urlscan.io logo urlscan.io
SecurityTrails logo

bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
2602:fea2:2::2  Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
Submitted URL: http://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/ 3yr old
Effective URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/ 3yr old
Submission: On February 17 via api from RU — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 35 HTTP transactions. The main IP is 2602:fea2:2::2, located in United States and belongs to PROTOCOL - Protocol Labs, US. The main domain is bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link. 3yr old
TLS certificate: Issued by E7 on January 25th 2026. Valid for: 3mo.
This is the only time bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
3 2602:fea2:2::2 40680 (PROTOCOL)
2 208.89.12.87 11054 (LIVEPERSON)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a04:4e42::571 54113 (FASTLY)
2 178.249.97.23 11054 (LIVEPERSON)
3 178.249.97.99 11054 (LIVEPERSON)
2 34.120.154.120 396982 (GOOGLE-CL...)
35 8
3    2602:fea2:2::2 (United States)

ASN40680 (PROTOCOL - Protocol Labs, US)
bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link 3yr old
2    208.89.12.87 (United States)

ASN11054 (LIVEPERSON - LivePerson, Inc., US)
PTR: va.v.liveperson.net
va.v.liveperson.net 13yr old
1    2a00:1450:4001:80c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com 56yr old
4    2a04:4e42::571 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)
grateful-summer-afterthought.glitch.me 3yr old
2    178.249.97.23 (United States)

ASN11054 (LIVEPERSON - LivePerson, Inc., US)
lptag.liveperson.net 13yr old
3    178.249.97.99 (United States)

ASN11054 (LIVEPERSON - LivePerson, Inc., US)
PTR: lo-accdn.lpsnmedia.net
accdn.lpsnmedia.net 12yr old
2    34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 120.154.120.34.bc.googleusercontent.com
lpcdn.lpsnmedia.net 12yr old
Apex Domain
Subdomains		 Transfer
5 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 5701 12yr old
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 6054 12yr old
39 KB
4 liveperson.net
va.v.liveperson.net — Cisco Umbrella Rank: 7750 13yr old
lptag.liveperson.net — Cisco Umbrella Rank: 5287 13yr old
137 KB
4 glitch.me
grateful-summer-afterthought.glitch.me Failed 3yr old
895 KB
3 dweb.link
bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link 3yr old
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45 56yr old
811 B
0 metamask.io Failed
metamask.io Failed 11yr old
35 6
Domain Requested by
4 grateful-summer-afterthought.glitch.me bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
3 accdn.lpsnmedia.net lptag.liveperson.net
lpcdn.lpsnmedia.net
3 bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
2 lpcdn.lpsnmedia.net lptag.liveperson.net
2 lptag.liveperson.net bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
2 va.v.liveperson.net bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
lptag.liveperson.net
1 fonts.googleapis.com bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
0 metamask.io Failed
35 8
Subject Issuer Validity Valid
dweb.link
E7		 2026-01-25 -
2026-04-25		 3mo crt.sh
*.v.liveperson.net
Sectigo Public Server Authentication CA OV R36		 2025-06-10 -
2026-06-10		 1yr crt.sh
upload.video.google.com
WE2		 2026-01-26 -
2026-04-20		 3mo crt.sh
*.glitch.me
Certainly Intermediate R1		 2026-02-05 -
2026-03-07		 1mo crt.sh
*.liveperson.net
Sectigo Public Server Authentication CA OV R36		 2025-07-08 -
2026-07-08		 1yr crt.sh
*.lpsnmedia.net
Sectigo Public Server Authentication CA OV R36		 2025-08-12 -
2026-08-12		 1yr crt.sh

This page contains 6 frames:

Primary Page: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Frame ID: F4D77E2586CB672C81594CA18F07F7F6
Requests: 29 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource.html
Frame ID: 07C86E90EF0FC8B268454EC683151773
Requests: 2 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/anchor.html
Frame ID: 0614EB5274C682C2DA7E3E98E7B3310E
Requests: 2 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Frame ID: 6DA954808D0A950CEAEB7F4624A73771
Requests: 2 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/bframe.html
Frame ID: 5AFB9D544A50F7E225F6DF649BB97379
Requests: 2 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.35.1-release_2093334307/storage.secure.min.html?loc=https%3A%2F%2Fbafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link&site=88982875&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net&isFetchEnabled=true
Frame ID: 7A2B161C3F169F0A7C35E81782E371A7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MetaMask - A crypto wallet & gateway to blockchain apps

Page URL History Show full URLs

  1. http://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/ HTTP 307
    https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.(?:liveperson|contactatonce)?\.(?:com|net|co\.uk)/

Page Statistics

35
Requests

49 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1085 kB
Transfer

2071 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/ HTTP 307
    https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Redirect Chain
  • http://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
  • https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
20 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2602:fea2:2::2 , United States, ASN40680 (PROTOCOL - Protocol Labs, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da407cccde5ba43a0dc781c466e954b44e6ff48aab11eb34aa789356f73572cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type Range User-Agent X-Requested-With
access-control-allow-methods
GET HEAD OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=29030400, immutable
cf-cache-status
HIT
cf-ray
9cf11545ba54a9d3-ARN
content-encoding
br
content-type
text/html
date
Tue, 17 Feb 2026 00:14:10 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
x-ipfs-path
/ipfs/bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy/
x-ipfs-pop
rainbow-rbx-16-102
x-ipfs-roots
bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy
x-robots-tag
noindex, nofollow

Redirect headers

Location
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Non-Authoritative-Reason
HttpsUpgrades
normalize.css
grateful-summer-afterthought.glitch.me/ 		0
0
webflow.css
grateful-summer-afterthought.glitch.me/ 		0
0
metamask-staging-2.webflow.css
grateful-summer-afterthought.glitch.me/ 		0
0
plx.chock.js
bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/meta/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/meta/plx.chock.js
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2602:fea2:2::2 , United States, ASN40680 (PROTOCOL - Protocol Labs, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

x-robots-tag
noindex, nofollow
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cf-cache-status
MISS
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Feb 2026 00:14:39 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
priority
u=1,i=?0
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
x-ipfs-pop
rainbow-am6-06
cf-ray
9cf11546bb3fa9d3-ARN
access-control-allow-origin
*
content-length
202
server
cloudflare
recaptcha__nl.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
analytics.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
webfont.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
css
grateful-summer-afterthought.glitch.me/ 		0
0
js
grateful-summer-afterthought.glitch.me/ 		0
0
tag.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
enterprise.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
jsonp
grateful-summer-afterthought.glitch.me/ 		0
0
88982875
va.v.liveperson.net/api/js/ 		111 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/88982875?sid=oH2Qhzs8QzCWPk58eMieCA&cb=lpCb50195x86975&t=ip&ts=1639498872221&pid=8378416840&tid=120975428&vid=E1ZmVlMDY2Mjk2ZDhiZDg5
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
beeac2532ab7e7ed250c25fcab390c8114a5f010bce47f8a0c39da47bcef5b2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Tue, 17 Feb 2026 00:14:11 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
icon
fonts.googleapis.com/ 		569 B
811 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1450:4001:80c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e8c6cdaa1c533d3f67707d78451c5ed9541f77c70a8fc79b0ca6f235263bef7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 17 Feb 2026 00:14:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Feb 2026 00:14:11 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 17 Feb 2026 00:14:11 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
mm-logo.svg
grateful-summer-afterthought.glitch.me/ 		0
0
wpp.gif
bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/meta/ 		202 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/meta/wpp.gif
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2602:fea2:2::2 , United States, ASN40680 (PROTOCOL - Protocol Labs, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beaa386d5c976b930f9ab3d1d894a88400f842ca078256df5a7e47352a335428
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

x-robots-tag
noindex, nofollow
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cf-cache-status
MISS
access-control-allow-methods
GET, HEAD, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 17 Feb 2026 00:14:41 GMT
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
priority
u=3,i
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
x-ipfs-pop
rainbow-am6-06
cf-ray
9cf115546b28a9d3-ARN
access-control-allow-origin
*
content-length
202
server
cloudflare
v2.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
jquery-3.5.1.min.dc5e7f18c8.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
webflow.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
storage.secure.min.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
saved_resource.html
grateful-summer-afterthought.glitch.me/ Frame 07C8 		223 KB
224 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/saved_resource.html
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::571 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
Varnish /
Resource Hash
92293a66ea98b48bfbc0abdc4fb72212be20ba8087073fa18bf2dc127b06bca2

Request headers

Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
228794
content-type
text/html
date
Tue, 17 Feb 2026 00:14:39 GMT
refresh
30; url=https://blog.glitch.com/post/changes-are-coming-to-glitch
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-qap-vomm4700028-QAP
x-timer
S1771287280.541361,VS0,VE1
anchor.html
grateful-summer-afterthought.glitch.me/ Frame 0614 		223 KB
224 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/anchor.html
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::571 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
Varnish /
Resource Hash
92293a66ea98b48bfbc0abdc4fb72212be20ba8087073fa18bf2dc127b06bca2

Request headers

Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
228794
content-type
text/html
date
Tue, 17 Feb 2026 00:14:39 GMT
refresh
30; url=https://blog.glitch.com/post/changes-are-coming-to-glitch
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-qap-vomm4700028-QAP
x-timer
S1771287280.541020,VS0,VE1
saved_resource(1).html
grateful-summer-afterthought.glitch.me/ Frame 6DA9 		223 KB
224 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::571 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
Varnish /
Resource Hash
92293a66ea98b48bfbc0abdc4fb72212be20ba8087073fa18bf2dc127b06bca2

Request headers

Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
228794
content-type
text/html
date
Tue, 17 Feb 2026 00:14:39 GMT
refresh
30; url=https://blog.glitch.com/post/changes-are-coming-to-glitch
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-qap-vomm4700028-QAP
x-timer
S1771287280.541368,VS0,VE0
mm-logo.svg
grateful-summer-afterthought.glitch.me/ 		0
0
bframe.html
grateful-summer-afterthought.glitch.me/ Frame 5AFB 		223 KB
224 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/bframe.html
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::571 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
Varnish /
Resource Hash
92293a66ea98b48bfbc0abdc4fb72212be20ba8087073fa18bf2dc127b06bca2

Request headers

Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
228794
content-type
text/html
date
Tue, 17 Feb 2026 00:14:39 GMT
refresh
30; url=https://blog.glitch.com/post/changes-are-coming-to-glitch
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-qap-vomm4700028-QAP
x-timer
S1771287280.541344,VS0,VE1
tag.js
lptag.liveperson.net/tag/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=88982875
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
Software
ws /
Resource Hash
93daacf37dacdf214c0bddbdf08c42b835989cde862262c487ec4b4654b2bc21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
content-encoding
gzip
etag
"674f3972-26dd"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
content-length
9949
date
Tue, 17 Feb 2026 00:14:39 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 17:01:38 GMT
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
.jsonp
lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/ 		354 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
Software
ws /
Resource Hash
7f0371ab062d075b47de010591c8b86e061b7ab8aed55c36f65ef38c28724238
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

x-cache-status
MISS
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public, max-age=630
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
date
Tue, 17 Feb 2026 00:14:39 GMT
content-type
application/x-javascript;charset=UTF-8
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
accountproperties
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties?__d=61939
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/tag/tag.js?site=88982875
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
f89864e4790b1845c134cbe44e6bb85173fd96fe69ed79ca96cc510f71cce69a
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Tue, 17 Feb 2026 00:15:39 GMT
access-control-allow-origin
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
date
Tue, 17 Feb 2026 00:14:39 GMT
content-type
application/json
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
zones
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&__d=94939
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/tag/tag.js?site=88982875
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
250f64a251f8f50d43d722041abf9f72bde2a46ccb8428128d7e03acf17e943c
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

x-cache-status
EXPIRED
strict-transport-security
max-age=99999999999; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
expires
Tue, 17 Feb 2026 00:15:39 GMT
access-control-allow-origin
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link
date
Tue, 17 Feb 2026 00:14:39 GMT
content-type
application/json
vary
Accept
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.35.1-release_2093334307/ Frame 7A2B 		51 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.35.1-release_2093334307/storage.secure.min.html?loc=https%3A%2F%2Fbafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link&site=88982875&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net&isFetchEnabled=true
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1df6aa7b400b9170a47ab91cb5aae29c90a216952bb2927f1c35768bff919a63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2867
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
16924
content-type
text/html
date
Mon, 16 Feb 2026 23:26:52 GMT
last-modified
Fri, 31 Oct 2025 01:10:16 GMT
server
UploadServer
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-goog-generation
1761873016010420
x-goog-hash
crc32c=WB2t6A== md5=K+AyKgxoWw9+1cCEex6P/g==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
52255
x-guploader-uploadid
AGQBYWxoAaNNuuN8xjitTYe4PqXs3x0HAyKx9EoWl01YWvJLDgn4dcZG6IdVEkfk2Lvl5B7b
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.35.1-release_2093334307/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.35.1-release_2093334307/storage.secure.min.js?loc=https%3A%2F%2Fbafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link&site=88982875&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net&isFetchEnabled=true
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
120.154.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1ce76ee69ae1b132d2feff61b0fdacc1fb6710cc7862175dc56b6f3fab5873d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

