GET
H2 200 analytics.js.download Show response
grateful-summer-afterthought.glitch.me/ 49 KB
49 KB 168ms
167ms Script
application/octet-stream 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/analytics.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
x-amz-version-id: i5vwO7SfqQRsu0dnc00kKvyxdahod4U8
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: XVPVQHB42DQ30FB1
etag: "fda30e8a22c9bcd954fd8d0fadd0e77c"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 50230
x-amz-id-2: RJqzRiRSGuVNirc5lrjDWbUW72Ky2dDX5xpHXlbVmF37N3SwuIv4OaZ2B2QxkeK4CQaH9+EiIJs=

GET
H2 200 webfont.js.download Show response
grateful-summer-afterthought.glitch.me/ 13 KB
13 KB 697ms
499ms Script
application/octet-stream 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/webfont.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
x-amz-version-id: _cr5b3QEbFXqNrMy7nPsc7GUdyzA11jK
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: 7F32S736PZDNHAAD
etag: "7c96a5f11d9741541d5e3c42ff6380d7"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 13188
x-amz-id-2: lWoiBFrZmnxCMSStgYuiKVfbDVBghivTwAICYjrp6n6M6TOBrSJn0N0hEU7uNK1y4LZl58cYHHs=

GET
H2 404 css
grateful-summer-afterthought.glitch.me/ 0
0 426ms
228ms Stylesheet
text/html 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/css
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 js
grateful-summer-afterthought.glitch.me/ 0
0 169ms
168ms Script
text/html 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/js
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 200 tag.js.download Show response
grateful-summer-afterthought.glitch.me/ 21 KB
22 KB 697ms
500ms Script
application/octet-stream 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/tag.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
x-amz-version-id: TUU0ZjXoyzGQtWVuxcfDzv8bYgA4uR3p
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: 7F38VA6RJJ98W35W
etag: "e2ee8a9cd68c3d310a4c62fdb4b5c93a"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 21652
x-amz-id-2: CuIevW67kI+9E7oi/+qPBwr+Gs7mdyiMKd6USIQTylGlZyybSGBxLfpd/8tP1ZVAl2zoj6ZfTn8=

GET
H2 200 enterprise.js.download Show response
grateful-summer-afterthought.glitch.me/ 1008 B
1 KB 441ms
244ms Script
application/octet-stream 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/enterprise.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
x-amz-version-id: ObiUJ2noAKZGuRj8wbfBsazSx7RTllc4
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: 7F3FD6VEM4JDBM7P
etag: "d07e7630bc23cbdd7520d0a4f086c922"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 1008
x-amz-id-2: Yt+L9F/X+LNhBKblyjjbBlNmN0iMQEtENXVmDWxeK09xJwq98v1ObjTFglTz1CzhgGnAsYt85pU=

GET
H2 404 jsonp
grateful-summer-afterthought.glitch.me/ 0
0 428ms
231ms Script
text/html 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/jsonp
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 200 88982875 Show response
va.v.liveperson.net/api/js/ 111 B
899 B 544ms
230ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/88982875?sid=oH2Qhzs8QzCWPk58eMieCA&cb=lpCb50195x86975&t=ip&ts=1639498872221&pid=8378416840&tid=120975428&vid=E1ZmVlMDY2Mjk2ZDhiZDg5

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

beeac2532ab7e7ed250c25fcab390c8114a5f010bce47f8a0c39da47bcef5b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 46ms
25ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 May 2024 13:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 May 2024 13:19:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 May 2024 13:19:37 GMT

GET
H2 200 mm-logo.svg
grateful-summer-afterthought.glitch.me/ 12 KB
12 KB 498ms
498ms Image
image/svg+xml 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grateful-summer-afterthought.glitch.me/mm-logo.svg
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
x-amz-version-id: P_EpZSaqEQzUZNxOiWe0aXD1oaAcWPY_
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: 7F35ZVAPVA6Y2FM3
etag: "51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 12019
x-amz-id-2: Efme3oq6y0ywSOhnyY+s2Xm8vEEc6iLjehBbaDgByzew45nAmGlKnc13h1z8xJlpZ36JH9k0Vso=

GET
H2 200 v2.js.download Show response
grateful-summer-afterthought.glitch.me/ 565 KB
566 KB 498ms
498ms Script
application/octet-stream 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/v2.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:37 GMT
x-amz-version-id: mv_qM5YGXp6zrYYaoQ4hh8TUYIH1XC8u
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: 7F3D8RMC7RP7B3KG
etag: "d3b2366c9977c975fc6abdc6a119c361"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 578833
x-amz-id-2: s90hJtnaJtZzOQUaYC5lUQfLgSb2rgbRCm9TkUIU/o/q6kPTi4wRIj05VIrM4NV7bNzn+UKmRXc=

