carpal-separate-grandiflora.glitch.me Open in urlscan Pro
34.202.147.151 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://proyectobancopaz.com/
Effective URL:
https://carpal-separate-grandiflora.glitch.me/
Submission: On April 10 via api (April 10th 2024, 1:12:21 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 34.202.147.151, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is carpal-separate-grandiflora.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time carpal-separate-grandiflora.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	69.61.52.107 69.61.52.107	22653 (GLOBALCOM...) (GLOBALCOMPASS)
1	34.202.147.151 34.202.147.151	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3036::ac43:9a83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:ea28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.130.233 162.159.130.233	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
15	8

2 69.61.52.107 (Atlanta, United States)

ASN22653 (GLOBALCOMPASS, US)
PTR: mail.agamenon.yoursitesecure.net

proyectobancopaz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.147.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-147-151.compute-1.amazonaws.com

carpal-separate-grandiflora.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::ac43:9a83 (United States)

ASN13335 (CLOUDFLARENET, US)

i.hizliresim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea28 (United States)

ASN13335 (CLOUDFLARENET, US)

zonehmirrors.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.130.233 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.discordapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	hizliresim.com i.hizliresim.com — Cisco Umbrella Rank: 87034	3 MB
2	discordapp.com cdn.discordapp.com — Cisco Umbrella Rank: 1936	2 KB
2	proyectobancopaz.com proyectobancopaz.com	53 KB
1	gstatic.com fonts.gstatic.com	12 KB
1	zonehmirrors.org zonehmirrors.org
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 116	713 B
1	glitch.me carpal-separate-grandiflora.glitch.me	3 KB
0	dynamic-linx.com Failed dynamic-linx.com Failed
15	8

	Domain	Requested by
4	i.hizliresim.com	carpal-separate-grandiflora.glitch.me
2	cdn.discordapp.com	carpal-separate-grandiflora.glitch.me
2	proyectobancopaz.com	proyectobancopaz.com
1	fonts.gstatic.com	fonts.googleapis.com
1	zonehmirrors.org	carpal-separate-grandiflora.glitch.me
1	fonts.googleapis.com	carpal-separate-grandiflora.glitch.me
1	carpal-separate-grandiflora.glitch.me
0	dynamic-linx.com Failed	proyectobancopaz.com
15	8

This site contains links to these domains. Also see Links.

Domain
turkhackteam.org

Subject Issuer	Validity	Valid
proyectobancopaz.com cPanel, Inc. Certification Authority	`2024-02-09` - `2024-05-09`	3 months	crt.sh
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
hizliresim.com E1	`2024-03-22` - `2024-06-20`	3 months	crt.sh
zonehmirrors.org E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh
discordapp.com Cloudflare Inc ECC CA-3	`2023-10-20` - `2024-10-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://carpal-separate-grandiflora.glitch.me/
Frame ID: 53E05ABBEF0D750E15D1804E17CDD72E
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hacked By TurkHackTeam | Saldırı Timleri

Page URL History Show full URLs

https://proyectobancopaz.com/ Page URL
https://carpal-separate-grandiflora.glitch.me/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

80 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

3124 kB
Transfer

3309 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://turkhackteam.org/
Title: [ Turkhackteam.org ]

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://proyectobancopaz.com/ Page URL
https://carpal-separate-grandiflora.glitch.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
proyectobancopaz.com/ 34 KB
34 KB 6956ms
4809ms Document
text/html 69.61.52.107
GLOBALCOMPASS

General

Check archive.org

Show headers Download Go to

Full URL: https://proyectobancopaz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.61.52.107 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS: mail.agamenon.yoursitesecure.net
Software: Apache /
Resource Hash: ea0709bdd5dfa19859c62771ea8a94be6ce5db10513ad07e2e58e0c7614bfcf1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 10 Apr 2024 13:12:09 GMT
Keep-Alive: timeout=5, max=100
Link: <https://proyectobancopaz.com/wp-json/>; rel="https://api.w.org/"
Server: Apache
Transfer-Encoding: chunked