x-goog-metageneration
1
access-control-expose-headers
X-Requested-With,X-HTTP-Method-Override,LP-DOMAIN-REFERER,LP-URL,ETag,ac-revision,X-LP-Last-Modified,If-Match,Authentication-Method,Credit-Card-Ref,Automation-Secret,Email-Token,x-lp-host,Lp-Req-Time,date,x-application-context,strict-transport-security,x-content-type-options,x-download-options,x-xss-protection,x-cache-status,x-amz-id-2,x-amz-request-id,expires,last-modified,set-cookie,content-security-policy,x-frame-options
x-goog-hash
crc32c=vhea3w==, md5=fvMmASdyqONTiQ6J2b2r/w==
content-encoding
br
age
116
x-content-type-options
nosniff
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
48239
date
Tue, 17 Feb 2026 00:12:43 GMT
last-modified
Fri, 31 Oct 2025 01:10:16 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AGQBYWw1zRtyLqfHXvV4HXMx7ExJxjHm4JdegXrunlJ8X5ul243WspFEHF2TOWnuplhCWOEN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public,max-age=31536000
timing-allow-origin
https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
x-goog-storage-class
MULTI_REGIONAL
access-control-allow-credentials
true
via
1.1 google
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1761873016010820
content-length
15819
server
UploadServer
refererrestrictions
accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/ Frame 7A2B 		95 B
939 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?__d=1413
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.35.1-release_2093334307/storage.secure.min.html?loc=https%3A%2F%2Fbafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link&site=88982875&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net&isFetchEnabled=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
53c6332fea37ec47255ef937c39b710eb2d1bf3b9974be384d557d0b18954634
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://lpcdn.lpsnmedia.net/

Response headers

x-cache-status
MISS
strict-transport-security
max-age=99999999999; includeSubDomains
cache-control
no-store
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
x-content-type-options
nosniff
access-control-allow-origin
https://lpcdn.lpsnmedia.net
content-length
95
date
Tue, 17 Feb 2026 00:14:40 GMT
content-type
application/json
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
truncated
/ Frame 0614 		166 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 6DA9 		166 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 07C8 		166 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 5AFB 		166 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
88982875
va.v.liveperson.net/api/js/ 		146 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/88982875?&cb=lpCb50956x77549&t=sp&ts=1771287280647&pid=4874972450&tid=3720169041&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fbafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link%2F&df=0&os=2&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
69d7324c83bdc6965ba4201c11201d28d3e0ced058dbc5fac1b507424ba55af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
Referer
https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH
date
Tue, 17 Feb 2026 00:14:40 GMT
content-type
application/javascript
server
ws
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
favicon.png
metamask.io/images/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/normalize.css
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/webflow.css
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/analytics.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/webfont.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/css
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/js
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/tag.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/enterprise.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/jsonp
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/mm-logo.svg
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/v2.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/webflow.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/storage.secure.min.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/mm-logo.svg
Domain
metamask.io
URL
https://metamask.io/images/favicon.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

28 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| crashReport string| h object| a object| j function| m object| k number| f string| c string| b function| n function| countdown number| timeLeft function| gtag object| dataLayer object| lpTag function| _typeof function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive object| lpTaglogListeners object| lpMTagConfig

2 Cookies

Domain/Path Name / Value
bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/ Name: __cflb
Value: 02DiuFVSwQQ6ovMcYNTbF9tSgmRwQDhay1n9wXnQbYLSQ
bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/ Name: LPVID
Value: EwZmY3ODEwZmZmNmY1NDAx

20 Console Messages

Source Level URL
Text
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://grateful-summer-afterthought.glitch.me/webfont.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://grateful-summer-afterthought.glitch.me/tag.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://grateful-summer-afterthought.glitch.me/enterprise.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://grateful-summer-afterthought.glitch.me/jsonp, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://va.v.liveperson.net/api/js/88982875?sid=oH2Qhzs8QzCWPk58eMieCA&cb=lpCb50195x86975&t=ip&ts=1639498872221&pid=8378416840&tid=120975428&vid=E1ZmVlMDY2Mjk2ZDhiZDg5, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://grateful-summer-afterthought.glitch.me/v2.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://grateful-summer-afterthought.glitch.me/webflow.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://grateful-summer-afterthought.glitch.me/storage.secure.min.js.download, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
Access to script at 'https://grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download' from origin 'https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
Access to script at 'https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download' from origin 'https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/meta/plx.chock.js
Message:
Failed to load resource: the server responded with a status of 504 ()
security error URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/
Message:
Refused to execute script from 'https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/meta/plx.chock.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://grateful-summer-afterthought.glitch.me/anchor.html
Message:
Failed to load resource: the server responded with a status of 410 ()
network error URL: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Message:
Failed to load resource: the server responded with a status of 410 ()
network error URL: https://grateful-summer-afterthought.glitch.me/saved_resource.html
Message:
Failed to load resource: the server responded with a status of 410 ()
network error URL: https://grateful-summer-afterthought.glitch.me/bframe.html
Message:
Failed to load resource: the server responded with a status of 410 ()
network error URL: https://bafybeiee4i3fihjndrotfxxqgxx43bvgvnnuujednrwn7756dykvsh37iy.ipfs.dweb.link/meta/wpp.gif
Message:
Failed to load resource: the server responded with a status of 504 ()