urlscan.io logo urlscan.io
SecurityTrails logo

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Effective URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Submission: On July 18 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 76 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link.
TLS certificate: Issued by R3 on June 11th 2023. Valid for: 3 months.
This is the only time bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
3 2602:fea2:2::1 40680 (PROTOCOL)
28 44.198.62.156 14618 (AMAZON-AES)
3 208.89.12.87 11054 (LIVEPERSON)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
2 178.249.97.23 11054 (LIVEPERSON)
7 2a00:1450:400... 15169 (GOOGLE)
3 178.249.97.99 11054 (LIVEPERSON)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.249.97.98 11054 (LIVEPERSON)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
76 13
3    2602:fea2:2::1 (United States)

ASN40680 (PROTOCOL, US)
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
28    44.198.62.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-62-156.compute-1.amazonaws.com
grateful-summer-afterthought.glitch.me
3    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
7    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net
accdn.lpsnmedia.net
1    2606:4700::6811:d3f3 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
2    178.249.97.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net
lpcdn.lpsnmedia.net
6    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)
perf.hsforms.com
Apex Domain
Subdomains		 Transfer
28 glitch.me
grateful-summer-afterthought.glitch.me
3 MB
19 gstatic.com
www.gstatic.com
fonts.gstatic.com
665 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 10
87 KB
5 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 3176
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3291
38 KB
5 liveperson.net
va.v.liveperson.net — Cisco Umbrella Rank: 3721
lptag.liveperson.net — Cisco Umbrella Rank: 3274
127 KB
3 dweb.link
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
6 KB
2 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4527
perf.hsforms.com — Cisco Umbrella Rank: 13478
4 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
1 KB
0 doggybars.shop Failed
doggybars.shop Failed
76 9
Domain Requested by
28 grateful-summer-afterthought.glitch.me bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
grateful-summer-afterthought.glitch.me
12 www.gstatic.com grateful-summer-afterthought.glitch.me
www.google.com
www.gstatic.com
7 fonts.gstatic.com fonts.googleapis.com
grateful-summer-afterthought.glitch.me
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
6 www.google.com grateful-summer-afterthought.glitch.me
www.gstatic.com
www.google.com
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
3 accdn.lpsnmedia.net lptag.liveperson.net
lpcdn.lpsnmedia.net
3 va.v.liveperson.net bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
lptag.liveperson.net
3 bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
2 lpcdn.lpsnmedia.net lptag.liveperson.net
2 lptag.liveperson.net bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
2 fonts.googleapis.com bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
grateful-summer-afterthought.glitch.me
1 perf.hsforms.com bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
1 forms.hsforms.com grateful-summer-afterthought.glitch.me
0 doggybars.shop Failed grateful-summer-afterthought.glitch.me
76 13
Subject Issuer Validity Valid
dweb.link
R3		 2023-06-11 -
2023-09-09		 3 months crt.sh
glitch.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-02-01		 a year crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-01-10 -
2024-01-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-02-07 -
2024-02-07		 a year crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA		 2023-01-09 -
2024-01-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-18 -
2024-05-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Frame ID: F000BFD60159F3F7EA62FE6F83433491
Requests: 42 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource.html
Frame ID: EC6689F95A14670760AD8F30581EBE5A
Requests: 2 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/anchor.html
Frame ID: E11B023034E8D3E60143994F1E7A361E
Requests: 3 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Frame ID: A9BF6E03D7DC9D24DB23ACE16768CF00
Requests: 2 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link&site=88982875&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: 9478795F34967D003F7E79456B4394E3
Requests: 2 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/bframe.html
Frame ID: BF7C4D15B277E56E8BC88047D5EE6609
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&badge=inline&cb=s6u13bvi124x
Frame ID: 0A9A4C51D795F291CF64CF0F48214239
Requests: 4 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/shell-recaptcha.html
Frame ID: 6304A8740A02CFFC159F54968AF6CCEA
Requests: 1 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource(3).html
Frame ID: BAFE2912DD81AAB795DB9F85FD75FA65
Requests: 1 HTTP requests in this frame

Frame: https://grateful-summer-afterthought.glitch.me/saved_resource(4).html
Frame ID: 6DAC1AC7CAD17C2F5BCB98BC830A97EB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: E8859289128D5EB40B38AF90C90F2164
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MetaMask - A crypto wallet & gateway to blockchain apps

Page URL History Show full URLs

  1. http://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ HTTP 307
    https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

92 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

13
IPs

2
Countries

4246 kB
Transfer

5391 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ HTTP 307
    https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Redirect Chain
  • http://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
  • https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
0cb2917cdba802763b4a2d230fc44976d1a24b2078a22b1b631f9d314c9c4b35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods
GET GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
content-encoding
gzip
content-type
text/html
date
Tue, 18 Jul 2023 04:16:49 GMT
etag
W/"bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla"
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-ipfs-gateway-host
ipfs-bank16-fr2
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-path
/ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/
x-ipfs-pop
ipfs-bank16-fr2
x-ipfs-roots
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla
x-proxy-cache
HIT

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Non-Authoritative-Reason
HSTS
normalize.css
grateful-summer-afterthought.glitch.me/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/normalize.css
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
lRIb.9Ai.Q_1gSCyb7KEKsAU5Jh6SbdK
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKY1PT64DRX7BV7
etag
"4951cc88307c632cf285d3ba988ab283"
x-amz-server-side-encryption
AES256
content-type
text/css; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
7772
x-amz-id-2
1015I0rV5Aa1t2whsOMQ/jSGkjD8RfPCIb0Hlo7bCTLIvmSf8UKt8RxuXKnwnxvB/kXVettNcgo=
webflow.css
grateful-summer-afterthought.glitch.me/ 		38 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/webflow.css
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
IKm3rXAhPmTb2ZzDFpRV6WretrurJnlO
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKHPTKXKNFXNJHG
etag
"13fc860cb6eddbf469d986e1a6b6480b"
x-amz-server-side-encryption
AES256
content-type
text/css; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
39109
x-amz-id-2
6y6GrooiTYZwIhUPvCaXWne/wgd7VrCN142q/3QZ4fj7bWYU09fLoohaassGe01rs7+1efScOLI=
metamask-staging-2.webflow.css
grateful-summer-afterthought.glitch.me/ 		139 KB
139 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c9d35e1cd1c788900451f6b5011bfb3068bd65afcaca9a3469aa570a863ec074

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
0SeDSREsKhClJj6Cr1YC7rIRlKFhBmu2
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKXXNKTC8WY2ARZ
etag
"1aed8830738b6a1e846ca6af968e7917"
x-amz-server-side-encryption
AES256
content-type
text/css; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
142039
x-amz-id-2
neBTnmwGPdibZVqLrBU7TZjbuFpWbzDyh+zzPZSiJb+Xq32i8/YyWQO4RSh10Evjp9etF2nH3ZM=
plx.chock.js
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/plx.chock.js
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-ipfs-pop
ipfs-bank5-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank2-fr2
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
content-length
190
recaptcha__nl.js.download
grateful-summer-afterthought.glitch.me/ 		0
0
analytics.js.download
grateful-summer-afterthought.glitch.me/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/analytics.js.download
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
fnDbzaWoSUFZhp.d.SFTonhvVAUe0WWs
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKGZT8815SMD0FZ
etag
"fda30e8a22c9bcd954fd8d0fadd0e77c"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
50230
x-amz-id-2
LSxlDeSNBG/XrdeTsqKLu9452mYpT6yTxwrnTSr2eVEJruPEjRJqmcwMhn2i0m2pp2Hs8rARCJg=
webfont.js.download
grateful-summer-afterthought.glitch.me/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/webfont.js.download
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
zZeneothoNs_FHdVr7PQGcc8rSlNCeIP
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKWD7ZJ33GHFQ72
etag
"7c96a5f11d9741541d5e3c42ff6380d7"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
13188
x-amz-id-2
Wc9q+USdynrCQW0pFQP4mBsn6tfrPL1DyMsuWE5UFkTurmf7IdIh5zaecjI0Uv5gt7gjQUWlWKs9RDzH2d6fkIEhz+A7ap7f
css
grateful-summer-afterthought.glitch.me/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/css
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
js
grateful-summer-afterthought.glitch.me/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/js
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
tag.js.download
grateful-summer-afterthought.glitch.me/ 		21 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/tag.js.download
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
IiG_70hXTnQoFvKU5bnD8tzU2geJfX4Q
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKSTAJQF66XJAZC
etag
"e2ee8a9cd68c3d310a4c62fdb4b5c93a"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
21652
x-amz-id-2
63NSpRTjoM9LC7ra1yr633+zB6orUXGfkPOZ3PCODSPQ5XW/RoLanXcB8Yw9iWYvUqbjXIg9fvb7q3E/no4/7KGshd5GDDl10hwH/+1EGIo=
enterprise.js.download
grateful-summer-afterthought.glitch.me/ 		1008 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/enterprise.js.download
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
oeQJXDpj.._WoqiQBQwhga8pFx.WAP3C
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKW070HRHRCHN2K
etag
"d07e7630bc23cbdd7520d0a4f086c922"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
1008
x-amz-id-2
39/2Z8bS5JeH4N8sq/YhO1onFXwoT00s+WqTBgECnNHNi1GqEGj5sE/CUnqZh0NJNg9H4TGtsUI=
jsonp
grateful-summer-afterthought.glitch.me/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/jsonp
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
88982875
va.v.liveperson.net/api/js/ 		111 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/88982875?sid=oH2Qhzs8QzCWPk58eMieCA&cb=lpCb50195x86975&t=ip&ts=1639498872221&pid=8378416840&tid=120975428&vid=E1ZmVlMDY2Mjk2ZDhiZDg5
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
beeac2532ab7e7ed250c25fcab390c8114a5f010bce47f8a0c39da47bcef5b2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 04:16:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 04:16:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jul 2023 04:16:49 GMT
mm-logo.svg
grateful-summer-afterthought.glitch.me/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grateful-summer-afterthought.glitch.me/mm-logo.svg
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
oojSs2aBahYVbJ.CsiCneLl2D7oJAZx6
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKZEJZ7HJSNTN4J
etag
"51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption
AES256
content-type
image/svg+xml
cache-control
no-cache
accept-ranges
bytes
content-length
12019
x-amz-id-2
bgBJxzdiGYIv7X2G6meGuLO6TuC7mF1DfERir615GcRg68rgWSakFmAC8vhb04BdT8FsBgTeO7s=
wpp.gif
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/ 		185 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/wpp.gif
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
a4c064cd993b01c2cfc760b7de28ec734e052edea4bfab1e68f5a549a8c334f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-ipfs-pop
ipfs-bank7-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank2-fr2
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
timing-allow-origin
*
access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
content-length
185
v2.js.download
grateful-summer-afterthought.glitch.me/ 		565 KB
566 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/v2.js.download
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
.e3yCcKkZM.f0FH.0mVhSuVMfQfSYEVT
last-modified
Sun, 08 Jan 2023 11:32:51 GMT
server
AmazonS3
x-amz-request-id
1GKSGYNPM298XSGP
etag
"d3b2366c9977c975fc6abdc6a119c361"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
578833
x-amz-id-2
ymimCeoWZ8VRvR0eaHukJCFSU5elLZPidAvGLlhh102RN76g0pjrUid75a9lHEkDOYE1lWrA1zM=
jquery-3.5.1.min.dc5e7f18c8.js.download
grateful-summer-afterthought.glitch.me/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Origin
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
EMbo5os2PuHTU11ug_1JzaCJauKqZ0mP
x-amz-request-id
1GKNVG7RZ7A7CJQR
x-amz-server-side-encryption
AES256
content-length
89476
x-amz-id-2
PT/TXHm7R7SYjcIF8y7+1xsnnDcVmWvfipigsv5fHv2d6ms25IZziNZV7YFRz1GlVFdJSCta008=
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
etag
"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3600
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
cache-control
no-cache
accept-ranges
bytes
webflow.js.download
grateful-summer-afterthought.glitch.me/ 		587 KB
588 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/webflow.js.download
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
DNOfed5NnbtMqCdhnaryqVb_JwBwA8qy
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKP7B44ZCTVCK2D
etag
"9758f7e3aa0c79ea7a3cadb16d10087b"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
601104
x-amz-id-2
qK8jYE9IK2On6Otamo5G9BRshlpCryV+WY59+huE6DE7lDC9ckf82bB0vyrwGd6GxETiJLdWdkY=
storage.secure.min.js.download
grateful-summer-afterthought.glitch.me/ 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/storage.secure.min.js.download
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
NCl6u7FjCbuJWXHn3R05CpwYzO4HGc5A
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKPSW3ENV36YK3H
etag
"3386ec5559f1ba569cf0ab6acab436cc"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
38562
x-amz-id-2
8KVi/RuJhoSGoQpcAxYunTjB6m3t21WOjgLK4rTJO0M//4MrRiPxpCSDesmAG+t5ve3reAWfYD4=
css
fonts.googleapis.com/ 		800 B
436 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Changa+One:400,400italic
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/webfont.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
268ec60eda83e06344b73af9a88cd4a6e1a9bc3408d81e2d384e9ffbaf428423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 04:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 02:38:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Jul 2023 04:16:50 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/enterprise.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Origin
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1621
x-xss-protection
0
hero2.4.png
grateful-summer-afterthought.glitch.me/ 		283 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://grateful-summer-afterthought.glitch.me/hero2.4.png
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-amz-version-id
BqRWvFcRW6as32mqFaPeSWeowAVLX2NA
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
1GKX6QKSVXYF72R7
etag
"85607339bb7e3cc70e1b7568ed4d29b2"
x-amz-server-side-encryption
AES256
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
289564
x-amz-id-2
crss0BmxxVsQelLCm+LVemLG+pYc9Sx9+fI0E1zdmenkBpH0WCqo6BAebCzRXrs/NSDboWQxDok=
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
EuclidCircularB-Regular-WebXL.woff2
grateful-summer-afterthought.glitch.me/ 		0
0
EuclidCircularB-Bold-WebXL.woff2
grateful-summer-afterthought.glitch.me/ 		0
0
tag.js
lptag.liveperson.net/tag/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=88982875
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 07 Dec 2022 20:20:28 GMT
server
ws
etag
"6390f58c-1da4"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
7588
.jsonp
lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/ 		324 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
9124a9c8cb98fad6f83ad6d86cc8a94dfacfe32ee6ba35129369d3c6c11a06fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v18/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 21:19:06 GMT
x-content-type-options
nosniff
age
543464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7900
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:15:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 21:19:06 GMT
xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
fonts.gstatic.com/s/changaone/v18/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 02:37:52 GMT
x-content-type-options
nosniff
age
178738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8404
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:15:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 Jul 2024 02:37:52 GMT
/
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
af0e0472c79c18e67f9764a9a4e3b035728e07673f07297d920ce7d9ab5df3ef
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 18 Jul 2023 04:17:50 GMT
zones
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
8171d319d442d02c56cc52e2bf5a8abdefff355f574d3491ae37946fa48d9656
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:50 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 18 Jul 2023 04:17:50 GMT
EuclidCircularB-Bold-WebXL.woff
grateful-summer-afterthought.glitch.me/ 		0
0
EuclidCircularB-Regular-WebXL.woff
grateful-summer-afterthought.glitch.me/ 		0
0
2b64112b-f442-4840-9ace-b11dccd5f744
forms.hsforms.com/embed/v3/form/4795067/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/v2.js.download
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
895f9ca3f1c9d23023301049df8cb1344031ca43c82b9f9a5da40b626df8b00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Origin-Hublet
na1
Date
Tue, 18 Jul 2023 04:16:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
24afac38-c9f3-4534-92cd-1c0124b81e51
Transfer-Encoding
chunked
x-envoy-upstream-service-time
10
Content-Disposition
attachment; filename=no-rfd.txt
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
24afac38-c9f3-4534-92cd-1c0124b81e51
Server
cloudflare
X-Trace
2B25721D526B0C90EB76BD3C78377FC7D7556EAFCC000000000000000000
Vary
origin
Content-Type
application/javascript;charset=utf-8
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-nt996
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7e87e95ebfc52bb0-FRA
saved_resource.html
grateful-summer-afterthought.glitch.me/ Frame EC66 		55 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/saved_resource.html
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c9f03917045beadc11043c219f9ed97c462d5504f8bbfd49a758f1fa91d0af29

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
56613
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:16:51 GMT
etag
"ec0bcfe99f4f2e8174bd36b54b04ed25"
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-id-2
yplY0GMhfFG4/PfhOI0Q+ktzmmLdPbJlrsN+cy1aCoVMiUPqxYDvBAWLaRALb9GQ0QOtDzkUc1A=
x-amz-request-id
Y22RF6WJZ1AHR65R
x-amz-server-side-encryption
AES256
x-amz-version-id
01ZagqxYk1cQkqZzvTe8GGQNjXho_kox
anchor.html
grateful-summer-afterthought.glitch.me/ Frame E11B 		42 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/anchor.html
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
73fa074ce47af396244ddc3077f9ee27cbd71122679ffe05ca0230022673d1a8

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
43290
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:16:51 GMT
etag
"194b5744abd15c4045d5be0aae957e8f"
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-id-2
rmYau4IenHqjbKp0APml+awE2vlrVvBzYpCTp/aH5HpwweJo8fc62zxGPR7Y/BIe8crmDzP5QjU=
x-amz-request-id
Y22KDQX6KWJA5GXT
x-amz-server-side-encryption
AES256
x-amz-version-id
49_Vx4qi07tXm.w7yroBa1RnArKoZNz5
saved_resource(1).html
grateful-summer-afterthought.glitch.me/ Frame A9BF 		54 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1af67cf16d9dfbf8e79e1b357767b932bd54c08fcd8c5df86d06b868f7f8e04b

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
55268
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:16:51 GMT
etag
"b00c3321ca08b705efe2acd1364bacae"
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-id-2
q9/xI0xHxNh/M1Ahu706xPFn5YmZyYwoj/RqXJYjBIKUnH6uVC9LIxQ27JJQq9cGkIUJPj7raLI=
x-amz-request-id
Y22KJ590JH33PC76
x-amz-server-side-encryption
AES256
x-amz-version-id
qzhBhZjsk.ec_D5wik.l6AvvZFbehKt4
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame 9478 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link&site=88982875&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods
GET, POST, PATCH
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
content-encoding
gzip
content-type
text/html
date
Tue, 18 Jul 2023 04:16:51 GMT
expires
Wed, 17 Jul 2024 04:16:51 GMT
last-modified
Fri, 17 Mar 2023 01:15:35 GMT
server
ws
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-cache-status
HIT
x-content-type-options
nosniff
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link&site=88982875&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 17 Mar 2023 01:15:36 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 17 Jul 2024 04:16:51 GMT
v2.js.download
doggybars.shop/mata.io/meta/ Frame EC66 		0
0
styles__ltr.css
grateful-summer-afterthought.glitch.me/ Frame E11B 		51 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/styles__ltr.css
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/anchor.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/anchor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
x-amz-version-id
MZBc9IGSlUpA2ogVNSlP9_mTI4TKHCgx
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
Y22QHK0QW2XEEXYZ
etag
"97c3d49b83dc004fcda822b1853b787b"
x-amz-server-side-encryption
AES256
content-type
text/css; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
52368
x-amz-id-2
2dw2Vn+AhpM6DRTmbByoqLUZ4Ca+n93T3IfPv8f7tn/gqVv+bDJouQkwPlWHqDNuGnjodh+FytA=
recaptcha__nl.js(1).download
grateful-summer-afterthought.glitch.me/ Frame E11B 		345 KB
346 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/anchor.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/anchor.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
x-amz-version-id
FFSzZl4OL91YPu9lLIGfhy_TF69p7q11
last-modified
Sun, 08 Jan 2023 11:32:51 GMT
server
AmazonS3
x-amz-request-id
Y22SR5Z0Z5ZSG827
etag
"e735084e8ffed1ad8d89df08d98d4d23"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
353655
x-amz-id-2
UtlZ8sT1WquWkIoD96b1DfJBYDD+MlJy+kpWTGzoTr8MgmguNccST4vgqrTFQ1yJyfbDg2hlJnA=
v2.js(1).download
grateful-summer-afterthought.glitch.me/ Frame A9BF 		504 KB
506 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/v2.js(1).download
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3e7d91fbd301e53ba7c3cf31ae3580a9ff821df913fc58297eb1675bcb068222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
x-amz-version-id
G_4s5XDalz6PQIwe6XyFGRlTWlyV1WCH
last-modified
Sun, 08 Jan 2023 11:32:51 GMT
server
AmazonS3
x-amz-request-id
Y22RMXQ4R5TGWQ3Q
etag
"53c7729f9a5c32a04b6d48dd118565af"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
516406
x-amz-id-2
H7gt51nJnQ4nIOdWL6KTIv9qKKzvRaxcY9BBgpN92BkJtk6cQaOkn+b0mN3pGcUoxk7eS/guYL0=
bframe.html
grateful-summer-afterthought.glitch.me/ Frame BF7C 		11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/bframe.html
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
463c25dbddba27ac61e150288d07f2bb4bcb1bb48e05c64f797cc18887af1581

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
11399
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:16:51 GMT
etag
"161c81930eb1b582be7559429dd87816"
last-modified
Sun, 08 Jan 2023 11:32:51 GMT
server
AmazonS3
x-amz-id-2
jycvyNMMjNcZK/dr3BOtsAu/0QrPL8f5vNXKxnIjfY08VPMjn9cA/+HLhEGB0QJxlUV+VdMy6Bw=
x-amz-request-id
Y22SGF5WSRYAZGE4
x-amz-server-side-encryption
AES256
x-amz-version-id
TSeQo8dGxQgrDNtJp342w.Wa6HbmAqt0
enterprise.js
www.google.com/recaptcha/ 		1008 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/v2.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fca4f38e23f4b9fb5283040415a55af95cedaa321993ec0e0422ea4ee1b98245
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
615
x-xss-protection
1; mode=block
expires
Tue, 18 Jul 2023 04:16:51 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ 		431 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4492635edd6b1b7c576b8a4b4c51e9843dd8b06ab34f4959d33dea5500e48385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Origin
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 12:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177687
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 12:32:31 GMT
refererrestrictions
accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/ Frame 9478 		113 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb64431x85610
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link&site=88982875&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
fae68c9241f2e4a9361169191fd98e86a7ca518ca55b680b0e8e64f384b06d10
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lpcdn.lpsnmedia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-envoy-decorator-operation
lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
MISS
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
x-envoy-upstream-service-time
87
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
anchor
www.google.com/recaptcha/enterprise/ Frame 0A9A 		52 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&badge=inline&cb=s6u13bvi124x
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
db0d983def46e737dad073b2dbbfbef4e84da743aff261d15a93ea6e7d8e93f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bJQE9wVDwTxCp0R7PDYPpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
29074
content-security-policy
script-src 'report-sample' 'nonce-bJQE9wVDwTxCp0R7PDYPpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 04:16:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 18 Jul 2023 04:16:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
d0275bbf-6959-4349-95a9-981c8a24a3bc
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d0275bbf-6959-4349-95a9-981c8a24a3bc
Last-Modified
Tue, 18 Jul 2023 04:16:51 GMT
Server
cloudflare
X-Trace
2BBDDAE38689DA2CC1474CF375B98FCC745803364D000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
7e87e960eaf34d1f-FRA
styles__ltr.css
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame 0A9A 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&badge=inline&cb=s6u13bvi124x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 00:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 00:53:54 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame 0A9A 		431 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&badge=inline&cb=s6u13bvi124x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4492635edd6b1b7c576b8a4b4c51e9843dd8b06ab34f4959d33dea5500e48385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 12:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177687
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 12:32:31 GMT
styles__ltr.css
grateful-summer-afterthought.glitch.me/ Frame BF7C 		51 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/styles__ltr.css
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/bframe.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/bframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
x-amz-version-id
MZBc9IGSlUpA2ogVNSlP9_mTI4TKHCgx
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-request-id
Y22K2CWHGD4WC23T
etag
"97c3d49b83dc004fcda822b1853b787b"
x-amz-server-side-encryption
AES256
content-type
text/css; charset=utf-8
cache-control
no-cache
accept-ranges
bytes
content-length
52368
x-amz-id-2
93nC1JjecxnHBb27pfG50idIti/ZYunqHEb07PDaqb5T09IdLdm2S/mQhHuN+LKCHSxuRBzeuItl2dFAcswq4hEqt0MoYTBN3bBqHze5JWY=
recaptcha__nl.js(1).download
grateful-summer-afterthought.glitch.me/ Frame BF7C 		345 KB
346 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/bframe.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/bframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
x-amz-version-id
FFSzZl4OL91YPu9lLIGfhy_TF69p7q11
last-modified
Sun, 08 Jan 2023 11:32:51 GMT
server
AmazonS3
x-amz-request-id
Y22TAM9KEDF5AF0T
etag
"e735084e8ffed1ad8d89df08d98d4d23"
x-amz-server-side-encryption
AES256
content-type
application/octet-stream
cache-control
no-cache
accept-ranges
bytes
content-length
353655
x-amz-id-2
tFGQX1QEytFATfMTU8wkuLC+0zyw/eRrqv0ZibEPXDwwTA/YIlSgJBDtVDakhjfOo226ttlBRbRH5WZursnQOw==
shell-recaptcha.html
grateful-summer-afterthought.glitch.me/ Frame 6304 		149 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/shell-recaptcha.html
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Request headers

Referer
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
149
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:16:51 GMT
etag
"3c2ccda97c47ede0b1c91b11efd575ea"
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-id-2
cCfFVZcZA96kQ8UkED4vLFiHn2wB0ELS33t8Mb8n2tQj2mgPQuUp0qRz1F3oAmyJbuhQMCLi10I6vgCiQzEn6Rn7+xny4tA06DizIFuABlc=
x-amz-request-id
Y22HHDDG787YN9BX
x-amz-server-side-encryption
AES256
x-amz-version-id
_umhgToN5i2CDniw3i.XIfp.FcHVYyM9
saved_resource(3).html
grateful-summer-afterthought.glitch.me/ Frame BAFE 		149 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/saved_resource(3).html
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

Request headers

Referer
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
149
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:16:51 GMT
etag
"3c2ccda97c47ede0b1c91b11efd575ea"
last-modified
Sun, 08 Jan 2023 11:32:51 GMT
server
AmazonS3
x-amz-id-2
2LbsJpdePa7SNloMbgRTNfWnTmLC0jkOPDWFJMOADQpdftpIoteQ/fY4kd/76Hyc0rZGBCsaPxw=
x-amz-request-id
Y22X79V1580PAD0P
x-amz-server-side-encryption
AES256
x-amz-version-id
JHUmncoWEnojGKO4bhjIxqWuc0SjgczH
saved_resource(4).html
grateful-summer-afterthought.glitch.me/ Frame 6DAC 		196 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://grateful-summer-afterthought.glitch.me/saved_resource(4).html
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/anchor.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-62-156.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
652108eecc73ab61542ec918e255707b4b5b69343677a14a38bbde5b6e4c9d9a

Request headers

Referer
https://grateful-summer-afterthought.glitch.me/anchor.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
196
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:16:51 GMT
etag
"8f180af3f4a0348d2da6a0092d1e07b7"
last-modified
Sun, 08 Jan 2023 11:32:50 GMT
server
AmazonS3
x-amz-id-2
cOs6Ci5c0uPqJE6Nl/QaXk3qqoQgvqc+IGud1GDOyPEG6iz3sU3RjdUe1y5PlHwbwHrWIlls3Ko=
x-amz-request-id
Y22KKYTA680D0CHE
x-amz-server-side-encryption
AES256
x-amz-version-id
OoIxkgWjpde0UJ73EP9kO6xHQHAD1dk.
webworker.js
www.google.com/recaptcha/enterprise/ Frame 0A9A 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&badge=inline&cb=s6u13bvi124x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f827f28ee4ea717504786f0298c6c576e83038b5a9fd327ca38b58cb8ed2550
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&size=invisible&badge=inline&cb=s6u13bvi124x
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 18 Jul 2023 04:16:51 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame BF7C 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 03:01:22 GMT
x-content-type-options
nosniff
age
350129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 21 Jul 2023 03:01:22 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame BF7C 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:31:39 GMT
x-content-type-options
nosniff
age
207912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 22 Jul 2023 18:31:39 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame BF7C 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://grateful-summer-afterthought.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:30:32 GMT
x-content-type-options
nosniff
age
211579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 22 Jul 2023 17:30:32 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF7C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/bframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grateful-summer-afterthought.glitch.me/
Origin
https://grateful-summer-afterthought.glitch.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:47:45 GMT
x-content-type-options
nosniff
age
210546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 17:47:45 GMT
bframe
www.google.com/recaptcha/enterprise/ Frame E885 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f48ba2facd8449b08cdcc2c85a687121db234988c14974957fd3734a2415071d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UwJN2BODfMMkJZzTm9bYXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1161
content-security-policy
script-src 'report-sample' 'nonce-UwJN2BODfMMkJZzTm9bYXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 04:16:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF7C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: grateful-summer-afterthought.glitch.me
URL: https://grateful-summer-afterthought.glitch.me/bframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://grateful-summer-afterthought.glitch.me/
Origin
https://grateful-summer-afterthought.glitch.me
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 00:06:15 GMT
x-content-type-options
nosniff
age
533436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 00:06:15 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame E885 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 00:53:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 00:53:54 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/ Frame E885 		431 KB
174 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4492635edd6b1b7c576b8a4b4c51e9843dd8b06ab34f4959d33dea5500e48385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 12:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177687
x-xss-protection
0
last-modified
Sun, 09 Jul 2023 08:00:56 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Jul 2024 12:32:31 GMT
reload
www.google.com/recaptcha/enterprise/ Frame E885 		41 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
56faa1d4b3727c0def206bb06dc56042a41df2d29f27028cdbc42068b2177c60
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25260
x-xss-protection
1; mode=block
expires
Tue, 18 Jul 2023 04:16:51 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E885 		600 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 03:01:22 GMT
x-content-type-options
nosniff
age
350129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Fri, 21 Jul 2023 03:01:22 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E885 		530 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 18:31:39 GMT
x-content-type-options
nosniff
age
207912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 22 Jul 2023 18:31:39 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E885 		665 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/iZWPJyR27lB0cR4hL_xOX0GC/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:30:32 GMT
x-content-type-options
nosniff
age
211579
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 22 Jul 2023 17:30:32 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E885 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 00:06:15 GMT
x-content-type-options
nosniff
age
533436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 00:06:15 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E885 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 03:41:15 GMT
x-content-type-options
nosniff
age
347736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Jul 2024 03:41:15 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E885 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 17:47:45 GMT
x-content-type-options
nosniff
age
210546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 17:47:45 GMT
payload
www.google.com/recaptcha/enterprise/ Frame E885 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/recaptcha/enterprise/payload?p=06AAYGu2TjEA8UbRiBsjItgnKg3pK86JDwGVUk-cOxgNcGiRF_Uq8-4bNgjGOwRkIVrgPRY7njlfRuoKa7e25oLUjiIJdQ-O3Of12q2hQJf_nmVd45zv1GWEADt9ykTgQOi22ZjOeX9cKEn3_aBvq25W054IhSXrnxSGfoGnv2Qg7jbhAxwEEbKisMkUM2_2Pm6RbvJOI_yHmkCg2mPkd1M-6FtxJJ0pNlOxYA5M0sVliSEpj4zbpF2wQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Requested by
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2cdaba2ea757cd69a3564fd217ef3b2ac2629f8b451d61ee9e733c047bd57ad4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=iZWPJyR27lB0cR4hL_xOX0GC&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:51 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32239
x-xss-protection
1; mode=block
expires
Tue, 18 Jul 2023 04:16:51 GMT
88982875
va.v.liveperson.net/api/js/ 		212 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/88982875?&cb=lpCb71532x24502&t=sp&ts=1689653812507&pid=9016114417&tid=2097289517&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fbafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
16654a9cb51e7d7070355b757cf3d2dea0160a704d9a1002bb762fb56265df8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
88982875
va.v.liveperson.net/api/js/ 		111 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/88982875?sid=eZk6iSSMT6OdIY8QRC3l7A&cb=lpCb48050x35554&t=pl&ts=1689653812516&pid=9016114417&tid=2097289517&vid=RkMzAwNGVkN2U1MmEwN2Iz
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
646884400086e4a5ceed6bdf803f283a51ef0a035bdf92fdf347a31cbc80b431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:16:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff
Domain
grateful-summer-afterthought.glitch.me
URL
https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff
Domain
doggybars.shop
URL
https://doggybars.shop/mata.io/meta/v2.js.download

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless object| onbeforetoggle object| onscrollend object| WebFont function| countdown number| timeLeft function| gtag object| dataLayer object| lpTag object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _typeof function| _extends object| lpTaglogListeners object| lpMTagConfig object| google_tag_data function| ga object| gaplugins function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React undefined| reqwest function| OutpostErrorReporter undefined| Pikaday function| hns2 function| hmerge undefined| I18n undefined| ReactDOM undefined| require undefined| requirejs undefined| define undefined| exports undefined| module undefined| bootstrap object| HSFR object| _hsq function| hs_reqwest_0 function| $ function| jQuery function| tram object| Webflow function| hsRecaptchaLoadCallback number| RECAPTCHA_INTERVAL object| recaptcha object| closure_lm_305761

3 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOJJLKvlwHegvct5WvmIfTkxHxQuh4hJZghDXm_DxEihGxIpdoi4NRVTF4UOlWKodOMLbyOu7cduDhtfJEp1Pd4
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ Name: LPVID
Value: RkMzAwNGVkN2U1MmEwN2Iz
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ Name: LPSID-88982875
Value: eZk6iSSMT6OdIY8QRC3l7A

19 Console Messages

Source Level URL
Text
network error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/plx.chock.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Message:
Refused to execute script from 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/plx.chock.js' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://grateful-summer-afterthought.glitch.me/css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://grateful-summer-afterthought.glitch.me/jsonp
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/wpp.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Message:
Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://grateful-summer-afterthought.glitch.me/js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Message:
Access to script at 'https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Message:
Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Message:
Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Message:
Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Bold-WebXL.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Message:
Access to font at 'https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff' from origin 'https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://grateful-summer-afterthought.glitch.me/EuclidCircularB-Regular-WebXL.woff
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download(Line 231)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.google.com') does not match the recipient window's origin ('https://grateful-summer-afterthought.glitch.me').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
doggybars.shop
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
grateful-summer-afterthought.glitch.me
lpcdn.lpsnmedia.net
lptag.liveperson.net
perf.hsforms.com
va.v.liveperson.net
www.google.com
www.gstatic.com
doggybars.shop
grateful-summer-afterthought.glitch.me
178.249.97.23
178.249.97.98
178.249.97.99
208.89.12.87
2602:fea2:2::1
2606:4700::6811:d3f3
2606:4700::6811:d4f3
2a00:1450:4001:810::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
44.198.62.156
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d
0cb2917cdba802763b4a2d230fc44976d1a24b2078a22b1b631f9d314c9c4b35
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2
16654a9cb51e7d7070355b757cf3d2dea0160a704d9a1002bb762fb56265df8d
1af67cf16d9dfbf8e79e1b357767b932bd54c08fcd8c5df86d06b868f7f8e04b
268ec60eda83e06344b73af9a88cd4a6e1a9bc3408d81e2d384e9ffbaf428423
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
2cdaba2ea757cd69a3564fd217ef3b2ac2629f8b451d61ee9e733c047bd57ad4
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e7d91fbd301e53ba7c3cf31ae3580a9ff821df913fc58297eb1675bcb068222
4492635edd6b1b7c576b8a4b4c51e9843dd8b06ab34f4959d33dea5500e48385
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
463c25dbddba27ac61e150288d07f2bb4bcb1bb48e05c64f797cc18887af1581
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
56faa1d4b3727c0def206bb06dc56042a41df2d29f27028cdbc42068b2177c60
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
646884400086e4a5ceed6bdf803f283a51ef0a035bdf92fdf347a31cbc80b431
652108eecc73ab61542ec918e255707b4b5b69343677a14a38bbde5b6e4c9d9a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b
73fa074ce47af396244ddc3077f9ee27cbd71122679ffe05ca0230022673d1a8
7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25
7f827f28ee4ea717504786f0298c6c576e83038b5a9fd327ca38b58cb8ed2550
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8171d319d442d02c56cc52e2bf5a8abdefff355f574d3491ae37946fa48d9656
895f9ca3f1c9d23023301049df8cb1344031ca43c82b9f9a5da40b626df8b00f
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
9124a9c8cb98fad6f83ad6d86cc8a94dfacfe32ee6ba35129369d3c6c11a06fd
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
a4c064cd993b01c2cfc760b7de28ec734e052edea4bfab1e68f5a549a8c334f7
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
af0e0472c79c18e67f9764a9a4e3b035728e07673f07297d920ce7d9ab5df3ef
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
beeac2532ab7e7ed250c25fcab390c8114a5f010bce47f8a0c39da47bcef5b2b
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9d35e1cd1c788900451f6b5011bfb3068bd65afcaca9a3469aa570a863ec074
c9f03917045beadc11043c219f9ed97c462d5504f8bbfd49a758f1fa91d0af29
db0d983def46e737dad073b2dbbfbef4e84da743aff261d15a93ea6e7d8e93f0
f48ba2facd8449b08cdcc2c85a687121db234988c14974957fd3734a2415071d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fae68c9241f2e4a9361169191fd98e86a7ca518ca55b680b0e8e64f384b06d10
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
fca4f38e23f4b9fb5283040415a55af95cedaa321993ec0e0422ea4ee1b98245