GET
BLOB 200
OK 49d08d91-b21f-44f0-81f3-f573631ae250
https://proyectobancopaz.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://proyectobancopaz.com/49d08d91-b21f-44f0-81f3-f573631ae250
Requested by: Host: proyectobancopaz.com
URL: https://proyectobancopaz.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET chx.js
dynamic-linx.com/ 0
0

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
proyectobancopaz.com/wp-includes/js/ 18 KB
19 KB 122ms
122ms Script
text/javascript 69.61.52.107
GLOBALCOMPASS

General

Check archive.org

Show headers Download Go to

Full URL: https://proyectobancopaz.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.2
Requested by: Host: proyectobancopaz.com
URL: https://proyectobancopaz.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 69.61.52.107 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS: mail.agamenon.yoursitesecure.net
Software: Apache /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://proyectobancopaz.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 13:12:14 GMT
Last-Modified: Wed, 03 Apr 2024 05:35:34 GMT
Server: Apache
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18726

GET
H2 200 Primary Request / Show response
carpal-separate-grandiflora.glitch.me/ 3 KB
3 KB 488ms
289ms Document
text/html 34.202.147.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://carpal-separate-grandiflora.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.147.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-147-151.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 19e518079df21fb7185071ca442cabe7d67a642ab22ea9599169cd4e20d6ac89

Request headers

Referer: https://proyectobancopaz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 3093
content-type: text/html; charset=utf-8
date: Wed, 10 Apr 2024 13:12:16 GMT
etag: "d61233f582217f248226682e9a169342"
last-modified: Tue, 09 Apr 2024 05:54:47 GMT
server: AmazonS3
x-amz-id-2: ySBks2Hvr3nYklFVICjgED/fT0yxf7KGas5mPl4XcdsSrPkTzolmFtSw6yl/W0c6toUXto1lvqMC91TxwZVxtQ==
x-amz-request-id: G4YQGN1H0HQK14KZ
x-amz-server-side-encryption: AES256
x-amz-version-id: WPamV8Sw_bR46F2FqDIsuOnVwlJhVlbu

GET favicon.ico
proyectobancopaz.com/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 390 B
713 B 39ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Iceland

Requested by

Host: carpal-separate-grandiflora.glitch.me
URL: https://carpal-separate-grandiflora.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23c9cff9cafee951288574e3aaff57a3696b3b568edca18ca0d798465c4e8073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://carpal-separate-grandiflora.glitch.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Apr 2024 13:12:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 13:12:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Apr 2024 13:12:16 GMT

GET
H3 200 ts88nhq.png
i.hizliresim.com/ 805 KB
806 KB 93ms
43ms Image
image/jpeg 2606:4700:3036::ac43:9a83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.hizliresim.com/ts88nhq.png

Requested by

Host: carpal-separate-grandiflora.glitch.me
URL: https://carpal-separate-grandiflora.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9a83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a5cf48cfee9a2db5aac498592b47e61c999954ed94ddbd4837e585a5f3c7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://carpal-separate-grandiflora.glitch.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 03BE52B4DB9B492D:B
age: 2580764
alt-svc: h3=":443"; ma=86400
content-length: 824726
x-amz-id-2: uKWy1LuO8cEjEhxFkrM/T62AP9QnyVC4qB3/dmp2XNb7hZwu6bU5viG/e7CodxoROglHTu2YJeQ+
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 20:08:51 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1708757181690 38.27.106.103 ConID:186398072/EngineConID:2248345/Core:75
etag: "cea35d66c48275e982d24c0b4d8f60c8"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fKZ1S3UO6U0f5lFUdeYC3oZA37pXzgPkvk%2FizNtY7fDmhDITVG8g58pAIqQBvbo7O%2Bkh%2F42UVx54ona4RBYw1W4x%2F77J%2FhUUCX178Tev5kLCGH0bdy8W6dyvhDKmh2EY%2BYQ0EbZRQVxPV8PGQ0t"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8722fccf6f7502a8-CDG
priority: u=1,i

GET
H3 200 nj7exqr.png
i.hizliresim.com/ 849 KB
850 KB 95ms
46ms Image
image/jpeg 2606:4700:3036::ac43:9a83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.hizliresim.com/nj7exqr.png

