slender-half-cirrus.glitch.me Open in urlscan Pro
18.214.212.197 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://slender-half-cirrus.glitch.me/
Effective URL:
https://slender-half-cirrus.glitch.me/
Submission: On September 20 via automatic, source openphish (September 20th 2024, 2:24:11 am UTC) — Scanned from US

Summary HTTP 77 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 77 HTTP transactions. The main IP is 18.214.212.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is slender-half-cirrus.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time slender-half-cirrus.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Arvest Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	18.214.212.197 18.214.212.197	14618 (AMAZON-AES) (AMAZON-AES)
42	172.66.44.194 172.66.44.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.4.33 152.199.4.33	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	13.33.252.127 13.33.252.127	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.162.3.117 3.162.3.117	16509 (AMAZON-02) (AMAZON-02)
3	3.215.172.219 3.215.172.219	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.56.41 104.21.56.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.18.11.219 52.18.11.219	16509 (AMAZON-02) (AMAZON-02)
11	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.194.107.112 54.194.107.112	16509 (AMAZON-02) (AMAZON-02)
77	15

1 18.214.212.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-212-197.compute-1.amazonaws.com

slender-half-cirrus.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 172.66.44.194 (United States)

ASN13335 (CLOUDFLARENET, US)

arves.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.4.33 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.252.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-252-127.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.3.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-117.yul62.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.215.172.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-172-219.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customers.arvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.56.41 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnstat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-219.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.107.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-107-112.eu-west-1.compute.amazonaws.com

metrics.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	pages.dev arves.pages.dev	461 KB
11	qualtrics.com znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com — Cisco Umbrella Rank: 373728 siteintercept.qualtrics.com — Cisco Umbrella Rank: 973	98 KB
5	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	134 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 816 script.hotjar.com — Cisco Umbrella Rank: 1029	84 KB
2	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6654 metrics.hotjar.io — Cisco Umbrella Rank: 8896	251 B
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 5470	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	87 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	258 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 215	11 KB
1	arvest.com customers.arvest.com — Cisco Umbrella Rank: 394604	1020 B
1	cdnstat.net cdnstat.net — Cisco Umbrella Rank: 308091	657 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 491	309 B
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 2720	38 KB
1	glitch.me slender-half-cirrus.glitch.me	57 KB
77	14

	Domain	Requested by
42	arves.pages.dev	slender-half-cirrus.glitch.me arves.pages.dev
10	siteintercept.qualtrics.com	znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com siteintercept.qualtrics.com
5	cdn.cookielaw.org	arves.pages.dev cdn.cookielaw.org
3	script.hotjar.com	static.hotjar.com script.hotjar.com
2	pi.pardot.com	slender-half-cirrus.glitch.me pi.pardot.com
2	www.google-analytics.com	arves.pages.dev
2	www.googletagmanager.com	slender-half-cirrus.glitch.me arves.pages.dev
2	cdnjs.cloudflare.com	slender-half-cirrus.glitch.me
1	metrics.hotjar.io	static.hotjar.com
1	znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com	slender-half-cirrus.glitch.me
1	customers.arvest.com	pi.pardot.com
1	content.hotjar.io	script.hotjar.com
1	cdnstat.net	arves.pages.dev
1	geolocation.onetrust.com	cdn.cookielaw.org
1	static.hotjar.com	arves.pages.dev
1	ajax.aspnetcdn.com	slender-half-cirrus.glitch.me
1	slender-half-cirrus.glitch.me
77	17

This site contains links to these domains. Also see Links.

Domain
arves.pages.dev
orderpoint.deluxe.com
applink.bakerhillsolutions.net
arvest.cardmanager.com
www.centresuite.com
homeloan.arvest.com
mymortgage.arvest.com
sso.arvest.com

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
arves.pages.dev WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-05` - `2025-06-04`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
cdnstat.net WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
customers.arvest.com R10	`2024-08-14` - `2024-11-12`	3 months	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://slender-half-cirrus.glitch.me/
Frame ID: A2FFE3A067B5CD841DABEE3083FCA649
Requests: 77 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arvest: Personal: Arvest Online Banking: Online Banking

Page URL History Show full URLs

http://slender-half-cirrus.glitch.me/ HTTP 307
https://slender-half-cirrus.glitch.me/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

100 %
HTTPS

27 %
IPv6

14
Domains

17
Subdomains

15
IPs

3
Countries

1235 kB
Transfer

3583 kB
Size

11
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://arves.pages.dev/rates
Title: Rates

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/about
Title: About

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/contact/banking
Title: Contact

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/
Title: Personal

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/checking
Title: Checking

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/savings
Title: Savings

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/online
Title: Online & Mobile

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/checking/debit-cards
Title: Debit Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/rewards
Title: Arvest Flex Rewards™

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/checking/apply
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans
Title: Home Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center
Title: Home Loan Servicing

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/find-a-lender
Title: Find a Lender

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/apply
Title: Start Home Loan Process

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/consumer-loans
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/consumer-loans/auto-loans-boats-motorcycles-vans
Title: Auto Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/protect/auto-warranty
Title: Auto Service Contracts

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/retirement
Title: Retirement Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing
Title: Investments

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/trust-and-estate-services
Title: Trust Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/private-banking
Title: Private Banking

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/manage
Title: Manage Investments

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/find-a-client-advisor
Title: Find a Client Advisor

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/trust-and-estate-services/find-a-trust-professional
Title: Find a Trust & Estate Planning Professional

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/calculators
Title: Calculators

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/fee-schedule
Title: Fee Schedule

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/protect/id-protect
Title: IDProtect®

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/referlive
Title: Refer a Friend

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/protect/accidental-death-dismemberment-insurance
Title: AD&D Insurance

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/prepaid-cards/gift-cards
Title: Visa® Gift Cards

Search URL Search Domain Scan URL

URL: https://orderpoint.deluxe.com/personal-checks/welcome.htm
Title: Order Checks

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/available-property
Title: Available Property

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/checking/debit-cards/specialty?keyword=beach

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/accounts/small-business
Title: Small Business

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/accounts/commercial
Title: Commercial

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/online-services
Title: Online Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/accounts/small-business/debit-card
Title: Debit Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/treasury-management
Title: Treasury Management

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/merchant-services
Title: Merchant Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/business-rewards
Title: Arvest Flex Rewards™

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/loans-and-lines
Title: Loans & Lines

Search URL Search Domain Scan URL

URL: https://applink.bakerhillsolutions.net/ArvestPublicMR/B2BApp.aspx
Title: Apply for Business Loan or Line

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/loans-and-lines/sba-preferred-lender
Title: SBA Lending

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/equipment-finance
Title: Equipment Finance

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/international-banking
Title: International Banking

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/loans-and-lines/ag-loans
Title: Agriculture Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards
Title: Credit Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/manage/employee-benefits-and-retirement-services/employer-retirement-plans
Title: Benefits & Retirement

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/manage/professional-services
Title: Professional Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/treasury-management/lockbox
Title: Lockbox Services

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/bank/online-services/online-cash-manager
Title: Cash Manager

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/protect/fraud-prevention
Title: Fraud Prevention

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/protect/fraud-prevention/positive-pay
Title: Positive Pay

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/protect/collections/checxchange
Title: Check Recovery

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards
Title: Credit Card Options

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/flex-rewards-credit-cards
Title: Visa Signature®

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/true-rate
Title: Arvest True Rate™

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/origin
Title: Arvest Origin™

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/family-card
Title: Family Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/arvest-corp
Title: Corporate Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/purchasing-card
Title: Purchasing Cards

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/business/borrow/credit-cards/epayables-electronic-payment-service
Title: ePayables

Search URL Search Domain Scan URL

URL: https://arvest.cardmanager.com/
Title: Log In to Your Personal Account

Search URL Search Domain Scan URL

URL: https://www.centresuite.com/Centre/Public/Logon/Index?ReturnUrl=/Centre/?arvest&arvest
Title: Log In to Your Business Account

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/contact/credit-cards
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/dispute
Title: Credit Card Disputes

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/askarvest?typeId=4&q=can+I+set+up+automatic+payments+to+my+credit+card+account
Title: Set Up Automatic Payments

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/visa-checkout
Title: Visa® Checkout

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/bank/credit-cards/visa-purchase-alerts
Title: Visa® Purchase Alerts

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/pre-qualify
Title: Pre-Qualify

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/refinance
Title: Refinance

Search URL Search Domain Scan URL

URL: https://homeloan.arvest.com/login
Title: Manage Your Application

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/home4me
Title: Download Mortgage Mobile App

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/mortgage-programs
Title: Mortgage Programs

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/mortgage-programs/conventional
Title: Conventional

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/mortgage-programs/fha-va-and-rd-loans
Title: FHA & VA Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/mortgage-programs/construction-loans
Title: Construction

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/consumer-loans/home-equity-loans-lines-credit
Title: Home Equity Loans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/education-center/home-ownership
Title: Mortgage Education

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/calculators#mortgage
Title: Mortgage Calculators

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/lending-questions
Title: Lending Questions

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/servicemember-benefits
Title: Military Assistance

Search URL Search Domain Scan URL

URL: https://mymortgage.arvest.com/sign-up
Title: Register for Online Access

Search URL Search Domain Scan URL

URL: https://sso.arvest.com/idp/startSSO.ping?PartnerSpId=urn%3Abki%3Aservicingdigital%3Arwa%3Aarvest&ArvBrand=AMC
Title: Log In to Your Mortgage

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/mortgage-fee-schedule
Title: Fee Schedule

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/hardship-assistance
Title: Hardship Assistance

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/borrow/home-loans/servicing-center/damage-claims
Title: Damage Claims

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/investment
Title: Investment Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/education
Title: Education Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/insurance
Title: Insurance Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/planning/estate
Title: Estate Planning

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/managed-accounts
Title: Managed Accounts

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/retirement-planning
Title: Retirement Plans

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/exchange-traded-funds
Title: Exchange Traded Funds

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/mutual-funds
Title: Mutual Funds

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/investing/annuities
Title: Annuities

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/insurance/life-insurance
Title: Life

Search URL Search Domain Scan URL

URL: https://arves.pages.dev/personal/invest/insurance/long-term-care-insurance
Title: Long-Term Care

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://slender-half-cirrus.glitch.me/ HTTP 307
https://slender-half-cirrus.glitch.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
slender-half-cirrus.glitch.me/
Redirect Chain

http://slender-half-cirrus.glitch.me/
https://slender-half-cirrus.glitch.me/

57 KB
57 KB

451ms
169ms

Document
text/html

18.214.212.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://slender-half-cirrus.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.212.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-212-197.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5ff102f6a6c8c7652f45e31301045421065c77f986101b1e6b6ea3c9d447501a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 58027
content-type: text/html; charset=utf-8
date: Fri, 20 Sep 2024 02:24:04 GMT
etag: "56e29456bd7cd998b6457ad4600d932c"
last-modified: Thu, 19 Sep 2024 13:49:14 GMT
server: AmazonS3
x-amz-id-2: OdnDK3Y+lfDGfso80hZ28NQDoyqfTekU11gfZAeP4M5o2TZX48NMBayDRCeAHx+r+L94szHj/UvB6fJRDVqmug==
x-amz-request-id: CXCVRQ13P3JRBD6H
x-amz-server-side-encryption: AES256
x-amz-version-id: ViwNS5NH90kTszt8NOCWvizk7FFI5bgt

Redirect headers

Location: https://slender-half-cirrus.glitch.me/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 MyFontsWebfontsKit.css
arves.pages.dev/css/ 2 KB
1 KB 208ms
89ms Stylesheet
text/css 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/css/MyFontsWebfontsKit.css

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d48e4cdc332afa2ac66eea1408b7fc4ac19d7aee7535ad7a6beee81b16c29b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"78efb5c8323080e5f44a9387ed1bae91"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCygdjTfV9NOjfBylanGR623lOXbwoMcUb8%2FqKDnX07hw%2FE8c%2FspjKe9LNoRbAa0wtIqhzAi4GC6Cb%2BmcU3p1w9ij%2FwdigHONqoqOg2UAZNiStRyNupS76kPbPfDk0%2Bj2Uc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b70892ed7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap_custom.css
arves.pages.dev/css/ 82 KB
14 KB 262ms
145ms Stylesheet
text/css 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/css/bootstrap_custom.css

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efb9919e780526be341049bb6154d23490c6462583b1ddfa33a4c8daa025dfaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"fe410fb5e0ad32e4b61017c422aef5c4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJYeug5%2BA2iHcFlzod2YU5V1YKKCr6lILA4dUBmEjrKkhiefjRSqXr%2FJr667eLq1CzIyRrvqVd%2Bv4KdsM76843MBRHSL0kF3IgoUa%2BKwjVQrs6USOcCX30%2Fkb4iEqsdw7bI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b708931d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 layout2.css
arves.pages.dev/css/ 32 KB
8 KB 210ms
92ms Stylesheet
text/css 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/css/layout2.css

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1273fa967e7f8702e444df5a649d3ada3d56bd6f3c26bfec97f926a116e57529

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"e553e34bf9d9c1b2b77868cf3005c60a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FddQkjjJr9HusawLABVOP5Xw8huVcXBXVqCbdH%2FMDdLZlKs8nV%2FpEv%2F%2BjAl73dCJPDcXKI%2BMgbXt13f2lY7vQbAtnbdfCkDyqlmg95SWD4twXQ71Fe%2FOP0y6q35aPVgG89M%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b708926d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: cloudflare

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 185ms
93ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03e5f-7918"
age: 41126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k75l4ree%2FSJf9N8gc8Mt6ELB0GCz4EHUHVjSxKAk7X86ZJCmk%2BY%2BKgkeD6cYG6jpCNV1P2lqzaRWSSfcRNeCO%2Fhpod0D65b1NAeqi%2FWay6PXEK0OJq97nMjD21nULILlNylJzMk2"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 10 Sep 2025 02:24:05 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:10:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c5e5b706cb6156c-SJC
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5631
server: cloudflare

GET
H3 200 gtm.js Show response
arves.pages.dev/js/ 342 KB
100 KB 181ms
173ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/gtm.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78916b7e7255abfa5144710ebd8c5624e778991bb4d86bf526abe9106baad9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"a6913874bedeefb388d80c7c7d8356c4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wcJGthR9UmrFYrrZcyJtLe8ODxKIn56L6StNka%2FsefTz4PQ1Wg8cBkDuwKuwc1rDEkFnesHzrRc7Hub8WFXqEs9gRR7hMZwTuOvN3sjs8ILBscSqLE%2Bu09vcK7PJgrgjuLI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fd2d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 viewport.js Show response
arves.pages.dev/js/ 1012 B
931 B 424ms
307ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/viewport.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21ba23bacc45b32c237fac9f813811f1d319877e9cab4d84c71029cb7b49c9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"0793703a2b89c3732a85a6406927e7b8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cP3ouG6fhs%2FDX5ALqenCnd%2F2%2BGmmadWhoNg3olnZ1KV%2BFqvLngHd1UdsQcAfwqti%2BBTFR%2BnA%2Fl5Kg%2Fi2tDWcVNuZ6jLa6iIqTFEruLHCGyCozlPRZNE4cQ52w9OUkbUFxOo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b708947d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery-1.9.1.min.js Show response
arves.pages.dev/js/ 90 KB
33 KB 280ms
164ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/jquery-1.9.1.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"69e4e91805f5a6478cc3403b9229be39"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BSQLd14mu9PkNS5OKieWTvui1TkwJedXYkvepTrLSsS2kkALWWsnZX%2FxHd1ERTO1pnCoz7h7YpZXZILl7PodEO7cLoXyXLyLsdA3QNqlyPSlQqZ%2Bx6cGBrmgTHI1X9wdBE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b708942d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 common.min.js Show response
arves.pages.dev/js/ 9 KB
4 KB 211ms
95ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/common.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80775d79677fe7cb03b02a6ea8876ae8d9b50f40bf5cc99946c64b5b18d84a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"dff0cf41b93a85d3c3312957f7937e40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPNMqv6rKb%2B%2BP2Qok1ReptYOXUYB3dMjQA6Ak4FgPkP%2B7RJ0CXxLced8QwwRWbC7%2FikV3QOSIU4g33tqA0P4BuVY5FEDwJCD4FSVOYQ5CD4F02W7img3zmr%2BBYFmdTCegNQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b708941d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 aob-search.js Show response
arves.pages.dev/js/ 3 KB
1 KB 210ms
94ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/aob-search.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f857f665240f78c391083521d6736b87353bba5137e71e08d792a7a8ad827cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"73df776bae37e42807d8cba6f8f99f78"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DogFtTilpl4o4FMuFPU94Eb86MXUmf2VQmuk6SMXIWti2GH5ZjziaI9lotFoLqH0DHRE6tUlpu%2FCmY7ZclF09MHAWWyWM5d%2B%2FgXb1UgbpZG27VoqL6iPQfzgJrxDWcvAdjE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b70893cd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pm_fp.js Show response
arves.pages.dev/js/ 9 KB
4 KB 279ms
164ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/pm_fp.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9f313b0aac7378a2b6c863515b66905ec21a1c5900dc51b52cce28d7d0009ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"5454fcfe119e1116ab7f3ee2db8de7c4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALBVu9xpufkaS%2BNWYdxilLKW10Iv3rJv%2BH4tct7ICfU0IPnWiVX23uuDPJrrQuYzy570l1jT5el2620g2IO3DXrT%2BOTVMjxrF1gf5eXiA%2BRHiyGf4Y6oETF1a2cV2%2BPllKs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b708936d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 arvest-logo.png
arves.pages.dev/images/ 4 KB
4 KB 215ms
214ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/arvest-logo.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d8f81b3deb15a8d8a4d940347fb3322ca6d49640e7ce14514ccbe07862a1aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "3db34b73533d89ea049924bc6d315420"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eS73M3J0wngq%2FHPrt6zX4ebtUljXwvwqRZp6dP7tKNR9GyGxLuc0gmxvbEGldm8IU3dZDwJgcp%2BsmytVYaSq5QWDfrMo0HCvt4rgqrW3MOF8gehUUTxZaLj3TDoLI%2B7zBPE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b712b08d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 4092
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 debit-card-beach-mainnav-ad.png
arves.pages.dev/images/ 23 KB
23 KB 214ms
214ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/debit-card-beach-mainnav-ad.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5566d8578cf4b69b5523a1d983aa31de64c5e40bc55db1c5551ac01f647ca529

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "013c593960facf9176f4ba968911f303"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YvF4hdxZ2EqW%2BxjQ2A5fCv9FZrT7uHcKGOlNdrFSlnF%2BcOAalJBi1FuUEB%2BngItzysbzqitOXqyq8WArklnvOGGq%2BlYoyQHCIlfZuyMMuOCNjK9X2%2FZr3%2F6CDOfubypuweM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b711afbd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 23282
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 merchant-services-mainnav-ad.png
arves.pages.dev/images/ 22 KB
22 KB 88ms
88ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/merchant-services-mainnav-ad.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cdcd37ed238e27c50fac06ba440885e95bbae7a85c8c7447111738f7bdbaaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "fa073673a8c6929e3128947c9706deac"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGQgICyEnbL%2B4CmdJvtanEwdCdYEuny6YaILj981pTvYWMlIjvXH09FHtmpJHV2Vso9J4hC1EujiTo%2BYMJNK1g6GoNHR88EsxPxb%2F5A8tMF7Qe74m9Z3T7OPOqWkeX6Ydos%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b727f5dd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 22341
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 mortgage-home4me-mainnav-ad.png
arves.pages.dev/images/ 53 KB
53 KB 95ms
93ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/mortgage-home4me-mainnav-ad.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbd9e72fc8811406de10190f29478f63524a88c6c33ac96017c2f38374787c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "74a103e84a8429fc32cd1cff5e1978c9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E88dDAGE0G8OvQiIy%2F%2FBrzv3N2LoI5BH3cQodUk%2BMiFQSJgGLHk77LyK2Sh8tRV6josGsFh5hzThlZBs%2F6bOGfiDUp2PTEYC4Ff1BBnRZiZD3Qqmtwrgl6Kt6MEUflDu36w%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729f92d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 54009
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 awm-trust-mainnav-ad.png
arves.pages.dev/images/ 29 KB
29 KB 294ms
286ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/awm-trust-mainnav-ad.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7cf593c0726db50aeaeb0f6973332ae8c226f467b28463e5cb225c07a9ad5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "0314a7cce149a6a35c3ff7976edb4c74"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BhdWfD9HFShGA1ChSrxWIbPle%2FH%2BGU9RoxbovfhuV5o6Dq3H4WkpjKjXdundoSCqmbgYvVIKiVRnKU1ZZVvzJPpmgg%2BOjZDGaZeG%2BfN3ecnPp3DpjyPNme71Qu4yTHwx54%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fd5d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 29336
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 login-arrow-icon.png
arves.pages.dev/images/ 271 B
744 B 292ms
285ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/login-arrow-icon.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01d1a470c25a6f60c6fa9e7de42b0158533a7bf3de3c0d7c2687f5a5a8269377

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "37807de95af34e8da7c1e0598dd79e10"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNTlV%2FsfcJZyjLh%2BSyVZb02nWXiuzq2zqSnupzpLsDj%2BrXT3bUj27G3cZR64FNKSE627xtZZNf7P%2FSuTdSFbFzGiffk1BvEHvoTd2lO3cmcpcSgnlMEYKGUDkZQ62QL2Sm0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fdad7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 271
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 functions_form_class.js Show response
arves.pages.dev/js/ 5 KB
2 KB 151ms
147ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/functions_form_class.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b3886467835fc527fbf40a9972323de5c82f3dd5a325b6b1deb39d4e9f24251

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"87c6d20023bc2731227a2eb2d8ab2c6d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TS3JJiebIj7iEWj%2BW%2B9E602LU11kJkgMd0RM3sC6ZQlxR8JnGzWWSisQxF3bGM6xbE3fVVFYsSuejoLUPRmjNyHgDcj4UW%2B7c9BmVjvjtYbfh6CecrEa9ABLivuoHTG9AA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fa2d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 ios.png
arves.pages.dev/images/ 5 KB
5 KB 298ms
291ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/ios.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45b33290a887374b0351ad46d4f1fddc8038b3b805ae11fc1520c732108691a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "1e3bf91171350d558ba33d0e783b91dd"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GZv0ED1CZjJhDUbX2e7PTanqIzUwYCdVg6Bv0fxD7iNNhgCc5RXORI85RLEcnUav67DY5lvGwL9oa2ADf1KFQnhX%2Byhx5ILZm2R%2F37QNMDm5TDjdTSozgMnANNZWkcL%2FKg8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fddd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 4885
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 soc-share-circle.png
arves.pages.dev/images/ 717 B
1 KB 299ms
292ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-share-circle.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16eba136a35400f1100a450d2f48d656b67296e74c62521aedcd8fab29c7d4ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "94a50b8f5f6d375de5b72cfd2fcdcba8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7c%2BZ60NR9R3rlJWDzl8I1%2FwmVga0gb%2FTngm0RmPUeLcDuzrexgydubsdproU1Z0TI1YRp4AYLCfspE9%2FVQN990rELijo6W011mIxMCVnDJP7yUA82A5Ef8Bu3YqxL%2FyWls%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fdfd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 717
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 soc-fb.png
arves.pages.dev/images/ 589 B
1 KB 299ms
292ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-fb.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

610c99d9f333e8e356584239f9cbf91592f1c38877fce7d1d1da4bf3aac94e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "ac734fa762ba32e6e2765f222c3a363e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOpVIhMkf3zurWeQUyoRzXWiK5eJ0%2Bf0NdbY%2F%2FcHS8%2Bg9ZYjgVuyYoFn5tYVxN2eaYQ5aNfpl%2Fawztpo6AcDZ0xgqZTna17ReWzNWaUcN2D2jMXPwlTG7jcL4Pt%2FhV%2FGCjg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fe2d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 589
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 soc-twitter.png
arves.pages.dev/images/ 542 B
1018 B 299ms
293ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-twitter.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f485ef565c7ced26632fea1c6fb2f67b5c90c49c38fe856ead961258b65682

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "50b74a315e59a521ba7faacdc6dca4de"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3u7%2FbWsIzFw%2BC0%2F1pIWOMq3u4QWjkzgWpFcz66OSu4LCxGTn9Yw1QQzq1yU%2FaNdSsEWUBIX%2BJxza2hxie2P2umy1hnVqCIrca14mTkYgBRDkxxV%2FYdXH4L7G8uoqkiF9EWI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fe7d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 542
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 soc-youtube.png
arves.pages.dev/images/ 15 KB
15 KB 301ms
294ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-youtube.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ffbb276d8124704f5a7e0035b5bb87e4adc7a7e4b322ae2ed476ee37ffa7ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "9a30625516ba144c0361835b5168770e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evAdkAZlqto83%2B0cvRCelIdBJSnrlEhR24UmQ5UpQXN%2BdECrLDrjUtwS0e1FKAfrFEWltfojiJt%2Fm95mCK0fnbwpQP4Vw6xBqs%2BhIMbwlm6SS8N09UGEH3Z4S%2FcafFl58Eo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729febd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 15201
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 soc-instagram.png
arves.pages.dev/images/ 686 B
1 KB 301ms
295ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/soc-instagram.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee5b697a7b857ffe13445f6b2ee5ca3f0ab76be6c03b51bc53879648c7bd9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "4fc503c4f9bd5f7477f6ad090ed8f386"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50G4B0%2Fg9JZQLZbXV2B75baSau3zQFJqSSr%2Fze8EFrxK571VBcc5BtOYB3v9kuLcielpqfcpfIhfJfl%2B0MYEnXfge78lQtEcdLjgzCDijos6%2BVi7CttNYLO6Zonvx53LVKY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729feed7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 686
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fdic-logo.png
arves.pages.dev/images/ 916 B
1 KB 301ms
295ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/fdic-logo.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf5ca21167bd44e7b547a5c908f0cb82a9420f0b4927ff1ded1232446f6f17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "033bd0e6212a0bca89e4f48706f60c4d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOW9SgrGFTANDus4uJNm2pRakr4EVcVjQ1McksogIXMb27LAk0%2FJSXy%2FNtUmZHfCP%2BSC48cWnTkVqhuGOGyliJSQaOPus%2FHrUp5%2Fx7T%2Ba6LTAIA9CTZnZWl6sEQNQ7%2BSzmY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729ff2d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 916
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 housing-logo2.png
arves.pages.dev/images/ 653 B
1 KB 303ms
297ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/housing-logo2.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3132b69dbeb859635eea70dbdae8557c143d111eeb9a473fb84fe5fac904cc18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "23584c02fec7d19eb6862ad0e8fcc5c5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xwzMjXhEkT%2B2hUrZJfK03Z9T9XClaGK7cchBceMsYqRMVW8pLh85J7kWWKwsU8PZIgQ3r5Mzp6nF2KV%2Ftl4GoY5sZ%2BzEsoZodov7Hbb8JOUSXc3BkLLne%2BHUlDeq%2B2%2Fy8Co%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729ff7d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 653
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fdic.png
arves.pages.dev/images/ 1 KB
2 KB 306ms
299ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/fdic.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

971cbfd037bdfa175bbcc512eb44ef5430b917a88df8b0b0344d85dff95f795e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "e8b692b58a7ee64fa8458c424d498b75"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4eE3%2B0E5p56P%2FQ6vM3YlM3%2FH8hGnMtKkHRujiSj3dVaZUXU%2BN7XCCKNCTaEPHi2MQ7QqUdQnKelMzGRJjEIKRAdrOKSOxV%2B23ouL9pV1Xp6uErRP71istTtD%2BZwuzdPlAU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729ffcd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1411
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nhl.png
arves.pages.dev/images/ 1 KB
2 KB 307ms
301ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/nhl.png

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d067fab799e99b87904f659c692a443efdefb8d5eefcc98fc7db2cd5bd39cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "8b144ec4624e38ee5678bc7e8c690248"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8GctpJfw3BKfgXAOgvoA1Mmxf5I47W%2BtbYge4i6x4eQQkYfbvnIx9vjJUth0jBdzlyOP3GfojoKbvmkFAYuv5YH23nVyONUkWQTOjBDBIKFX1k2qx%2BCnWwTqxWrI0JOZcK8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729ffed7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1277
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bootstrap_custom.min.js Show response
arves.pages.dev/js/ 13 KB
4 KB 151ms
146ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/bootstrap_custom.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b8fd01969247b640db14518378c4ee2487d6c5d389f613d947abf2e6063d6ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"4ac65b8ab7abb0b5a329afd503d59051"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vCREqj1g0b5HFtVATPHgVOZm18h2R%2FBZGBw7qLGooZ1wHo%2Bqx%2BXO1yeKaifkw7NRaIGygqXb8%2Bb2fhSSJqDq6HLAO0txG9w1rorR1H5vkVNM1XWPtDusmMC8fIcEvNI8qCA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fb5d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 helper.js Show response
arves.pages.dev/js/ 6 KB
2 KB 151ms
144ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/helper.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17bd8b07ef5603105ef87297b87ab38d5270455d867c67c6cbf2953d7188445b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"b999d6a49b9758af4bd940cc53d326d3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yO7mbHCw%2BdVrtJGOS9H2yFHbZ2T3w7oBVSsAXTM5K5KGovmOjIjvFaMFFArflHPADubmwpko6VssSOhFIfY0fL4umvwklBTSe0CEXcjYkLBkNC4h8ekUnZbGRSy8pp6Paok%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fbed7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 typeahead.bundle.min.js Show response
arves.pages.dev/js/ 29 KB
10 KB 154ms
146ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/typeahead.bundle.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af97ce613cb505abdecec61e500b8d8d50dc055cc26a508b29d451455f9f4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"3ecb28eea41f94919136012e3900872f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sfp3%2B%2B5bEv0G0JWDyWaIE1aXfyvpdXELpmzUcsgZc6cvSyF28IWKA%2FsNaEltV3Wt5aDOvojHFjCGfgodhx5FQOqfl6OYS7WQRDqXXx3jAIJaYHUm0ZibyYE8fna%2Bg08eqSQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fc2d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.selectbox-0.2.min.js Show response
arves.pages.dev/js/ 8 KB
3 KB 154ms
146ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/jquery.selectbox-0.2.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd66012b771fe92c7549ffa275254ec23d15e1939c56c224565858d40be98a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"1975c2b544047fd129c765e9716667ec"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QA2aBL0AVvKB26uHLefTYyH7fevi5aUF0iIGWKl3CwjKAVFntFUiQU88OE68d0Sar4n3OLsddR%2BIfGVYgqO7g5vXXH73GmMh%2FQ7Y5jjIwHtS4oE2Txa6sknfIdHN72SHd5I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fc3d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bpopup-0.10.0.min.js Show response
arves.pages.dev/js/ 5 KB
2 KB 154ms
146ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/bpopup-0.10.0.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b3544ef8e0b67d75e2b4f79df4fa1fd6a1324c98d04322dc901248ce012fcf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"84be30a5fdef7d1f3b76f287f2dc2f28"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGYssXBoo7fFaU5Ja3pMRu9GCr%2BlUNvwvnGhIm%2FPuGFy%2BITNcXIVWzluhTcKoRfZljPn6nhF3GsNHkUo8RdlIdTKcCwS%2BRlSZoLi3I%2BDN5THINisGKyouANa%2FlKPpRlr8XA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fc6d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 main.min.js Show response
arves.pages.dev/js/ 7 KB
3 KB 152ms
144ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/main.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20da8601280b37880ba8b04bf37c1c50957f671ffb67142bae36258e0c84641b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"2a9123b209bcbea8a6cd3f06fe371a17"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fz16EYf%2BTW28jkgov1T0JzuLHSuq3lAyNfewoqFbZ%2FI%2BH3fHKcwalNRhLLqPnJGz6nNQujUW39cRiz05o%2B%2FQYhjbzs%2BRRgc14ljVx0Hd66fjp%2FOx7ap9vWyBA9EQ0m1JsOM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fcdd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 search-script.min.js Show response
arves.pages.dev/js/ 199 KB
45 KB 152ms
144ms Script
application/javascript 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/js/search-script.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccd10693e75dfc608e745959d5a9cbe7987653ddd7edde560b0590acc7675e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
etag: W/"0a6de3781821359c03527037c24e375f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGhfbSwWpFxEf7YmzpJ6lPKKVRORc1xzPan8qjBtSCi9%2FCkMt5O%2F0xO9aYNO%2Ba0rrgeRvJ52YA3b666%2FcXQK%2BUos%2BME53jutWOAlK8ci7qk6JUihlQ9zsfjGeSaISqdObT0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729fced7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
38 KB 437ms
76ms Script
application/javascript 152.199.4.33
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.4.33 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lac/5598) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
etag: "af301a17b793d31:0"
age: 4384161
x-content-type-options: nosniff
x-cache: HIT
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
vary: Accept-Encoding
cache-control: public,max-age=31536000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38892
x-xss-protection: 1; mode=block
server: ECAcc (lac/5598)

GET
H3 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 99ms
92ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-4e98"
age: 530380
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JUsQRjdmGk4LiIUYULI5C7829LBUxVb9pDAAXR98Hj5WwRVwVgovqMNcrosBNSnJIhKLz1hI8n2Fs9YluV1z%2BLvoozt6nRp4dio7ojoXgW%2BDnAGSJ1H7gDnY7%2BzQmNYZgAP5TqCV"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 10 Sep 2025 02:24:05 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8c5e5b72ae73156c-SJC
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4517
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 553 KB
138 KB 557ms
199ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGPDH6G

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf4a115ca5b0b69d40fc28db6219a21c1873025bbd3cb15da8987a254e88feb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
expires: Fri, 20 Sep 2024 02:24:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Sep 2024 00:00:22 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 140631
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 top-nav-bg.png
arves.pages.dev/images/ 249 B
724 B 298ms
295ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/top-nav-bg.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8eadeb36aa1e752b10866c2a77550395b7517b183871b69180044aebea508f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arves.pages.dev/css/layout2.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "3d3e4eded40dfa877d2571ba3c892a29"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwMl8z%2BYViT%2B0Yh0hK3R51%2FUdYnlz1MOLtt8E5UYIZHTYRwaHM%2FztfQMTrNC932RQ4FxNvUX1ldInzGpUJBFd2TEjE6zcd1kiFZub72mGcQwcSU4%2FTHUTKf3B5uU0BqEGlQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729800d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 249
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 nav-search-bar-bg.png
arves.pages.dev/images/ 3 KB
3 KB 299ms
295ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/nav-search-bar-bg.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2266eb423ddf014680bf965dfdefc302947c231645f864e7ed3e16e70941d31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arves.pages.dev/css/layout2.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "157f51e922e5fc5ae53cc991ee5f81e2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PlYu9ORnUhlVumnhM%2BwurIFZU07cyFcrS6%2Fq3aKPZmLAT%2FYsGJ3DTVvwDQ%2FLjuN7Yg%2BsN4lbLp4z4ECfiG%2FGdpd8I9yhSz1s1ul29anPzDGFnKwRZbOGSKLtDvR1wT7lvLo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729803d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 2951
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 myArvest.png
arves.pages.dev/images/ 1 KB
2 KB 308ms
307ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/myArvest.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ddd9fab5342d91721c67a39aa003a8b6baefc3fa9c35d07ae7c61b62b0e8304

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arves.pages.dev/css/layout2.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "e571c631e9e6d53c44cc5c60fdcbda32"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O84zc%2FUZev1gwSeeYMcFKYtW5ImDbgqnwMCDcxGZkLsbA5fqH%2FSDAYPCxqJpJZnT83HXHL3BZDrBStw0oTR1p2B6xORSmOhXAok2pDz9uyAuUOkYwbiVHJO%2BbH1eHuaGapo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b729806d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1410
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 26DA37_0_0.woff
arves.pages.dev/fonts/ 23 KB
23 KB 252ms
169ms Font
font/woff 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/fonts/26DA37_0_0.woff

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/MyFontsWebfontsKit.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1252843b50c568f5a207600688226e7c516d706623b50ab4ad33fe438f25a514

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://slender-half-cirrus.glitch.me
Referer: https://arves.pages.dev/css/MyFontsWebfontsKit.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "2a71c1baf5f56ee13fd25b128ca2236a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHQwBVIbSRkf%2B0U0vMJDP2WQ7D389n2%2F2LKBWrEfS8zutgWLkeVFeBDB7lGfIHBZUSblaFIk%2FE18JdVT3yvPrJ%2FJ3iYVcrDx5uVoO0ODwd98yca67F9z86GhyCUVxUUo7Bk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b735ed90d38-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 23258
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: font/woff
vary: Accept-Encoding
server: cloudflare

GET
H3 200 26DA37_1_0.woff
arves.pages.dev/fonts/ 23 KB
24 KB 180ms
98ms Font
font/woff 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://arves.pages.dev/fonts/26DA37_1_0.woff

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/MyFontsWebfontsKit.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9be58dfbf40a15b63977356d7a343d790e89f241cf28bcb7883da48e2eea19f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://slender-half-cirrus.glitch.me
Referer: https://arves.pages.dev/css/MyFontsWebfontsKit.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "379158380abaa8644aca7cacedaef082"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cG580wFOizsiCLtUbcWI4pinJUlwvzAwweRUnM5ZIU2ckgch1igblh6ctJ1W0FV8hlVFyRK8RXZhN5KC8VRzYs9iE7LD1olQbldglqZe%2B5PXWIwcDezAKkp%2F7kjAUDrISOE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b735ed70d38-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 23644
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: font/woff
vary: Accept-Encoding
server: cloudflare

GET
H3 200 button-arrow.png
arves.pages.dev/images/ 163 B
639 B 150ms
149ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/button-arrow.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/bootstrap_custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fb1794640596b6601ece58fae25be2a00d2e71981f55dd2b743d4f45909c5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arves.pages.dev/css/bootstrap_custom.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "185b99fe8256ccd40624598a71a16a34"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C0o%2Fm%2F5jxT3Wp03E2yTYnd%2FQGV7%2BB8mmY%2B7iT4KQeYz8zv75xcX9Pty8pE8H0dOkQ15b6zJGtiLTlBih8jM%2FWlfOxbT0cMtn8mbEH1zAF3ltrO3Dq9dhO%2BFbnMXDAN7Vdbo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b73ab55d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 163
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 custserv.png
arves.pages.dev/images/ 3 KB
4 KB 146ms
145ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/custserv.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac4db385ce573e1038b4a1a504bac75d82114d03a863bc8e9ef19328304f587

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arves.pages.dev/css/layout2.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "386c5e5128b6f4fd338d3fe0a6fc5d9f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBPmWz8tvhb8DcXkpUeVmEEkurVH9IMeZqTSr4rfiYZ3pOKr5tie7M3upKNyUAO7WIfVZ1OdoD%2FUKbRWCCq336Z%2B1j%2BZM%2F6wyyW17cFPi7Au1%2FiJlR%2FBxP7PYfE2ve3D5XA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b73ab58d7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 3468
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H3 200 footer-bg960.png
arves.pages.dev/images/ 271 B
740 B 147ms
146ms Image
image/png 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arves.pages.dev/images/footer-bg960.png

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/css/layout2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd0bb8cd67fca59fd6e8383c338aa881b7ecf7b6b4b67d10b294dafc20064fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://arves.pages.dev/css/layout2.css

Response headers

cache-control: public, max-age=0, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: "80ebdb3290fca9fd67db21fd8a215691"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ws8FMcYvrp7g9PxZBMpSpF%2B%2BbXEEfZ5Y18MsjswIvtBrdkCbopbgVAOvbcl7BpgBcRHqQxvKysmIwfKLmongwA%2FGCWqAbV0shmuVpnUmIv2LgjoagzuDi2ddTjdo6cAmbas%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b73ab5dd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 271
date: Fri, 20 Sep 2024 02:24:05 GMT
content-type: image/png
vary: Accept-Encoding
server: cloudflare

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 185 KB
66 KB 276ms
121ms Script
application/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-M97SXPJ

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c02ca4c1348415617994736e6e3f3313c8275398f749fe793f1e2ce44476c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 20 Sep 2024 02:24:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67684
date: Fri, 20 Sep 2024 02:24:06 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 hotjar-2651856.js Show response
static.hotjar.com/c/ 15 KB
6 KB 667ms
144ms Script
application/javascript 13.33.252.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2651856.js?sv=7

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.252.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-252-127.jfk50.r.cloudfront.net

Software

Resource Hash

0c5003fe1a18925d60088c7bbbc13da22054b5de5ffba4ed5971a2cfe5cb376c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: br
etag: W/936cc4f0897e82a821466531d9e42cd0
age: 29
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: MXinclerOKBsDs8muKH3LDbZzfN141dODPcd9hKblVn4KYX5tF9F4Q==
date: Fri, 20 Sep 2024 02:23:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 7ea7b08f7e1d26433f5be7f6d4283d3c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK50-P10

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/ 25 KB
6 KB 479ms
103ms Script
application/x-javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/OtAutoBlock.js

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b1852f52af150cc8a56f34dc02793ad80ff6e65d025b107e7a687a3c6c91f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-md5: VXBUC65UYOOEIVEabsTbTg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DBF5B09CDAB2B2
age: 83582
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sat, 21 Sep 2024 02:24:06 GMT
date: Fri, 20 Sep 2024 02:24:06 GMT
content-type: application/x-javascript
last-modified: Tue, 05 Dec 2023 16:38:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: c6f7a7b4-101e-009a-5472-79a75a000000
cf-ray: 8c5e5b77ee437bf7-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5079
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 73ms
72ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
content-encoding: gzip
age: 2075
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 20 Sep 2024 03:49:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
date: Fri, 20 Sep 2024 01:49:31 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
server: Golfe2
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 371 KB
121 KB 178ms
177ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GRH26TKW0W&l=dataLayer&cx=c

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85c038fb6c185761e9d10744f60187f19c8db6439bd077683f756b87da18a118

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Fri, 20 Sep 2024 02:24:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123385
date: Fri, 20 Sep 2024 02:24:06 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 86ms
85ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arves.pages.dev
URL: https://arves.pages.dev/js/gtm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-md5: jwlUUXc1HMPClYXMpY+NPQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCD8180F629235
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 15275
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:06 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2024 19:28:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
x-ms-request-id: 6758b5e5-201e-0098-0fc4-0a1db5000000
cf-ray: 8c5e5b78af1e7bf7-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6881
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 modules.0721e7cf944cf9d78a0b.js Show response
script.hotjar.com/ 224 KB
56 KB 469ms
161ms Script
application/javascript 3.162.3.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2651856.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-117.yul62.r.cloudfront.net

Software

Resource Hash

b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

x-robots-tag: none
content-encoding: br
etag: "ac12d2f9dbf41b678b7eb52a4d3e70f3"
age: 46919
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 630Ij-yi4VgBFQU5UVid7ux8SuTzQeKlSkj6akvexixsfEjVW6oA6w==
date: Thu, 19 Sep 2024 13:22:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 13:21:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56508
x-amz-cf-pop: YUL62-P2

GET
H2 200 430cf39f-917d-469f-9c6a-0de3834f38d3.json Show response
cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/ 4 KB
2 KB 252ms
107ms XHR
application/x-javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/430cf39f-917d-469f-9c6a-0de3834f38d3.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dee0c041358b92df0ab4f4ce329abbfa7f2ffe18809c1afa627bf2a7506576a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-md5: VrRFOlHX4dhvvc0nozqbRw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC3C847276ACA5
age: 34651
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sat, 21 Sep 2024 02:24:06 GMT
date: Fri, 20 Sep 2024 02:24:06 GMT
content-type: application/x-javascript
last-modified: Mon, 04 Mar 2024 19:51:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: c4217a6c-a01e-0045-7b99-0a4e1b000000
cf-ray: 8c5e5b7a29b51506-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1520
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 428ms
133ms Script
application/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-172-219.compute-1.amazonaws.com
Software: /
Resource Hash: 41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: max-age=63072000
content-encoding: gzip
etag: "15f4-gzip"
Connection: keep-alive
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
expires: Sun, 20 Sep 2026 02:24:06 GMT
accept-ranges: bytes
Content-Length: 1988
Date: Fri, 20 Sep 2024 02:24:06 GMT
Content-Type: application/javascript
last-modified: Wed, 18 Sep 2024 05:23:40 GMT
vary: Accept-Encoding,User-Agent

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 71 B
309 B 258ms
97ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://slender-half-cirrus.glitch.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8c5e5b7bdc03cb91-LAX
access-control-allow-origin: *
date: Fri, 20 Sep 2024 02:24:07 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H3 200 script.js Show response
cdnstat.net/get/ 129 B
657 B 544ms
417ms Script
text/javascript 104.21.56.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdnstat.net/get/script.js?referrer=https://slender-half-cirrus.glitch.me/
Requested by: Host: arves.pages.dev
URL: https://arves.pages.dev/js/gtm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.56.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mX6Z3CWDiY7mDAhDT6l9tRtENjE09%2FyckdTM2HNq5bEf8uxUvjbO1rzouYQDFIPywmApJj4bYaUEoQxfkDkh4ioEJxZpi6fDKSreu2XW7dv14mg9kQSDFJdWmHu3Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c5e5b7bce8e0fe0-LAX
access-control-allow-origin: https://slender-half-cirrus.glitch.me
alt-svc: h3=":443"; ma=86400
date: Fri, 20 Sep 2024 02:24:07 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: X-Requested-With,content-type

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 1 KB
2 KB 604ms
604ms Script
text/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&url=https%3A%2F%2Fslender-half-cirrus.glitch.me%2F&referrer=

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-215-172-219.compute-1.amazonaws.com

Software

Resource Hash

dd8a7ddac4aba0946b39e14247443a8dec04df75afa7d81e287475481e7c0702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 540
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Fri, 20 Sep 2024 02:24:07 GMT
Content-Type: text/javascript; charset=utf-8
vary: Accept-Encoding,User-Agent

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202402.1.0/ 430 KB
105 KB 86ms
85ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e912efba4dd82b798fb061f872b0016687932d1648098f501dff644a7ad77a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-md5: XwXx/WxMZ+UJJ5CmkZRGfQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5DEBBF484DE
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 17081
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:07 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 21:32:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
x-ms-request-id: 25a8232f-f01e-00de-55c8-d7c323000000
cf-ray: 8c5e5b7c7ae77bf7-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 106948
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 sentry.58c81e3e25532810f6fd.js Show response
script.hotjar.com/ 66 KB
19 KB 160ms
159ms Script
application/javascript 3.162.3.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/sentry.58c81e3e25532810f6fd.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-117.yul62.r.cloudfront.net

Software

Resource Hash

7ee550ee3d665b633759be606abbc0e83029070bf9f585d34efb2d630dc5f575

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

x-robots-tag: none
content-encoding: br
etag: "dbda6d86ac0aac9b0ddd8ed571339f41"
age: 3953749
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: mP5dGjdaxR0fNZwEXeFFAtM-_dcSJ4QdkZKAZurMsWTlmeCxcIXsMg==
date: Mon, 05 Aug 2024 08:08:18 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 02 Aug 2024 15:31:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19035
x-amz-cf-pop: YUL62-P2

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 141ms
141ms Script
application/javascript 3.162.3.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-117.yul62.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

x-robots-tag: none
content-encoding: br
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
age: 20692320
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: MOEmORaajM5WhDvtuRr6bj12fOSIX_0TrlpXlxo_yr94Szcm7EBgGw==
date: Wed, 24 Jan 2024 14:32:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 24 Jan 2024 14:31:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1782
x-amz-cf-pop: YUL62-P2

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 927ms
428ms XHR
application/json 52.18.11.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=2651856&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.18.11.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-11-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 518b1169f8e0cdf422adf7bf7d398fd08dba193e891a45d252ab6a17ffe3d27a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://slender-half-cirrus.glitch.me/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Fri, 20 Sep 2024 02:24:08 GMT
content-type: application/json

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/5021873b-6947-48ee-bc1c-8024619b3141/ 56 KB
15 KB 97ms
96ms Fetch
application/x-javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/430cf39f-917d-469f-9c6a-0de3834f38d3/5021873b-6947-48ee-bc1c-8024619b3141/en-us.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202402.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3f0c9e9654130e1871f21d7f894ab743e0624588dafa2d25f1961cf39daf85a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-md5: N4k6blh6wApXxhNEqcdd3Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DC3C8474A43848
age: 34651
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sat, 21 Sep 2024 02:24:07 GMT
date: Fri, 20 Sep 2024 02:24:07 GMT
content-type: application/x-javascript
last-modified: Mon, 04 Mar 2024 19:51:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
x-ms-request-id: 38b27e38-001e-0025-7c99-0a0b39000000
cf-ray: 8c5e5b7ddd0c1506-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14786
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H/1.1 200
OK analytics Show response
customers.arvest.com/ 50 B
1020 B 590ms
254ms Script
text/javascript 3.215.172.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://customers.arvest.com/analytics?conly=true&visitor_id=284043348&visitor_id_sign=9e482fd03dca52da5630b5208f4e5a652ac33a8a1a4d58dbd5708173fcf3ec8c19552b0bfb7e38e3079e3b57335e9b7dfc443ffb&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest:%20Personal:%20Arvest%20Online%20Banking:%20Online%20Banking&url=https://slender-half-cirrus.glitch.me/&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=138064&account_id=968183&title=Arvest%3A%20Personal%3A%20Arvest%20Online%20Banking%3A%20Online%20Banking&url=https%3A%2F%2Fslender-half-cirrus.glitch.me%2F&referrer=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.215.172.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-172-219.compute-1.amazonaws.com
Software: /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

x-pardot-rsp: 0/0/1
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
Connection: keep-alive
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 50
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Date: Fri, 20 Sep 2024 02:24:08 GMT
Content-Type: text/javascript; charset=utf-8
vary: User-Agent

GET
H2 200 / Show response
znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/ 10 KB
5 KB 292ms
102ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Requested by

Host: slender-half-cirrus.glitch.me
URL: https://slender-half-cirrus.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15b84c2f3fe0d3b3251f42a4c1ae35670c0f53a546bc1a000ee74dd6f3b63a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"26a0-KCMwfQIg1lowLSpUMWINqFHKoDM"
age: 109419
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:08 GMT
edge-control: max-age=604800
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b84b8b86801-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H3 404 favicon.ico
arves.pages.dev/arvest.com/ 0
415 B 88ms
87ms Other
text/plain 172.66.44.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://arves.pages.dev/arvest.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.44.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cache-control: no-store
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FRi1lij3qjdIm%2Bwz%2BwcwmXW4QtvGZktE0Lvk4QLysSIoFoNO2v%2BPQpY%2FhJUNga1WoSPQr5KCu3Kta2NJm8IIJG%2FUaMltwxYaE7zbzhUnkuo7yuE6uFt%2BVDT75%2F%2BR19YaB28%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b839acfd7a7-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 20 Sep 2024 02:24:08 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 12.0ce80e99217aaa963082.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 75 KB
21 KB 99ms
94ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=slender-half-cirrus.glitch.me

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56023b60759e909c096e9ea4761cfcf56ad4bd5b4da4aa743fe01c235b3af4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"12bf8-191e386ffa8"
age: 84002
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:08 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b8569656801-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 4 KB
2 KB 232ms
230ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cTsTcEDc1rc1Tnw&Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.0ce80e99217aaa963082.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=slender-half-cirrus.glitch.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef2e7df9ddcc80d299ce7027a607e7cdb9abef88b7d95a83d6cdaea92981d273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:08 GMT
content-type: application/json
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
trace-id: 9be914196cfb9153
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b861a1b6801-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://slender-half-cirrus.glitch.me
server: cloudflare

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
30 KB 93ms
93ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa575ea757c7d27e4c1ec33c28d8af39570e53d85a6cacf8d82de04aff8419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1977f-191e386ffa8"
age: 84002
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:08 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b879ba86801-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 7.ceffb52fd15d9edebb86.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 3 KB
1 KB 98ms
95ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.ceffb52fd15d9edebb86.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de113b3a951c8f72e2cae5bcb5ce482ffa79b53ac353deae859d9620ef01bd43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b55-191e386ffa8"
age: 84003
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:09 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b884c646801-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 1.560a1707e927ff25da07.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 29 KB
7 KB 101ms
98ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.560a1707e927ff25da07.chunk.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Host: znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
URL: https://znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_cTsTcEDc1rc1Tnw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d236439dd0ef488fe4ae5f8ec3e9cfd8c43506f0505678342787250d441ef22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"7421-191e386ffa8"
age: 84003
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:09 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b884c676801-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 96 KB
29 KB 97ms
95ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

556ffb7b58e14c24a7715b22b7b19e4cd856f483b633ac614e128d997d073062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"180b6-191e386ffa8"
age: 84003
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:09 GMT
edge-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 23:59:21 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b884c696801-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
2 KB 272ms
102ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_01JDqG39AUPDXfw&Version=67&Q_ORIGIN=https://slender-half-cirrus.glitch.me&Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BrandTier=&Q_ARCACHEVERSION=21&Q_BRANDDC=iad1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ac3861345c28152c466fe5de0bda8cc2b186020d4bcecd48f17db710176fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

x-request-id: 6df99f45-d22f-4a1c-8f21-47b1e94e7c41
x-transaction-id: c8ee8073-ac9b-4aad-ac85-b4a73e4d59a2
content-encoding: gzip
cf-cache-status: HIT
etag: W/"1371-hB1V+DbTWcUpoj9U9CYrCbOMhzc"
age: 38255
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:09 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b89589efa92-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 268ms
99ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_6u0MmncjsLPdtpY&Version=2&Q_InterceptID=SI_01JDqG39AUPDXfw&Q_ORIGIN=https://slender-half-cirrus.glitch.me&Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BrandTier=&Q_ARCACHEVERSION=21&Q_BRANDDC=iad1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea5c39863c6ec124214ecac0a1e0064514ea0c5f6d2630890f087c49b486e0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

x-request-id: 7265a1bb-2254-4492-bfb4-5b87d0601caa
x-transaction-id: 5f85f396-ac15-4db5-8446-56a0dff67ae5
content-encoding: gzip
cf-cache-status: HIT
etag: W/"624-/DdKwWQrlZzda1cVZmLJuMq2mK8"
age: 38255
x-content-type-options: nosniff
date: Fri, 20 Sep 2024 02:24:09 GMT
edge-control: max-age=604800
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=604800
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
cf-ray: 8c5e5b8958a2fa92-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: *
server: cloudflare

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
240 B 122ms
120ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_6u0MmncjsLPdtpY&Q_SIID=SI_01JDqG39AUPDXfw&Q_ASID=AS_30008237&Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&r=1726799049249

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.14.0&Q_CLIENTTYPE=web&Q_BRANDID=arvest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://slender-half-cirrus.glitch.me/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
trace-id: 88dcb23f484f58fe
access-control-allow-credentials: true
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b8a1942fa92-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
access-control-allow-origin: https://slender-half-cirrus.glitch.me
date: Fri, 20 Sep 2024 02:24:09 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 245 B
530 B 98ms
97ms Image
image/png 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://slender-half-cirrus.glitch.me/

Response headers

cf-bgj: imgq:85,h2pri
servershortname
age: 12793770
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Sun, 23 Apr 2034 00:34:39 GMT
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
date: Fri, 20 Sep 2024 02:24:09 GMT
content-type: image/png
last-modified: Fri, 29 Mar 2024 20:21:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=315360000, public
trace-id: 287b5c6f17f81148
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8c5e5b8a1e056801-SJC
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
content-length: 245
server: cloudflare

POST
H2 204 /
metrics.hotjar.io/ 0
80 B 681ms
214ms Ping
text/plain 54.194.107.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.hotjar.io/?v=6&site_id=2651856
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2651856.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.107.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-107-112.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://slender-half-cirrus.glitch.me/

Response headers

date: Fri, 20 Sep 2024 02:24:10 GMT
access-control-max-age: 86400
access-control-allow-origin: *

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Arvest Bank (Banking)

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
slender-half-cirrus.glitch.me/	1970-01-20 23:40:38	Name: PHPREFS Value: full
.slender-half-cirrus.glitch.me/	1970-01-21 01:49:35	Name: _gcl_au Value: 1.1.416158670.1726799046
.slender-half-cirrus.glitch.me/	1970-01-21 08:25:35	Name: _hjSessionUser_2651856 Value: eyJpZCI6ImI5MDBlMjdmLWMzMjMtNTM4My04ZWE2LTc4OTZkODdjZjljZiIsImNyZWF0ZWQiOjE3MjY3OTkwNDcyMDksImV4aXN0aW5nIjp0cnVlfQ==
.slender-half-cirrus.glitch.me/	1970-01-20 23:40:00	Name: _hjSession_2651856 Value: eyJpZCI6Ijc0YzZlNTFhLTg1MzYtNDdkYy1hMmQ1LTk0NTY3NjU3OGRkYiIsImMiOjE3MjY3OTkwNDcyMTAsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.pardot.com/	1970-01-21 09:15:59	Name: visitor_id967183 Value: 284043348
.pardot.com/	1970-01-21 09:15:59	Name: visitor_id967183-hash Value: 9e482fd03dca52da5630b5208f4e5a652ac33a8a1a4d58dbd5708173fcf3ec8c19552b0bfb7e38e3079e3b57335e9b7dfc443ffb
pi.pardot.com/	1970-01-20 23:40:00	Name: lpv967183 Value: aHR0cHM6Ly9zbGVuZGVyLWhhbGYtY2lycnVzLmdsaXRjaC5tZS8%3D
slender-half-cirrus.glitch.me/	1970-01-21 09:15:59	Name: visitor_id967183 Value: 284043348
slender-half-cirrus.glitch.me/	1970-01-21 09:15:59	Name: visitor_id967183-hash Value: 9e482fd03dca52da5630b5208f4e5a652ac33a8a1a4d58dbd5708173fcf3ec8c19552b0bfb7e38e3079e3b57335e9b7dfc443ffb
customers.arvest.com/	1970-01-21 09:15:59	Name: visitor_id967183 Value: 284043348
customers.arvest.com/	1970-01-21 09:15:59	Name: visitor_id967183-hash Value: 9e482fd03dca52da5630b5208f4e5a652ac33a8a1a4d58dbd5708173fcf3ec8c19552b0bfb7e38e3079e3b57335e9b7dfc443ffb

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	warning	URL: https://slender-half-cirrus.glitch.me/ Message: [DOM] Found 4 elements with non-unique id #IsCommercial: (More info: https://goo.gl/9p2vKq) %o %o %o %o
recommendation	warning	URL: https://slender-half-cirrus.glitch.me/ Message: [DOM] Found 3 elements with non-unique id #aoblogon_persist: (More info: https://goo.gl/9p2vKq) %o %o %o
recommendation	warning	URL: https://slender-half-cirrus.glitch.me/ Message: [DOM] Found 3 elements with non-unique id #aoblogon_submit_2: (More info: https://goo.gl/9p2vKq) %o %o %o
recommendation	warning	URL: https://slender-half-cirrus.glitch.me/ Message: [DOM] Found 6 elements with non-unique id #aoblogon_userid: (More info: https://goo.gl/9p2vKq) %o %o %o %o %o %o
network	error	URL: https://arves.pages.dev/arvest.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
arves.pages.dev
cdn.cookielaw.org
cdnjs.cloudflare.com
cdnstat.net
content.hotjar.io
customers.arvest.com
geolocation.onetrust.com
metrics.hotjar.io
pi.pardot.com
script.hotjar.com
siteintercept.qualtrics.com
slender-half-cirrus.glitch.me
static.hotjar.com
www.google-analytics.com
www.googletagmanager.com
znctstcedc1rc1tnw-arvest.siteintercept.qualtrics.com
104.17.209.240
104.17.24.14
104.21.56.41
13.33.252.127
152.199.4.33
172.66.44.194
18.214.212.197
2001:4860:4802:32::178
2606:4700:4400::6812:2089
2606:4700::6812:572a
2607:f8b0:4006:823::2008
3.162.3.117
3.215.172.219
52.18.11.219
54.194.107.112
01d1a470c25a6f60c6fa9e7de42b0158533a7bf3de3c0d7c2687f5a5a8269377
0c5003fe1a18925d60088c7bbbc13da22054b5de5ffba4ed5971a2cfe5cb376c
1252843b50c568f5a207600688226e7c516d706623b50ab4ad33fe438f25a514
1273fa967e7f8702e444df5a649d3ada3d56bd6f3c26bfec97f926a116e57529
13cdcd37ed238e27c50fac06ba440885e95bbae7a85c8c7447111738f7bdbaaf
15b84c2f3fe0d3b3251f42a4c1ae35670c0f53a546bc1a000ee74dd6f3b63a4d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16eba136a35400f1100a450d2f48d656b67296e74c62521aedcd8fab29c7d4ce
17bd8b07ef5603105ef87297b87ab38d5270455d867c67c6cbf2953d7188445b
1b1852f52af150cc8a56f34dc02793ad80ff6e65d025b107e7a687a3c6c91f61
20da8601280b37880ba8b04bf37c1c50957f671ffb67142bae36258e0c84641b
21ba23bacc45b32c237fac9f813811f1d319877e9cab4d84c71029cb7b49c9df
2ee5b697a7b857ffe13445f6b2ee5ca3f0ab76be6c03b51bc53879648c7bd9a8
3132b69dbeb859635eea70dbdae8557c143d111eeb9a473fb84fe5fac904cc18
39f485ef565c7ced26632fea1c6fb2f67b5c90c49c38fe856ead961258b65682
3ac4db385ce573e1038b4a1a504bac75d82114d03a863bc8e9ef19328304f587
3b3544ef8e0b67d75e2b4f79df4fa1fd6a1324c98d04322dc901248ce012fcf3
3b8fd01969247b640db14518378c4ee2487d6c5d389f613d947abf2e6063d6ce
3c02ca4c1348415617994736e6e3f3313c8275398f749fe793f1e2ce44476c0c
3ffbb276d8124704f5a7e0035b5bb87e4adc7a7e4b322ae2ed476ee37ffa7ffc
41402adfc915ad6dfd6328c06c8038763d25fe603e63beba4a2638a2bbc03136
45b33290a887374b0351ad46d4f1fddc8038b3b805ae11fc1520c732108691a8
4bf5ca21167bd44e7b547a5c908f0cb82a9420f0b4927ff1ded1232446f6f17e
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
518b1169f8e0cdf422adf7bf7d398fd08dba193e891a45d252ab6a17ffe3d27a
5566d8578cf4b69b5523a1d983aa31de64c5e40bc55db1c5551ac01f647ca529
556ffb7b58e14c24a7715b22b7b19e4cd856f483b633ac614e128d997d073062
56023b60759e909c096e9ea4761cfcf56ad4bd5b4da4aa743fe01c235b3af4ce
5ff102f6a6c8c7652f45e31301045421065c77f986101b1e6b6ea3c9d447501a
610c99d9f333e8e356584239f9cbf91592f1c38877fce7d1d1da4bf3aac94e44
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
78916b7e7255abfa5144710ebd8c5624e778991bb4d86bf526abe9106baad9f1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b3886467835fc527fbf40a9972323de5c82f3dd5a325b6b1deb39d4e9f24251
7d48e4cdc332afa2ac66eea1408b7fc4ac19d7aee7535ad7a6beee81b16c29b4
7ee550ee3d665b633759be606abbc0e83029070bf9f585d34efb2d630dc5f575
7f857f665240f78c391083521d6736b87353bba5137e71e08d792a7a8ad827cd
80775d79677fe7cb03b02a6ea8876ae8d9b50f40bf5cc99946c64b5b18d84a79
85c038fb6c185761e9d10744f60187f19c8db6439bd077683f756b87da18a118
88a249614a097dfd513c1599b937d89c8e48bb981bb6a273165dabe58535e33b
8d8f81b3deb15a8d8a4d940347fb3322ca6d49640e7ce14514ccbe07862a1aba
91b0809d8b9dc57eaa09cb0e13c210b24edfaeadb94a8cff0fee02751c1b0b5f
971cbfd037bdfa175bbcc512eb44ef5430b917a88df8b0b0344d85dff95f795e
9ddd9fab5342d91721c67a39aa003a8b6baefc3fa9c35d07ae7c61b62b0e8304
9fb1794640596b6601ece58fae25be2a00d2e71981f55dd2b743d4f45909c5e3
a8eadeb36aa1e752b10866c2a77550395b7517b183871b69180044aebea508f1
af97ce613cb505abdecec61e500b8d8d50dc055cc26a508b29d451455f9f4718
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
b9be58dfbf40a15b63977356d7a343d790e89f241cf28bcb7883da48e2eea19f
baa575ea757c7d27e4c1ec33c28d8af39570e53d85a6cacf8d82de04aff8419a
bd66012b771fe92c7549ffa275254ec23d15e1939c56c224565858d40be98a01
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
bf4a115ca5b0b69d40fc28db6219a21c1873025bbd3cb15da8987a254e88feb4
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3f0c9e9654130e1871f21d7f894ab743e0624588dafa2d25f1961cf39daf85a
c59a3960888d96b3748601b9b77df171bafa3d53289ec4b8b6db3d474e9a39e1
c8ac3861345c28152c466fe5de0bda8cc2b186020d4bcecd48f17db710176fce
ccd10693e75dfc608e745959d5a9cbe7987653ddd7edde560b0590acc7675e91
d236439dd0ef488fe4ae5f8ec3e9cfd8c43506f0505678342787250d441ef22c
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
dd8a7ddac4aba0946b39e14247443a8dec04df75afa7d81e287475481e7c0702
de113b3a951c8f72e2cae5bcb5ce482ffa79b53ac353deae859d9620ef01bd43
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee0c041358b92df0ab4f4ce329abbfa7f2ffe18809c1afa627bf2a7506576a2
e2266eb423ddf014680bf965dfdefc302947c231645f864e7ed3e16e70941d31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7cf593c0726db50aeaeb0f6973332ae8c226f467b28463e5cb225c07a9ad5da
e912efba4dd82b798fb061f872b0016687932d1648098f501dff644a7ad77a35
ea5c39863c6ec124214ecac0a1e0064514ea0c5f6d2630890f087c49b486e0df
ef2e7df9ddcc80d299ce7027a607e7cdb9abef88b7d95a83d6cdaea92981d273
efb9919e780526be341049bb6154d23490c6462583b1ddfa33a4c8daa025dfaa
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f4d067fab799e99b87904f659c692a443efdefb8d5eefcc98fc7db2cd5bd39cb
f9f313b0aac7378a2b6c863515b66905ec21a1c5900dc51b52cce28d7d0009ac
fbd9e72fc8811406de10190f29478f63524a88c6c33ac96017c2f38374787c55
fd0bb8cd67fca59fd6e8383c338aa881b7ecf7b6b4b67d10b294dafc20064fcf

slender-half-cirrus.glitch.me Open in urlscan Pro 18.214.212.197 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

27 %IPv6

14 Domains

17 Subdomains

15 IPs

3 Countries

1235 kBTransfer

3583 kBSize

11 Cookies

100 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

slender-half-cirrus.glitch.me Open in urlscan Pro
18.214.212.197 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

27 %
IPv6

14
Domains

17
Subdomains

15
IPs

3
Countries

1235 kB
Transfer

3583 kB
Size

11
Cookies

77 HTTP transactions
0 data transactions