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js.download Show response
grateful-summer-afterthought.glitch.me/ 87 KB
88 KB 380ms
194ms Script
application/octet-stream 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
x-amz-version-id: cqsq1AvkEyGRMHvfFyD0.1CsHB3UsEn5
x-amz-request-id: XVPTX01Y6F48RKQ6
x-amz-server-side-encryption: AES256
content-length: 89476
x-amz-id-2: HQ0RY8CVL1/+HAXjO9SnCVOfxYFiAczRG2qznrTTCwa03WBiJRFs246gDQjakom3DBgX882yt3Q0uoVD7Wiy7uUCvTK7XvZe+Lpslhqx2D4=
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 webflow.js.download Show response
grateful-summer-afterthought.glitch.me/ 587 KB
588 KB 182ms
180ms Script
application/octet-stream 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/webflow.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
x-amz-version-id: UTKlo1hGdz_dUFIcS8sBNnGKYs0tphfn
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: XVPZ2ZWNSBPACEZA
etag: "9758f7e3aa0c79ea7a3cadb16d10087b"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 601104
x-amz-id-2: IzEI+dTvONuO4b8FZ8SxmN586Aj8c7GENas8G070/hJGUCP01o2HIMCgzo+eoFGsDjuJfq2OyJo=

GET
H2 200 storage.secure.min.js.download Show response
grateful-summer-afterthought.glitch.me/ 38 KB
38 KB 171ms
169ms Script
application/octet-stream 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/storage.secure.min.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
x-amz-version-id: KKigjc5ZmRWSj0hXBKP.I9_HXfZqFSQg
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: XVPW2SHACRZ2NSJJ
etag: "3386ec5559f1ba569cf0ab6acab436cc"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 38562
x-amz-id-2: NnE71/pO0pkpx2VXR5IeWMYCv2yeaMi6LMKec+UM0S+OVQHlfEITAInfStuoEC5KFaU9OFj33GH/KuA4r7x+MdN6XjIBEdwe

GET
H2 200 css
fonts.googleapis.com/ 800 B
436 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/webfont.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07b491de9a3a3e3afc18a20ae2c8be5c9b97557423eaca620d11e03103f766bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 08 May 2024 13:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 May 2024 13:12:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 May 2024 13:19:38 GMT

GET
H2 404 recaptcha__nl.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ 0
0 47ms
25ms Script
text/html 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/enterprise.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1621
x-xss-protection: 0

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 137ms
47ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=88982875

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 18:56:18 GMT
server: ws
etag: "65414dd2-24b8"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9400

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/ 336 KB
120 KB 157ms
67ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

40f4ba1197f102768a15df0abe6b7cde59328c42f1f4a659ea8ab78245d6ce4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 Institutional-Illustration.png
grateful-summer-afterthought.glitch.me/ 283 KB
284 KB 240ms
239ms Image
image/png 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grateful-summer-afterthought.glitch.me/Institutional-Illustration.png
Requested by: Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
x-amz-version-id: UfDGkR8iDzjvs7JJ3Nzvn8562I3SrIZi
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: XVPQRWTC0310ZRC3
etag: "85607339bb7e3cc70e1b7568ed4d29b2"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 289564
x-amz-id-2: rOxfKqM4Dxz/XQEa2EcuwbaiZbj5AGNg6egDoYAb0qOJAlNpw/mDq1yb4I7HxffgWFnmDVADq5U=

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET EuclidCircularB-Regular-WebXL.woff2
grateful-summer-afterthought.glitch.me/ 0
0

GET EuclidCircularB-Bold-WebXL.woff2
grateful-summer-afterthought.glitch.me/ 0
0

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:46:06 GMT
x-content-type-options: nosniff
age: 106412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:46:06 GMT

GET
H2 200 xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v20/ 8 KB
8 KB 39ms
18ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:04:10 GMT
x-content-type-options: nosniff
age: 105328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:10:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 08:04:10 GMT

GET
H2 200 xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
fonts.gstatic.com/s/changaone/v20/ 8 KB
8 KB 37ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 08:13:54 GMT
x-content-type-options: nosniff
age: 104744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8404
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:56:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 08:13:54 GMT

GET
H3 200 2b64112b-f442-4840-9ace-b11dccd5f744 Show response
forms.hsforms.com/embed/v3/form/4795067/ 6 KB
3 KB 146ms
132ms Script
application/javascript 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/v2.js.download

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

558a3f192057a0159eb79e1ca2396f982eb7036b317ceb45c72575a60c158b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Wed, 08 May 2024 13:19:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 218419b5-b70e-425b-9a8b-21fea6f56714
x-envoy-upstream-service-time: 17
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 218419b5-b70e-425b-9a8b-21fea6f56714
server: cloudflare
vary: origin
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fl6gb
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8809be18bb609049-FRA

GET
H2 200 saved_resource.html
grateful-summer-afterthought.glitch.me/ Frame 06E6 0
0 494ms
312ms Document
text/html 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/saved_resource.html
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 56613
content-type: text/html; charset=utf-8
date: Wed, 08 May 2024 13:19:38 GMT
etag: "ec0bcfe99f4f2e8174bd36b54b04ed25"
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-id-2: 1CJgxDaV8qPKLMmV0nPzRJ0ftb2yGVXTuzCqvnZ2F3GwuCc03/54ns0BaBfPIzL8aPkGfxFz3dYC46cSPLmUK2YySh35I7W1
x-amz-request-id: XVPMH18TJA07R04Q
x-amz-server-side-encryption: AES256
x-amz-version-id: YaHcRlML9P83ib0UbAtTKFjHsR3Q5ixM

GET
H2 200 anchor.html
grateful-summer-afterthought.glitch.me/ Frame 8B0D 0
0 403ms
221ms Document
text/html 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/anchor.html
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 43290
content-type: text/html; charset=utf-8
date: Wed, 08 May 2024 13:19:38 GMT
etag: "194b5744abd15c4045d5be0aae957e8f"
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-id-2: h6t8RSW7JmL+Vncr/BaDmPvqh/9hZcx1pikuaCBxyaUJPLQRKJIMSIWNcAl9dt4gutqR5Mn/BZY=
x-amz-request-id: XVPR02BW8W71FEWS
x-amz-server-side-encryption: AES256
x-amz-version-id: dxDuxkvYFAyiPsUXbU8OIvYqNOYLn5rY

GET
H2 200 saved_resource(1).html
grateful-summer-afterthought.glitch.me/ Frame DBFF 0
0 529ms
355ms Document
text/html 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 55268
content-type: text/html; charset=utf-8
date: Wed, 08 May 2024 13:19:38 GMT
etag: "b00c3321ca08b705efe2acd1364bacae"
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-id-2: vOC2EEWZSe9QkIILVVZyx0HTkkRmGhix/CqfbkKduSMiax6A5q/IguFIm3cWZ6m1hz7ecMePeCs=
x-amz-request-id: XVPPWK987ZM11KXK
x-amz-server-side-encryption: AES256
x-amz-version-id: j12ibLCu3YjUNlHqYChHU4P7T0mb6npu

GET
H2 200 mm-logo.svg
grateful-summer-afterthought.glitch.me/ 12 KB
273 B 136ms
135ms Image
image/svg+xml 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grateful-summer-afterthought.glitch.me/mm-logo.svg
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
x-amz-version-id: P_EpZSaqEQzUZNxOiWe0aXD1oaAcWPY_
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: XVPKG2RFX0DSGHKF
etag: "51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 12019
x-amz-id-2: tJiQifnWZtXUijVHAFRk1OImirFiJaZj1hR2e8TLzbgxyyMR6QKymWtTW6r2HtXVwysIUK8XRto=

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/ 7 KB
2 KB 131ms
40ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

af0e0472c79c18e67f9764a9a4e3b035728e07673f07297d920ce7d9ab5df3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 08 May 2024 13:20:33 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/ 3 KB
1 KB 108ms
20ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

46be517e858e52d7651cef74de14735d6199521e1f78bb70326eece3768f3e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 08 May 2024 13:20:33 GMT

GET EuclidCircularB-Regular-WebXL.woff
grateful-summer-afterthought.glitch.me/ 0
0

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
916 B 43ms
18ms Script
text/javascript 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/v2.js.download

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

c46cd3521a4be5383eadfa07a8ef58cbe58b00cd290ee6e38800d8bab6990c90

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 08 May 2024 13:19:38 GMT

GET EuclidCircularB-Bold-WebXL.woff
grateful-summer-afterthought.glitch.me/ 0
0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 509 KB
203 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 08:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207268
x-xss-protection: 0
last-modified: Mon, 22 Apr 2024 21:03:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 May 2025 08:43:21 GMT

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.26.0.0-release_5111/ Frame 2461 0
0 96ms
9ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.26.0.0-release_5111/storage.secure.min.html?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com&site=88982875&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 214971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 15866
content-type: text/html
date: Mon, 06 May 2024 01:36:47 GMT
etag: W/"585e590c5fdfc51b6a8cf9618bca020b"
last-modified: Fri, 23 Feb 2024 02:32:10 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1708655530429160
x-goog-hash: crc32c=xoBUww== md5=WF5ZDF/fxRtqjPlhi8oCCw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 47117
x-guploader-uploadid: ABPtcPpQB2eJEqdHP7HiDch2okjNhZsyRhxG-s4ZlpQrq1kn1g4Gh8tvrzXZ5qd8f1tE987chgnnlGFWXQ

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.26.0.0-release_5111/ 42 KB
15 KB 107ms
18ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.26.0.0-release_5111/storage.secure.min.js?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com&site=88982875&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1a7331ffda1e8609ff3a28975ed92c6be84407d2f92df315d4f56892bedfd267

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:33:27 GMT
content-encoding: br
age: 711971
x-guploader-uploadid: ABPtcPqLU3_OWMPH11i-D68OtIZkqZ2TeBzlMcYwoCGvxb6Yfj2boGhlJoWOPEFoQ8he0esE87_emA_5Ag
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14728
last-modified: Fri, 23 Feb 2024 02:32:10 GMT
server: UploadServer
etag: W/"0b1822a9670f05b1888b2968d5858445"
vary: Accept-Encoding
x-goog-generation: 1708655530415139
x-goog-hash: crc32c=Y9SiOw==, md5=CxgiqWcPBbGIiylo1YWERQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 43356
accept-ranges: none
content-type: application/javascript

GET
H2 200 bframe.html
grateful-summer-afterthought.glitch.me/ Frame 7DA7 0
0 189ms
188ms Document
text/html 54.83.64.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/bframe.html
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.64.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-64-233.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 11399
content-type: text/html; charset=utf-8
date: Wed, 08 May 2024 13:19:38 GMT
etag: "161c81930eb1b582be7559429dd87816"
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-id-2: EB/BkDLYB5I1YBhIzMA24YF8kCMkK6dV1RrQjLLU0LssxAwPjtDZtquf24CgJWuTbcTSjIbK3r+UssopsyrQ0HLDfCvdhRYU
x-amz-request-id: XVPREXEN374XEP87
x-amz-server-side-encryption: AES256
x-amz-version-id: H6FRTwhTvUDOKh5FazE27_3A5CXCGAfK

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame DF20 0
0 47ms
34ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&badge=inline&cb=b5ksdvz8wnxf

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gDLack8sr3YhozxQ7AV3Vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gDLack8sr3YhozxQ7AV3Vw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 13:19:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
578 B 132ms
131ms Image
image/gif 104.19.175.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 39e2b97d-34bc-4f0c-9ce3-570ac5386c83
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 39e2b97d-34bc-4f0c-9ce3-570ac5386c83
last-modified: Wed, 08 May 2024 13:19:38 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-69vgt
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8809be1b4e919049-FRA

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame D457 0
0 21ms
21ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=V6_85qpc2Xf2sbe3xTnRte7m&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xg-0-zUsIg5Z41P7esw9vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xg-0-zUsIg5Z41P7esw9vA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 13:19:39 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET favicon.png
metamask.io/images/ 0
0

GET
H2 200 88982875 Show response
va.v.liveperson.net/api/js/ 236 B
1 KB 98ms
98ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/88982875?&cb=lpCb27606x48012&t=sp&ts=1715174379684&pid=2720826282&tid=4701322852&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com%2Fsecure.html&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

ba1629943153269e344ee7fbe79c6ac1f08c366cb9094fa767514939975f7f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 88982875 Show response
va.v.liveperson.net/api/js/ 111 B
900 B 94ms
94ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/88982875?sid=_WrsJMF7QNKyeTkX4Jp-KA&cb=lpCb97260x16872&t=pl&ts=1715174379689&pid=2720826282&tid=4701322852&vid=NmMDM1YzNkODVkNzI4NDA4

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

8abb9dfe0eac5c08817fdce3271f2f61c32e92f6695a61aeed1ead320a3cfdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 13:19:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff

Domain: metamask.io
URL: https://metamask.io/images/favicon.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 00:45:26	Name: _GRECAPTCHA Value: 09AKDSkeb9HR31mMmcwRrG1R9u2m99RThoevPgjJbIGBMfy3Gf_WCn2dpdQvmFtm7iwLGNaD-k5LGQOY0B3wkZa7A
cf-ipfs.com/	1970-01-20 20:26:16	Name: __cf_bm Value: 9MxQQDHXWDbL5fBhgVZRb3Osiw9iIbpVa_hkTHoe4.E-1715174377-1.0.1.1-DNlqgWbjwjllEogNcsEXB_lS3118pJ1qvIsLcIQ0Z1STMToFG5jZGAz79ZsxXN9C3oIX2zc2YgA63Y5CH9jeYg
.bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/	1970-01-20 20:26:16	Name: __cf_bm Value: geKQ1znZYX0IMlQ..J6OuZhMU8S2NsHpxtqvqPorcrk-1715174377-1.0.1.1-rZ6WGagCO2YGRep4PNT7Cxs_ua4anKgOWcjXshEbRluc0fyp8naXFmmQiRAFH.NKEhxz3OHfioPASQ7q9SaxwA
.hsforms.com/	1970-01-20 20:26:16	Name: __cf_bm Value: 90LZPcQHJHl5pUlwkwdbzHHtph7GgIFYAyrVkTpCEiE-1715174378-1.0.1.1-Rjn0RAdCBL2YhHUGcobjXVSh3ylAJ_OHkqSeN5lhW31KrHs1OZkR9kkhje7urE2g_tRrT42WeqV3tHwpWvB_7w
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: EbhIhMr6QbZfu9Dxbxn05hdJnwCg6Mpz_KF02bHJc7E-1715174378478-0.0.1.1-604800000
.hsforms.net/	1970-01-20 20:26:16	Name: __cf_bm Value: qL7iBM00WFlH9eSmGywe1tDjVUZ9X9wtrz79czJPq1g-1715174379-1.0.1.1-PW8E55Bk4pua2z2wzZU3VOG7MkCPkNzxiXLrJrn_6BfITvpN2yXfXdyQ_GnIuDNGt.WVxazxhsKQbBx.8mY.hw

30 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/plx.chock.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Refused to execute script from 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/plx.chock.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://grateful-summer-afterthought.glitch.me/css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://grateful-summer-afterthought.glitch.me/jsonp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://grateful-summer-afterthought.glitch.me/js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to script at 'https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
cf-ipfs.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
grateful-summer-afterthought.glitch.me
lpcdn.lpsnmedia.net
lptag.liveperson.net
metamask.io
perf.hsforms.com
va.v.liveperson.net
www.google.com
www.gstatic.com
grateful-summer-afterthought.glitch.me
metamask.io
104.19.175.188
142.250.185.196
178.249.97.23
178.249.97.99
208.89.12.87
2606:4700::6811:600d
2a00:1450:4001:802::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2003
34.120.154.120
54.83.64.233
07b491de9a3a3e3afc18a20ae2c8be5c9b97557423eaca620d11e03103f766bd
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2
1a7331ffda1e8609ff3a28975ed92c6be84407d2f92df315d4f56892bedfd267
352a6d9b12a5ae3949d370ff42a338ba8bb6ff455d9ba995b1755fb7b99e8824
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
40f4ba1197f102768a15df0abe6b7cde59328c42f1f4a659ea8ab78245d6ce4f
46be517e858e52d7651cef74de14735d6199521e1f78bb70326eece3768f3e92
558a3f192057a0159eb79e1ca2396f982eb7036b317ceb45c72575a60c158b4a
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8508c8a9cb51d906d5b92ca25dd9daace42415b05d4f14bf6b07928531b3d9fa
8abb9dfe0eac5c08817fdce3271f2f61c32e92f6695a61aeed1ead320a3cfdbd
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
af0e0472c79c18e67f9764a9a4e3b035728e07673f07297d920ce7d9ab5df3ef
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba1629943153269e344ee7fbe79c6ac1f08c366cb9094fa767514939975f7f26
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
beeac2532ab7e7ed250c25fcab390c8114a5f010bce47f8a0c39da47bcef5b2b
c46cd3521a4be5383eadfa07a8ef58cbe58b00cd290ee6e38800d8bab6990c90
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
c9d35e1cd1c788900451f6b5011bfb3068bd65afcaca9a3469aa570a863ec074
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com Open in urlscan Pro 2606:4700::6811:600d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

88 %HTTPS

36 %IPv6

9 Domains

14 Subdomains

12 IPs

3 Countries

2359 kBTransfer

2948 kBSize

6 Cookies

22 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com Open in urlscan Pro
2606:4700::6811:600d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

88 %
HTTPS

36 %
IPv6

9
Domains

14
Subdomains

12
IPs

3
Countries

2359 kB
Transfer

2948 kB
Size

6
Cookies

50 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!