Requested by

Host: carpal-separate-grandiflora.glitch.me
URL: https://carpal-separate-grandiflora.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9a83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1efc7e9797703a87cb7845ed92317e8e418cca47506eeda526a43b31ecc5ce55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://carpal-separate-grandiflora.glitch.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0C2BDAF0759010C5:B
age: 548695
alt-svc: h3=":443"; ma=86400
content-length: 869271
x-amz-id-2: 9V4cr2692gzXe39nmnogj1UTUp/H9sqYWOkpL13ozsqcEwWInD/UcEUyi1aWXsU4cPBTKfHshSaa
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 20:36:09 GMT
server: cloudflare
etag: "bc2ccbc37c95c3aa61bcced647337454"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9fecX%2B79svJLGNablZ24gMjdevWaBJTMlvMaes7105s2Ssfoketl1cCMnRCvrUygo06lWMjmK%2FPgnFYcZkCS7lBFmvL%2B3Pe2DlLeaJEZRP%2FEeNKfqwf5jl6%2FxbgqDsqNnP7Ht59oqya96EWHCwd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8722fccf6f7702a8-CDG
priority: u=1,i

GET
H3 200 9l88q6h.png
i.hizliresim.com/ 892 KB
893 KB 78ms
45ms Image
image/jpeg 2606:4700:3036::ac43:9a83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.hizliresim.com/9l88q6h.png

Requested by

Host: carpal-separate-grandiflora.glitch.me
URL: https://carpal-separate-grandiflora.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9a83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69c174d9f176528b8547c3af0acf30409685951da761f6490bf1dd73989573b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://carpal-separate-grandiflora.glitch.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A3C9223237F195A6:B
age: 2580764
alt-svc: h3=":443"; ma=86400
content-length: 913140
x-amz-id-2: Fu/P0P2rgzeZjVfp211udcM1V4YUEZyDPwGvzBsEJ4Pkpdpqd81Ly3WTFvISqpsZsJsitwOb2idz
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 20:36:13 GMT
server: cloudflare
x-wasabi-cm-reference-id: 1708757181686 38.27.106.103 ConID:186398070/EngineConID:2273267/Core:65
etag: "249c8ba2e5878b10b5319db7a1d30df7"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnY6rJ9BcuG7L8b9Oq%2BiHs2mo%2FXVAkVvGmnoYAX%2FABOiKxKHLjGZSqiDm17MhQNMOaEybCLRJkpiaXny%2Fp7I0SJGxlEqCBQZzCsc36QY39G%2Fl7OxIqMb5C0GxNay0CQkjeLIla0i%2BjM3N%2FEC5GpU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8722fccf6f7402a8-CDG
priority: u=1,i

GET
H3 200 jj1jmD.gif
zonehmirrors.org/defaced/2021/01/27/wothoq.co/i.hizliresim.com/ 190 KB
0 1184ms
1136ms Image
image/gif 2606:4700:3038::6815:ea28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zonehmirrors.org/defaced/2021/01/27/wothoq.co/i.hizliresim.com/jj1jmD.gif
Requested by: Host: carpal-separate-grandiflora.glitch.me
URL: https://carpal-separate-grandiflora.glitch.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ea28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://carpal-separate-grandiflora.glitch.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:12:17 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 06 Sep 2018 05:36:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5b90bcd6-6a82a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dV9u5WduMgBOjYaQotgGquBaGH%2BLfVKNo6ZxdGkKxndvjcfIrKhFsqskIAKY%2FNC0fV86m5JZsxyFBElgxlYt0gMqXkX5%2Fth%2BvpqCZYzDnZaLl1zWBIPFdjlCVehSmb41W8K8HL7saCuAIZATh5V"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8722fccf7ea21c73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 436266
expires: Thu, 11 Apr 2024 13:12:16 GMT

GET
H3 200 4e18ief.png
i.hizliresim.com/ 505 KB
506 KB 61ms
28ms Image
image/jpeg 2606:4700:3036::ac43:9a83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.hizliresim.com/4e18ief.png

