bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com Open in urlscan Pro
2606:4700::6811:600d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Effective URL:
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Submission: On May 21 via automatic, source openphish (May 21st 2024, 1:19:38 pm UTC) — Scanned from DE

Summary HTTP 49 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 10 domains to perform 49 HTTP transactions. The main IP is 2606:4700::6811:600d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com.
TLS certificate: Issued by E1 on May 14th 2024. Valid for: 3 months.

This is the only time bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6811:600d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	44.193.185.113 44.193.185.113	14618 (AMAZON-AES) (AMAZON-AES)
2	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.193.166.25 34.193.166.25	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
2	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
49	13

1 2606:4700::6811:600d (United States)

ASN13335 (CLOUDFLARENET, US)

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 44.193.185.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-185-113.compute-1.amazonaws.com

grateful-summer-afterthought.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.193.166.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-166-25.compute-1.amazonaws.com

grateful-summer-afterthought.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	glitch.me grateful-summer-afterthought.glitch.me	2 MB
5	gstatic.com www.gstatic.com fonts.gstatic.com	348 KB
4	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3782 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4020	19 KB
4	liveperson.net va.v.liveperson.net — Cisco Umbrella Rank: 4263 lptag.liveperson.net — Cisco Umbrella Rank: 3903	132 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	1006 B
2	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 4333 perf.hsforms.com — Cisco Umbrella Rank: 13925	4 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
1	cf-ipfs.com bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com	6 KB
0	metamask.io Failed metamask.io Failed
0	dweb.link Failed bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link Failed
49	10

	Domain	Requested by
21	grateful-summer-afterthought.glitch.me	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com grateful-summer-afterthought.glitch.me
3	www.google.com	grateful-summer-afterthought.glitch.me www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com
2	lpcdn.lpsnmedia.net	lptag.liveperson.net
2	accdn.lpsnmedia.net	grateful-summer-afterthought.glitch.me
2	lptag.liveperson.net	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
2	www.gstatic.com	grateful-summer-afterthought.glitch.me www.google.com
2	fonts.googleapis.com	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com grateful-summer-afterthought.glitch.me
2	va.v.liveperson.net	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com grateful-summer-afterthought.glitch.me
1	perf.hsforms.com	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
1	forms.hsforms.com	grateful-summer-afterthought.glitch.me
1	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
0	metamask.io Failed
0	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link Failed	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
49	14

This site contains links to these domains. Also see Links.

Domain
metamask.io
metamask.zendesk.com
community.metamask.io
consensys.net
medium.com
docs.metamask.io
metamask.github.io
github.com
gitcoin.co
shop.spreadshirt.com
twitter.com

Subject Issuer	Validity	Valid
cf-ipfs.com E1	`2024-05-14` - `2024-08-12`	3 months	crt.sh
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Frame ID: 4EF64F40EACD1BF781813BC2C7052204
Requests: 43 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource.html
Frame ID: AC0FDA00971D0B18DC710A38A20E2916
Requests: 1 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/anchor.html
Frame ID: 53A56D1E04B5D914684FEE4E9C94665E
Requests: 1 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Frame ID: F006F78D193C5C8ACC45D8116ED9904D
Requests: 1 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/bframe.html
Frame ID: 1E2C13F1DE07F86DC06C609C39C43F13
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&badge=inline&cb=gpnu1pdlgz84
Frame ID: 272BC3B413BE60BBE07B4DB48F8DF8D7
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=8k85QBI-qzxmenDv318AZH30&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 5E57D8596E174469FC68E9272AB45C39
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/storage.secure.min.html?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com&site=88982875&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: 07A8432169E73FD902CCA0ABE3EE3CF8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MetaMask - A crypto wallet & gateway to blockchain apps

Page URL History Show full URLs

http://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html HTTP 307
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

86 %
HTTPS

33 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

2362 kB
Transfer

2959 kB
Size

6
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://metamask.io/index.html

Search URL Search Domain Scan URL

URL: https://metamask.io/swaps.html
Title: Swaps

Search URL Search Domain Scan URL

URL: https://metamask.io/1559.html
Title: EIP-1559

Search URL Search Domain Scan URL

URL: https://metamask.io/faqs.html
Title: FAQs

Search URL Search Domain Scan URL

URL: https://metamask.zendesk.com/hc/en-us
Title: Get Support

Search URL Search Domain Scan URL

URL: https://community.metamask.io/
Title: Community

Search URL Search Domain Scan URL

URL: https://metamask.io/about.html
Title: Team

Search URL Search Domain Scan URL

URL: https://consensys.net/open-roles/?discipline=32543
Title: Careers

Search URL Search Domain Scan URL

URL: https://medium.com/metamask
Title: Blog

Search URL Search Domain Scan URL

URL: https://docs.metamask.io/guide/
Title: Developers

Search URL Search Domain Scan URL

URL: https://metamask.io/institutions.html
Title: Institutions

Search URL Search Domain Scan URL

URL: https://metamask.io/download.html
Title: Download

Search URL Search Domain Scan URL

URL: https://consensys.net/privacy-policy/
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://consensys.net/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://metamask.io/cla.html
Title: Contributor License Agreement

Search URL Search Domain Scan URL

URL: https://metamask.io/sitemap.html
Title: Site Map

Search URL Search Domain Scan URL

URL: https://metamask.github.io/metamask-docs/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://github.com/MetaMask/metamask-extension
Title: GitHub

Search URL Search Domain Scan URL

URL: https://gitcoin.co/metamask/
Title: Gitcoin

Search URL Search Domain Scan URL

URL: https://shop.spreadshirt.com/metamask/
Title: Swag Shop

Search URL Search Domain Scan URL

URL: https://metamask.zendesk.com/hc/en-us/requests/new?ticket_form_id=360001539191
Title: Press & Partnerships

Search URL Search Domain Scan URL

URL: https://twitter.com/metamask
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html HTTP 307
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/plx.chock.js HTTP 302
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/plx.chock.js

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request secure.html Show response
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Redirect Chain

http://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

21 KB
6 KB

219ms
111ms

Document
text/html

2606:4700::6811:600d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:600d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8508c8a9cb51d906d5b92ca25dd9daace42415b05d4f14bf6b07928531b3d9fa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type Range User-Agent X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
age: 16136
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=29030400, immutable
cf-cache-status: HIT
cf-ray: 8874dbd338a391e4-FRA
content-encoding: br
content-type: text/html
date: Tue, 21 May 2024 13:19:32 GMT
etag: W/"bafkreiefbdekts2r3ednlojmujo5twvm4qsblmc5j4kl62yhskctdm6z7i"
server: cloudflare
vary: Accept-Encoding
x-cf-ipfs-cache-status: hit
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/secure.html
x-ipfs-roots: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla,bafkreiefbdekts2r3ednlojmujo5twvm4qsblmc5j4kl62yhskctdm6z7i

Redirect headers

Location: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 normalize.css
grateful-summer-afterthought.glitch.me/ 8 KB
8 KB 613ms
366ms Stylesheet
text/css 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/normalize.css
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
x-amz-version-id: 8FygmLAq835jdMdey8BAwnOxwypqybk1
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: HCCHB2JZNCN20CSF
etag: "4951cc88307c632cf285d3ba988ab283"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 7772
x-amz-id-2: 6USRnh7GQ4DI/kW7cO6ebc5uz99DK+M6rIrNWbuq+BzEcSUa6TG2G3XmhiB8JrAdlUn60BxrWq8=

GET
H2 200 webflow.css
grateful-summer-afterthought.glitch.me/ 38 KB
39 KB 640ms
393ms Stylesheet
text/css 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/webflow.css
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
x-amz-version-id: VpGosWU.ymaRj4rI8WAdhxXxK8NkYodE
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: HCCRTHWZRX7YAYKZ
etag: "13fc860cb6eddbf469d986e1a6b6480b"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 39109
x-amz-id-2: TSuePNpP2ZV+pxXcoIao0TTiZNsMCQBABlVE9OBPaiDb2+AthhcXyeqDVluCIqaJt77J+7zihvo=

GET
H2 200 metamask-staging-2.webflow.css
grateful-summer-afterthought.glitch.me/ 139 KB
139 KB 757ms
510ms Stylesheet
text/css 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c9d35e1cd1c788900451f6b5011bfb3068bd65afcaca9a3469aa570a863ec074

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
x-amz-version-id: FGJzfWljwWKudZkkQden2BkVXb6GeUAd
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: HCCKRTGE3T7HMCX2
etag: "1aed8830738b6a1e846ca6af968e7917"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 142039
x-amz-id-2: 2P/CwjkxdL0rHuDlOFlzLD0x1bqfa642z8lkN/PtK4+ZFE40d+RtSmVJjsD5zWzhZ52oBUhHPPgLX6HT1EFqrUM2vDw8+2KHYtbzY/MhJgs=

GET

plx.chock.js
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/
Redirect Chain

https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/plx.chock.js
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/plx.chock.js

0
0

GET recaptcha__nl.js.download
grateful-summer-afterthought.glitch.me/ 0
0

GET
H2 200 analytics.js.download Show response
grateful-summer-afterthought.glitch.me/ 49 KB
49 KB 166ms
166ms Script
application/octet-stream 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/analytics.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
x-amz-version-id: i5vwO7SfqQRsu0dnc00kKvyxdahod4U8
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: Q7KM3Z3TDDA8KZS0
etag: "fda30e8a22c9bcd954fd8d0fadd0e77c"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 50230
x-amz-id-2: S15JBYD2ZAGOzYyRB93Kn2t1EGxhNbG6swFhmgYNJ+w5NkD9TQmdpfSizLIGxKPuMD731N2UF8I=

GET
H2 200 webfont.js.download Show response
grateful-summer-afterthought.glitch.me/ 13 KB
13 KB 728ms
482ms Script
application/octet-stream 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/webfont.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
x-amz-version-id: _cr5b3QEbFXqNrMy7nPsc7GUdyzA11jK
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: HCCS1WR4B38GJMH4
etag: "7c96a5f11d9741541d5e3c42ff6380d7"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 13188
x-amz-id-2: fc+Go6yU/jb+lr4r6Y2rdTCX5EceTPiy703pUel6ZZvJSdap7kssFYTdUQwD9O4HFJZoP+iQGuM=

GET
H2 404 css
grateful-summer-afterthought.glitch.me/ 0
0 471ms
225ms Stylesheet
text/html 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/css
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 js
grateful-summer-afterthought.glitch.me/ 0
0 156ms
155ms Script
text/html 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/js
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 200 tag.js.download Show response
grateful-summer-afterthought.glitch.me/ 21 KB
22 KB 496ms
249ms Script
application/octet-stream 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/tag.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
x-amz-version-id: TUU0ZjXoyzGQtWVuxcfDzv8bYgA4uR3p
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: HCCJQGKD63D777CG
etag: "e2ee8a9cd68c3d310a4c62fdb4b5c93a"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 21652
x-amz-id-2: T7Hg8EddKr8+4k59uqfKlm/FmGisN2szX550swCIHQL/LvYNLdMqBEPIvvz9khICyf2UvaKxW8U=

GET
H2 200 enterprise.js.download Show response
grateful-summer-afterthought.glitch.me/ 1008 B
1 KB 612ms
365ms Script
application/octet-stream 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/enterprise.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
x-amz-version-id: ObiUJ2noAKZGuRj8wbfBsazSx7RTllc4
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: HCCTY3ZF8DNTBH3Q
etag: "d07e7630bc23cbdd7520d0a4f086c922"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 1008
x-amz-id-2: /nj1+FJyCN0OgXBAMwBPW55oecvouZrNfPNZzstGtmgjTlO0u8VQYkC4V/2YSun38S+ib/viVr0=

GET
H2 404 jsonp
grateful-summer-afterthought.glitch.me/ 0
0 756ms
510ms Script
text/html 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/jsonp
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 200 88982875 Show response
va.v.liveperson.net/api/js/ 111 B
899 B 712ms
292ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/88982875?sid=oH2Qhzs8QzCWPk58eMieCA&cb=lpCb50195x86975&t=ip&ts=1639498872221&pid=8378416840&tid=120975428&vid=E1ZmVlMDY2Mjk2ZDhiZDg5

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

beeac2532ab7e7ed250c25fcab390c8114a5f010bce47f8a0c39da47bcef5b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 221ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 May 2024 13:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 May 2024 13:19:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 May 2024 13:19:32 GMT

GET
H2 200 mm-logo.svg
grateful-summer-afterthought.glitch.me/ 12 KB
12 KB 499ms
499ms Image
image/svg+xml 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grateful-summer-afterthought.glitch.me/mm-logo.svg
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
x-amz-version-id: P_EpZSaqEQzUZNxOiWe0aXD1oaAcWPY_
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: HCCH00NF4YGE1TQB
etag: "51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 12019
x-amz-id-2: Wrmu4BDpesayPFJ5mxBoCjgTTZTX6b5Bv/bAN1yrjbi+pyPUCYFWqlRd+OiTVQLDKJ00Hkt6xfI=

GET
H2 200 v2.js.download Show response
grateful-summer-afterthought.glitch.me/ 565 KB
566 KB 472ms
472ms Script
application/octet-stream 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/v2.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:32 GMT
x-amz-version-id: mv_qM5YGXp6zrYYaoQ4hh8TUYIH1XC8u
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: HCCM3NH4QZ7W04H3
etag: "d3b2366c9977c975fc6abdc6a119c361"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 578833
x-amz-id-2: n/kwE18PPyRTiOa9bmqSxEvznJnbikZMFGqpv6HKn11ZFO8znM6DN2Eo2oYYguve0lv/c7TxWTI=

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js.download Show response
grateful-summer-afterthought.glitch.me/ 87 KB
88 KB 500ms
266ms Script
application/octet-stream 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
x-amz-version-id: cqsq1AvkEyGRMHvfFyD0.1CsHB3UsEn5
x-amz-request-id: Q7KMVS9333WDDENF
x-amz-server-side-encryption: AES256
content-length: 89476
x-amz-id-2: 5M3eSpW6RwurHEDFUeAw5ZHytSiiIbliZrzhVG195Bn16UZFdnm5I54cVEGnP052Gc3Ta5EC8hA=
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3600
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 webflow.js.download Show response
grateful-summer-afterthought.glitch.me/ 587 KB
588 KB 358ms
357ms Script
application/octet-stream 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/webflow.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
x-amz-version-id: UTKlo1hGdz_dUFIcS8sBNnGKYs0tphfn
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: Q7KNNBFQJG0YYYMD
etag: "9758f7e3aa0c79ea7a3cadb16d10087b"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 601104
x-amz-id-2: S6DaFGVUsIKBkYOL/nwJ+9X9QvR+y8kiRaB1KtwFW4/6t/XMxmAx+KqDWwz2G49hbF9CesfZbGI=

GET
H2 200 storage.secure.min.js.download Show response
grateful-summer-afterthought.glitch.me/ 38 KB
38 KB 157ms
156ms Script
application/octet-stream 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/storage.secure.min.js.download
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
x-amz-version-id: KKigjc5ZmRWSj0hXBKP.I9_HXfZqFSQg
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-request-id: Q7KSH9P1V4KEPYWR
etag: "3386ec5559f1ba569cf0ab6acab436cc"
x-amz-server-side-encryption: AES256
content-type: application/octet-stream
cache-control: no-cache
accept-ranges: bytes
content-length: 38562
x-amz-id-2: DY7B6h+Hh1Ag9vC4DkVR+vTHxD5mPaBvTgDtJ4OtFcy3D8wXl8UCR6FlFzSDbBi8IdNPTidx7rA=

GET
H2 200 css
fonts.googleapis.com/ 800 B
436 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/webfont.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07b491de9a3a3e3afc18a20ae2c8be5c9b97557423eaca620d11e03103f766bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 May 2024 13:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 May 2024 12:51:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 May 2024 13:19:33 GMT

GET
H2 404 recaptcha__nl.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ 0
0 648ms
558ms Script
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/enterprise.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:34 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1621
x-xss-protection: 0

GET
H2 200 Institutional-Illustration.png
grateful-summer-afterthought.glitch.me/ 283 KB
284 KB 219ms
219ms Image
image/png 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grateful-summer-afterthought.glitch.me/Institutional-Illustration.png
Requested by: Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
x-amz-version-id: UfDGkR8iDzjvs7JJ3Nzvn8562I3SrIZi
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: Q7KP7THA3FA14JNY
etag: "85607339bb7e3cc70e1b7568ed4d29b2"
x-amz-server-side-encryption: AES256
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 289564
x-amz-id-2: Y1o+YG9La3lPMNG/0Z1UZEa/3sMnys/hmza9qXnlC80Lu42ebdyrpH+6D8U7cRumRb7UI7hyb9U=

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4

Request headers

Referer
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET EuclidCircularB-Regular-WebXL.woff2
grateful-summer-afterthought.glitch.me/ 0
0

GET EuclidCircularB-Bold-WebXL.woff2
grateful-summer-afterthought.glitch.me/ 0
0

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 141ms
54ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 14:50:56 GMT
x-content-type-options: nosniff
age: 80917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 May 2025 14:50:56 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 790ms
395ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=88982875

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 18:56:18 GMT
server: ws
etag: "65414dd2-24b8"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9400

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/ 336 KB
120 KB 498ms
104ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

40f4ba1197f102768a15df0abe6b7cde59328c42f1f4a659ea8ab78245d6ce4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v20/ 8 KB
8 KB 94ms
47ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 12:43:44 GMT
x-content-type-options: nosniff
age: 88549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:10:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 May 2025 12:43:44 GMT

GET
H2 200 xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
fonts.gstatic.com/s/changaone/v20/ 8 KB
9 KB 88ms
41ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 02:26:59 GMT
x-content-type-options: nosniff
age: 39154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8404
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:56:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 02:26:59 GMT

GET
H3 200 2b64112b-f442-4840-9ace-b11dccd5f744 Show response
forms.hsforms.com/embed/v3/form/4795067/ 6 KB
3 KB 268ms
194ms Script
application/javascript 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/v2.js.download

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e97c70fb2a615add55e841c9f71ef1f66bf6307139860118acab195d442bffc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Tue, 21 May 2024 13:19:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cc0eaeae-e410-4a87-a0d9-ecf8bdb5e4d0
x-envoy-upstream-service-time: 18
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cc0eaeae-e410-4a87-a0d9-ecf8bdb5e4d0
server: cloudflare
vary: origin
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rxkvm
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 8874dbdb5eef349a-WAW

GET
H2 200 saved_resource.html
grateful-summer-afterthought.glitch.me/ Frame AC0F 0
0 385ms
155ms Document
text/html 34.193.166.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/saved_resource.html
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.166.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-166-25.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 56613
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 13:19:33 GMT
etag: "ec0bcfe99f4f2e8174bd36b54b04ed25"
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-id-2: OM0GO84VVwB97p94Swbh4iTeI7yALE2yfFbtSRBmAEeFUL55aE2mXaAEPYwlauBZ3HJfDcI0M9w=
x-amz-request-id: Q7KS1TMMWRXRC2TR
x-amz-server-side-encryption: AES256
x-amz-version-id: YaHcRlML9P83ib0UbAtTKFjHsR3Q5ixM

GET
H2 200 anchor.html
grateful-summer-afterthought.glitch.me/ Frame 53A5 0
0 617ms
387ms Document
text/html 34.193.166.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/anchor.html
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.166.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-166-25.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 43290
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 13:19:33 GMT
etag: "194b5744abd15c4045d5be0aae957e8f"
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-id-2: XcC99BgNZPIBvgQhnT5CopC1rT7SmnsxZBF2O2Gfs08az11hfSs/4IT5/3J+xuR1m2adMIi2rIc=
x-amz-request-id: Q7KTJER00YFRT0G6
x-amz-server-side-encryption: AES256
x-amz-version-id: dxDuxkvYFAyiPsUXbU8OIvYqNOYLn5rY

GET
H2 200 saved_resource(1).html
grateful-summer-afterthought.glitch.me/ Frame F006 0
0 693ms
463ms Document
text/html 34.193.166.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.166.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-166-25.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 55268
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 13:19:33 GMT
etag: "b00c3321ca08b705efe2acd1364bacae"
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
server: AmazonS3
x-amz-id-2: MszrZIPm55L6lFrUizNRYvDOCHVWH4114AyGIjtzbONWFq2KyaJNFoWUCnToF847aOjjpI+0j6QekplAnCpDWhWNTtfaowoG
x-amz-request-id: Q7KH3TQCN2FDPDZX
x-amz-server-side-encryption: AES256
x-amz-version-id: j12ibLCu3YjUNlHqYChHU4P7T0mb6npu

GET
H2 200 mm-logo.svg
grateful-summer-afterthought.glitch.me/ 12 KB
283 B 241ms
239ms Image
image/svg+xml 44.193.185.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grateful-summer-afterthought.glitch.me/mm-logo.svg
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.193.185.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-193-185-113.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:33 GMT
x-amz-version-id: P_EpZSaqEQzUZNxOiWe0aXD1oaAcWPY_
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-request-id: Q7KKXGAF5TX5DE9Y
etag: "51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption: AES256
content-type: image/svg+xml
cache-control: no-cache
accept-ranges: bytes
content-length: 12019
x-amz-id-2: 5rUTB0oPllDK1QHERaWfFPaGu4orJIE0a6o185W8tuIkbKs2IEpQpXX63XBJwoXgpm7gMKhO6JcF4rdjSXm+kA==

GET EuclidCircularB-Bold-WebXL.woff
grateful-summer-afterthought.glitch.me/ 0
0

GET EuclidCircularB-Regular-WebXL.woff
grateful-summer-afterthought.glitch.me/ 0
0

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1006 B 431ms
49ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/v2.js.download

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

20492a0fb329152563c2552a5c20ab01dd2ef0dbe6f0fc784186c737c491f487

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 21 May 2024 13:19:34 GMT

GET
H2 200 bframe.html
grateful-summer-afterthought.glitch.me/ Frame 1E2C 0
0 248ms
247ms Document
text/html 34.193.166.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://grateful-summer-afterthought.glitch.me/bframe.html
Requested by: Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.166.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-166-25.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 11399
content-type: text/html; charset=utf-8
date: Tue, 21 May 2024 13:19:34 GMT
etag: "161c81930eb1b582be7559429dd87816"
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
server: AmazonS3
x-amz-id-2: 1DN+PgJoKIiPSVbcT9ywCoJ2bSxpjHWqBZL2El66y1+9IIrBJlizhWIHOlqPM+eV42tqPed6wqY=
x-amz-request-id: 5H3AX5YK0MQ3R7RS
x-amz-server-side-encryption: AES256
x-amz-version-id: H6FRTwhTvUDOKh5FazE27_3A5CXCGAfK

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/ 7 KB
2 KB 237ms
57ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/storage.secure.min.js.download

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

af0e0472c79c18e67f9764a9a4e3b035728e07673f07297d920ce7d9ab5df3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:34 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Tue, 21 May 2024 13:19:56 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/ 3 KB
1 KB 278ms
100ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/storage.secure.min.js.download

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

48d883cb3bd008ff713eb6924f089273e29a8f065296057fb0df0dc4daa92e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:34 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Tue, 21 May 2024 13:19:56 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/ 519 KB
206 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 11:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210834
x-xss-protection: 0
last-modified: Mon, 13 May 2024 17:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 May 2025 11:53:46 GMT

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.26.0.0-release_5111/ 42 KB
15 KB 193ms
40ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.26.0.0-release_5111/storage.secure.min.js?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com&site=88982875&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1a7331ffda1e8609ff3a28975ed92c6be84407d2f92df315d4f56892bedfd267

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:33:27 GMT
content-encoding: br
age: 1835167
x-guploader-uploadid: ABPtcPqLU3_OWMPH11i-D68OtIZkqZ2TeBzlMcYwoCGvxb6Yfj2boGhlJoWOPEFoQ8he0esE87_emA_5Ag
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14728
last-modified: Fri, 23 Feb 2024 02:32:10 GMT
server: UploadServer
etag: W/"0b1822a9670f05b1888b2968d5858445"
vary: Accept-Encoding
x-goog-generation: 1708655530415139
x-goog-hash: crc32c=Y9SiOw==, md5=CxgiqWcPBbGIiylo1YWERQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 43356
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 272B 0
0 138ms
61ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=de&v=8k85QBI-qzxmenDv318AZH30&size=invisible&badge=inline&cb=gpnu1pdlgz84

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ebUxmSVGcICzSqfi_5texA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ebUxmSVGcICzSqfi_5texA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 13:19:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
579 B 204ms
204ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

Requested by

Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c63e846b-06d2-4c1e-94cd-5c96b0e932d0
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c63e846b-06d2-4c1e-94cd-5c96b0e932d0
last-modified: Tue, 21 May 2024 13:19:34 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-pjqgw
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 8874dbe07efb349a-WAW

GET
H3 200 bframe
www.google.com/recaptcha/enterprise/ Frame 5E57 0
0 58ms
57ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=8k85QBI-qzxmenDv318AZH30&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/8k85QBI-qzxmenDv318AZH30/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SyK3KzbjscVSLjNpxGSw6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SyK3KzbjscVSLjNpxGSw6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 May 2024 13:19:35 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/ Frame 07A8 0
0 128ms
40ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/storage.secure.min.html?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com&site=88982875&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=600
content-encoding: br
content-length: 16264
content-type: text/html
date: Tue, 21 May 2024 13:12:13 GMT
etag: W/"08e1e10c1128f5e33067543842258486"
last-modified: Fri, 03 May 2024 01:05:45 GMT
server: UploadServer
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary: Accept-Encoding
x-goog-generation: 1714698345808394
x-goog-hash: crc32c=Z19eGg== md5=COHhDBEo9eMwZ1Q4QiWEhg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48296
x-guploader-uploadid: ABPtcPpzjGizsc4_R_QAiYl1TiC1PT3AY2pgntydtLSawWjcqneFMzRjy5Wm5ZRa08piI83UUfwnMn6_9A

GET favicon.png
metamask.io/images/ 0
0

GET
H2 200 88982875 Show response
va.v.liveperson.net/api/js/ 235 B
1 KB 134ms
134ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/88982875?&cb=lpCb41577x4591&t=sp&ts=1716297575310&pid=5912114834&tid=8002932222&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com%2Fsecure.html&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/storage.secure.min.js.download

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

53ddd049f9d4f4b8351c65698304fe28d512af1f76c97a85478a1ded76078873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 13:19:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/plx.chock.js

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff

Domain: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff

Domain: metamask.io
URL: https://metamask.io/images/favicon.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 01:04:09	Name: _GRECAPTCHA Value: 09AOG1W2XVd2Dmb2-mg23FjpJNO1qqkFyuHahrVhjD_BDiIZWgOXetv93Fds2b1aiP4N_9a0lD9f4inIsjONK-2pI
.bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/	1970-01-20 20:44:59	Name: __cf_bm Value: 5SC60ps1jf5Ux1RoD6nXmZDrJFn2pE8F7Blys42CqYk-1716297572-1.0.1.1-PajxP5AJTmUZ0CKPUUlH_WNb0qOL3rjIvU6x11UHqe36oymqrKqxOa4yOeEFtKnQS6iNnazZSM2hMmKkxZbN6Q
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	1970-01-20 20:46:20	Name: __cflb Value: 02DiuJLNW61ZCCRdkrK7u2Gcug74vVzvTAHQS4oSt4ZUY
.hsforms.com/	1970-01-20 20:44:59	Name: __cf_bm Value: LxVDeHQANh.PEDbjb0Nf0BKyd8G9FOrTJzuPIFbaee0-1716297573-1.0.1.1-FIj7yZgXV4KuzSeh5_gsxmS3vpQcDyMKJ8OKL2iyHq0PJn63H2EHhstvVEqy.ipAy5ICRTQA0YIhX3ozxCH4pg
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: N3I0vfWru1es2547nSUc7y57RIKj1BAa4jWTt14dGuQ-1716297573802-0.0.1.1-604800000
.hsforms.net/	1970-01-20 20:44:59	Name: __cf_bm Value: u_f4T8fK4S3PzuSyx7wAcm_22Vh71_tpYnGGyJRea.c-1716297574-1.0.1.1-IlGNjPOtr.oC6bp.PSwYHbSpsFTM4P2vMGOiYlwN.GKZ3JfunJFl_vfTtUbN5SIqo6gqJkbpIA8r0Is8eZVhLw

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://grateful-summer-afterthought.glitch.me/css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://grateful-summer-afterthought.glitch.me/jsonp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://grateful-summer-afterthought.glitch.me/js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to script at 'https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
grateful-summer-afterthought.glitch.me
lpcdn.lpsnmedia.net
lptag.liveperson.net
metamask.io
perf.hsforms.com
va.v.liveperson.net
www.google.com
www.gstatic.com
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
grateful-summer-afterthought.glitch.me
metamask.io
104.18.80.204
142.250.186.68
178.249.97.23
178.249.97.99
208.89.12.87
2606:4700::6811:600d
2a00:1450:4001:810::200a
2a00:1450:4001:812::2003
2a00:1450:4001:81d::2003
34.120.154.120
34.193.166.25
44.193.185.113
07b491de9a3a3e3afc18a20ae2c8be5c9b97557423eaca620d11e03103f766bd
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2
1a7331ffda1e8609ff3a28975ed92c6be84407d2f92df315d4f56892bedfd267
20492a0fb329152563c2552a5c20ab01dd2ef0dbe6f0fc784186c737c491f487
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
40f4ba1197f102768a15df0abe6b7cde59328c42f1f4a659ea8ab78245d6ce4f
48d883cb3bd008ff713eb6924f089273e29a8f065296057fb0df0dc4daa92e5d
53ddd049f9d4f4b8351c65698304fe28d512af1f76c97a85478a1ded76078873
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8508c8a9cb51d906d5b92ca25dd9daace42415b05d4f14bf6b07928531b3d9fa
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
9a50821b46158c264ae8c3bac28c40e317f9ab2b7c5c45b00c7574c7724665c4
af0e0472c79c18e67f9764a9a4e3b035728e07673f07297d920ce7d9ab5df3ef
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
beeac2532ab7e7ed250c25fcab390c8114a5f010bce47f8a0c39da47bcef5b2b
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
c9d35e1cd1c788900451f6b5011bfb3068bd65afcaca9a3469aa570a863ec074
e92f0b552deffbf207cee5389713056c7c3d27e4b9b9edaf29338d01a83c5962
e97c70fb2a615add55e841c9f71ef1f66bf6307139860118acab195d442bffc5
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com Open in urlscan Pro 2606:4700::6811:600d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

86 %HTTPS

33 %IPv6

10 Domains

14 Subdomains

13 IPs

3 Countries

2362 kBTransfer

2959 kBSize

6 Cookies

22 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com Open in urlscan Pro
2606:4700::6811:600d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

86 %
HTTPS

33 %
IPv6

10
Domains

14
Subdomains

13
IPs

3
Countries

2362 kB
Transfer

2959 kB
Size

6
Cookies

49 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!