Requested by

Host: carpal-separate-grandiflora.glitch.me
URL: https://carpal-separate-grandiflora.glitch.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:9a83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c13ec2270f1424ca8b655bba13ad71a224878b4b9e141468594ad261d1c279f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://carpal-separate-grandiflora.glitch.me/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 62F9B77B3D2E918B:B
age: 2566500
alt-svc: h3=":443"; ma=86400
content-length: 516779
x-amz-id-2: bhE0fhOnR5pF7jXy1t+SrPqv5sG18W529oQ7dHi4ldvEkkjBpWwu6ePTIMwiyBQ89z5D2RApfwRF
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 21 May 2023 20:13:28 GMT
server: cloudflare
etag: "5076e8162965e82fa0ce3ebcc8d3232f"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LE3B7I5nD1kMFDywcYIPI%2Fl6cVBXFVyc%2FBE%2FYPdAToS3k8fqDtTdsXe5NoFpWOyqt%2Fz4pfmS2CsL18q3EjNHF7tAl%2FWphldmC%2BXCMv%2BYCgrKtfNMY70LBVv9TFbMs5%2Bxet4pY%2Foo2%2FTAAQ23kXf%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8722fccf6f7202a8-CDG
priority: u=1,i

GET
H3 404 mt-hani-gokboru-beat.mp3
cdn.discordapp.com/attachments/1025874740847575164/1025875083190874212/ 36 B
848 B 38ms
22ms Media
text/plain 162.159.130.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.discordapp.com/attachments/1025874740847575164/1025875083190874212/mt-hani-gokboru-beat.mp3
Requested by: Host: carpal-separate-grandiflora.glitch.me
URL: https://carpal-separate-grandiflora.glitch.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://carpal-separate-grandiflora.glitch.me/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:12:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2UN5sNNNun3JIVBcWWHuNoF5nZXuhfVqu6%2F2vdTbjTwybN7dTVygetk4ptDz4zLI1JtDJP6HbssWrQMvQ2viKxWq970%2F%2BGRfFfM4EB3W1e240%2FzAdb3d77%2FzeO%2FxDqdDNvxdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8722fccf5b38973f-FRA
content-length: 36
alt-svc: h3=":443"; ma=86400

GET
H3 404 mt-hani-gokboru-beat.mp3
cdn.discordapp.com/attachments/1025874740847575164/1025875083190874212/ 36 B
812 B 19ms
19ms Media
text/plain 162.159.130.233
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.discordapp.com/attachments/1025874740847575164/1025875083190874212/mt-hani-gokboru-beat.mp3
Requested by: Host: carpal-separate-grandiflora.glitch.me
URL: https://carpal-separate-grandiflora.glitch.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://carpal-separate-grandiflora.glitch.me/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 13:12:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwnyHJ1ZCBzOB5AcILm%2BxlCMri5d4knUumMR%2F87SJImU%2FvRLg%2BCQkJ6EgPbAVQGWT33Epnytg%2Bj1HqvZip66eYNUavQBLJoX1dqUDDLy3zdu7Ad0bJKslZstmYqMi9c4%2BE8HLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray: 8722fccf5b3f973f-FRA
content-length: 36
alt-svc: h3=":443"; ma=86400

GET
H2 200 rax9HiuFsdMNOnWPaKtMAQ.woff2
fonts.gstatic.com/s/iceland/v20/ 11 KB
12 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/iceland/v20/rax9HiuFsdMNOnWPaKtMAQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Iceland

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07a894337a83ac4df03d593c8fe94197a4e73f8b27c10229fd00d816d58e1c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://carpal-separate-grandiflora.glitch.me
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 20:26:28 GMT
x-content-type-options: nosniff
age: 146748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11576
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:22:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 20:26:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dynamic-linx.com
URL: https://dynamic-linx.com/chx.js

Domain: proyectobancopaz.com
URL: https://proyectobancopaz.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| x function| playAudio

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.discordapp.com/	1970-01-20 19:45:56	Name: __cf_bm Value: Q36mUGeNkKAVeunJmZLzyt2sBWDvnYzhYN0qGKJ_.eY-1712754736-1.0.1.1-UG9BUmS0.jE.KBLFne1GGAdzb0iCfb5AUzTR763j8PmYN2KwAE75nPjx0xIioXqyAr9cfjLrTjrFsjizVNbyiQ
			.discordapp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: t_xFp1RJ1Lu5lOI1yp8dPmUpR5S0Qx0SZeWHVhcK7jw-1712754736548-0.0.1.1-604800000

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://carpal-separate-grandiflora.glitch.me/ Message: Mixed Content: The page at 'https://carpal-separate-grandiflora.glitch.me/' was loaded over HTTPS, but requested an insecure element 'http://zonehmirrors.org/defaced/2021/01/27/wothoq.co/i.hizliresim.com/jj1jmD.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://carpal-separate-grandiflora.glitch.me/ Message: Mixed Content: The page at 'https://carpal-separate-grandiflora.glitch.me/' was loaded over HTTPS, but requested an insecure element 'http://zonehmirrors.org/defaced/2021/01/27/wothoq.co/i.hizliresim.com/jj1jmD.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://carpal-separate-grandiflora.glitch.me/(Line 57) Message: Mixed Content: The page at 'https://carpal-separate-grandiflora.glitch.me/' was loaded over HTTPS, but requested an insecure element 'http://zonehmirrors.org/defaced/2021/01/27/wothoq.co/i.hizliresim.com/jj1jmD.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://carpal-separate-grandiflora.glitch.me/(Line 57) Message: Mixed Content: The page at 'https://carpal-separate-grandiflora.glitch.me/' was loaded over HTTPS, but requested an insecure element 'http://zonehmirrors.org/defaced/2021/01/27/wothoq.co/i.hizliresim.com/jj1jmD.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://carpal-separate-grandiflora.glitch.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://carpal-separate-grandiflora.glitch.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cdn.discordapp.com/attachments/1025874740847575164/1025875083190874212/mt-hani-gokboru-beat.mp3 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://carpal-separate-grandiflora.glitch.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://carpal-separate-grandiflora.glitch.me/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cdn.discordapp.com/attachments/1025874740847575164/1025875083190874212/mt-hani-gokboru-beat.mp3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carpal-separate-grandiflora.glitch.me
cdn.discordapp.com
dynamic-linx.com
fonts.googleapis.com
fonts.gstatic.com
i.hizliresim.com
proyectobancopaz.com
zonehmirrors.org
dynamic-linx.com
proyectobancopaz.com
162.159.130.233
2606:4700:3036::ac43:9a83
2606:4700:3038::6815:ea28
2a00:1450:4001:81d::200a
2a00:1450:4001:829::2003
34.202.147.151
69.61.52.107
19e518079df21fb7185071ca442cabe7d67a642ab22ea9599169cd4e20d6ac89
1efc7e9797703a87cb7845ed92317e8e418cca47506eeda526a43b31ecc5ce55
23c9cff9cafee951288574e3aaff57a3696b3b568edca18ca0d798465c4e8073
2c13ec2270f1424ca8b655bba13ad71a224878b4b9e141468594ad261d1c279f
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
69c174d9f176528b8547c3af0acf30409685951da761f6490bf1dd73989573b1
b9a5cf48cfee9a2db5aac498592b47e61c999954ed94ddbd4837e585a5f3c7c0
c3fa59901d56ce8a95a303b22fd119cb94abf4f43c4f6d60a81fd78b7d00fa65
d07a894337a83ac4df03d593c8fe94197a4e73f8b27c10229fd00d816d58e1c6
ea0709bdd5dfa19859c62771ea8a94be6ce5db10513ad07e2e58e0c7614bfcf1

carpal-separate-grandiflora.glitch.me Open in urlscan Pro 34.202.147.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

80 %HTTPS

57 %IPv6

8 Domains

8 Subdomains

8 IPs

3 Countries

3124 kBTransfer

3309 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

10 Console Messages

Indicators

carpal-separate-grandiflora.glitch.me Open in urlscan Pro
34.202.147.151 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

3124 kB
Transfer

3309 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions