Report - cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html

Report Overview

Submitted URL
cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html
IP
104.17.96.13
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 15:53:05
Access
public
Website Title
MetaMask - A crypto wallet & gateway to blockchain apps
Final URL
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Tags
crypto phishing
urlquery detections
Phishing - Generic Crypto/Wallet

Detections

urlquery
15
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
perf.hsforms.com	10768	2013-09-18	2020-07-03	2024-05-07	817 B	996 B	104.18.80.204
doggybars.shop	unknown	unknown	2022-11-28	2023-11-18	441 B	0 B	0.0.0.0
grateful-summer-afterthought.glitch.me	unknown	2008-07-18	2023-01-19	2024-03-20	18 kB	3.1 MB	54.83.64.233
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com	unknown	2018-12-05	2024-01-13	2024-03-28	1.3 kB	15 kB	104.17.96.13
js.hsforms.net	7264	2013-09-18	2013-09-26	2024-05-08	551 B	3.2 kB	104.18.142.119
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-08	8.8 kB	1.5 MB	142.250.74.131
metamask.io	81413	2015-07-02	2015-11-15	2024-04-15	974 B	22 kB	185.199.108.153
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	496 B	2.6 kB	142.250.74.106
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	9.7 kB	276 kB	142.250.74.164
cf-ipfs.com	655312	2018-12-05	2018-12-20	2024-05-07	529 B	1.1 kB	104.17.64.14
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	7.1 kB	324 kB	216.58.207.227
forms.hsforms.com	5160	2013-09-18	2018-03-07	2024-05-07	539 B	3.6 kB	104.18.80.204

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html	Crypto/Wallet
2024-04-30	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html	Crypto/Wallet
2024-04-30	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/	Crypto/Wallet

PhishTank

Scan Date	Severity	Indicator	Alert
2024-01-13	medium	cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html	Other
2024-01-13	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html	Other
2024-01-13	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/plx.chock.js	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	doggybars.shop	Sinkholed

ThreatFox

No alerts detected

JavaScript (37)

	URL	Size	First Seen	Last Seen
	grateful-summer-afterthought.glitch.me/tag.js.download	22 kB	2023-03-07	2024-05-08
Pretty URL grateful-summer-afterthought.glitch.me/tag.js.download IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-08 17:53:08 Times Seen555 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	0 B	2023-03-07	2024-05-20
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 03:42:01 Times Seen37854692 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js	18 kB	2024-05-01	2024-05-19
Pretty URL www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-01 18:12:36 Last Seen2024-05-19 08:51:03 Times Seen1446 Hash 1b84878b10f495c0906cf29733630286 f0253a2a4155c4b073f72bb19d81f6a065b3671a 475e7c98ff87111f1c17ed96d5de19b3703ef37d3db768817fdad7c6c9ae18e6 Loading...

	grateful-summer-afterthought.glitch.me/storage.secure.min.js.download	39 kB	2023-03-07	2024-05-08
Pretty URL grateful-summer-afterthought.glitch.me/storage.secure.min.js.download IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-08 17:53:08 Times Seen676 Hash 3386ec5559f1ba569cf0ab6acab436cc e98e11d37c5172ee128a85f68447efb3cb0e853c 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73 Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html	113 B	2024-01-13	2024-05-08
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-13 15:37:25 Last Seen2024-05-08 17:53:08 Times Seen18 Hash 39a85e4ac08144aea6a735b859a2cb8b 94161b5283402db57fc859c79526d03667148325 0b065ac23c97350c74cc7d0e65843aa8412172bc9d2bf1cbf62f792fe0e435ce Loading...

	www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js	514 kB	2024-05-08	2024-05-18
Pretty URL www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 00:24:03 Last Seen2024-05-18 18:17:53 Times Seen7131 Hash add520996e437bff5d081315da187fbf 2e489fe16f3712bf36df00b03a8a5af8fa8d4b42 922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4 Loading...

	grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download	354 kB	2023-03-07	2024-05-08
Pretty URL grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-05-08 17:53:09 Times Seen600 Hash e735084e8ffed1ad8d89df08d98d4d23 6cdab8dac12030c8bc980ec129affecc626285c3 6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b Loading...

	grateful-summer-afterthought.glitch.me/v2.js(1).download	516 kB	2023-03-10	2024-05-08
Pretty URL grateful-summer-afterthought.glitch.me/v2.js(1).download IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:50:38 Last Seen2024-05-08 17:53:08 Times Seen73 Hash 53c7729f9a5c32a04b6d48dd118565af 2757661583ee87fda362428569353e67519a0cc5 3e7d91fbd301e53ba7c3cf31ae3580a9ff821df913fc58297eb1675bcb068222 Loading...

	grateful-summer-afterthought.glitch.me/bframe.html	75 B	2023-03-07	2024-05-20
Pretty URL grateful-summer-afterthought.glitch.me/bframe.html IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:59 Last Seen2024-05-20 03:27:53 Times Seen10737 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html	253 B	2023-03-10	2024-05-08
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 13:08:55 Last Seen2024-05-08 17:53:08 Times Seen60 Hash cb1d3e5eed9f94947fb98855d3f82ada c9f90151dcdda9896f8fb43499b2e32a50c8c914 45d343fb16d976cbe425527a5ac6a41b423623c15ba24829cf6844d7efd69a62 Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	5.9 kB	2024-05-08	2024-05-08
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.18.80.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-08 17:53:08 Times Seen2 Hash 8d8e146811c22c8304077b32f337aa2a 4f8c1e2ce9df61338beb194e93a798d126ff206a 695e3b7b49fb529e59ce5f4e525d733c87bfc1e057b1112909d8a19750247fe7 Loading...

	grateful-summer-afterthought.glitch.me/v2.js.download	579 kB	2023-03-09	2024-05-08
Pretty URL grateful-summer-afterthought.glitch.me/v2.js.download IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:05:33 Last Seen2024-05-08 17:53:08 Times Seen208 Hash d3b2366c9977c975fc6abdc6a119c361 ed6031ba0b0efe5b77acd0382f8d647f2cc88018 7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25 Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html	231 B	2024-01-13	2024-05-08
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-13 15:37:26 Last Seen2024-05-08 17:53:08 Times Seen18 Hash fa61de2ef7a71efd79c37880f4f7298e 75511b6c86e2eeb94029e394e530de9077d9197f a8b3829b45c52c6726530237c4ecd44cf9d924e052fbf2fac0b922b177980f83 Loading...

	grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download	90 kB	2023-03-07	2024-05-20
Pretty URL grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-20 03:32:37 Times Seen145692 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html	2.7 kB	2024-01-13	2024-05-08
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-13 15:37:26 Last Seen2024-05-08 17:53:08 Times Seen18 Hash 7aa08147ed77beb8e2d31845788e902e 82dbba3c7f53c728c8a2af4409068d3e7c7cc0fa 7f11d5185768a559b13cb051fb7d26c26f75e0c97d6a3c50be117e7430639e2b Loading...

	grateful-summer-afterthought.glitch.me/bframe.html	175 B	2023-03-07	2024-05-19
Pretty URL grateful-summer-afterthought.glitch.me/bframe.html IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:36 Last Seen2024-05-19 08:37:18 Times Seen284 Hash 117ee3a6ec35b36713c5e48205ff5fce 8f892b6a14a32c6e5e1cf000d06b18535a7b6238 7317f1aa4ede14314da978897b86477afe5fbc7b634899c0e33a740ca235e675 Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html	194 B	2024-01-13	2024-05-08
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-13 15:37:26 Last Seen2024-05-08 17:53:08 Times Seen18 Hash ac28551a0df90cf3e724e3b81f89f0a7 fe523d31f7f74c289bf7b92b456f81446239dc72 a7c12b2e022fcd4707511feecafa028a1fcd5397bab33e0176ea2cd5587f7098 Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit	1.0 kB	2024-05-08	2024-05-09
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-09 05:13:46 Times Seen4 Hash be9e0752c7d4536d7794c1752253d894 dc291ec3115382fbb52425da738d3b7e0bc11f38 566ddc92cf8ee53fdd92d7b15ba66dd2d06eae47ce01e6c5829c53b271656367 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=1az1mvi594ro	39 kB	2024-05-08	2024-05-08
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=1az1mvi594ro IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-08 17:53:08 Times Seen1 Hash 038a575847084c3b6df5fd2f31d2c5cd ce6d62278a20ea6272a16ff40408e10b336a01f4 46127cf73511b54d0c0a79ab1fd1845319866ab7c203a4d10a8a5115d04d0cc1 Loading...

	grateful-summer-afterthought.glitch.me/enterprise.js.download	1.0 kB	2023-03-07	2024-05-08
Pretty URL grateful-summer-afterthought.glitch.me/enterprise.js.download IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-05-08 17:53:08 Times Seen589 Hash d07e7630bc23cbdd7520d0a4f086c922 b50685923a96d55109959fdf21f369d902971b2a 15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2 Loading...

	grateful-summer-afterthought.glitch.me/anchor.html	33 kB	2023-03-09	2024-05-19
Pretty URL grateful-summer-afterthought.glitch.me/anchor.html IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 10:05:33 Last Seen2024-05-19 08:37:18 Times Seen138 Hash 27fe4cb47aa233ddd8165960b6d65929 11cc82d6e20cc46d88bacc3ed4bfb3f24bbf4b3b 692d9a7342c1fcb4c0417afee37d21695396088ca85a5a29f116f63189e0c595 Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html	252 B	2023-03-07	2024-05-08
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html IP 104.17.96.13 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:29:10 Last Seen2024-05-08 17:53:08 Times Seen79 Hash 79248d5b5d4dbd9098645a5363474fc9 e73de072a2cb9de627c5bb8d7923af079b762015 f19a08aa0129ea2e9abb7b405333213ab5970675fa75189f33032b7a40216300 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz	39 kB	2024-05-08	2024-05-08
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-08 17:53:08 Times Seen1 Hash 667dad2f2d53d584cc909d329ac72b03 350959507b2a623ac7c5ef387b64952e45bc708f b930d8ff970f7e45797d7f4b57774687d4060283f02645d75f76f241613fba9d Loading...

	grateful-summer-afterthought.glitch.me/webflow.js.download	601 kB	2023-03-07	2024-05-09
Pretty URL grateful-summer-afterthought.glitch.me/webflow.js.download IP 54.83.64.233 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:36 Last Seen2024-05-09 05:13:46 Times Seen611 Hash 9758f7e3aa0c79ea7a3cadb16d10087b 07f3c4e552e28eba6172f53d6dcf981a55f42031 0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d Loading...

	js.hsforms.net/forms-next/shell-recaptcha	540 B	2023-04-05	2024-05-19
Pretty URL js.hsforms.net/forms-next/shell-recaptcha IP 104.18.142.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 05:29:16 Last Seen2024-05-19 08:37:18 Times Seen159 Hash 0ef8295b6b00040322f2dcbc2dad3a7b 3c3f471eb10ddba84126b623484930b3c99a8014 8f6e0ed5457a4e0086d8f5754cf5beb474f716ed08184676d4768c88bffb2c63 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8239ee6044ad7e817a1f26d19412f6eb	22 B	2023-03-09	2024-05-08
Pretty Observations First Seen2023-03-09 10:05:34 Last Seen2024-05-08 17:53:08 Times Seen111 Hash 8239ee6044ad7e817a1f26d19412f6eb 7116e217d05810b609ff09ac21e2c6097f14484c df78f0db59a013604da430bf67714a0445ddb583f42925592cfed1774716374d Loading...

	#2 Eval - fd1d2a1caa587725136bbf369ed58c89	20 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-08 17:53:08 Times Seen1 Hash fd1d2a1caa587725136bbf369ed58c89 a31438ece6fdd557fc32c87cca44ef6dce9f9e87 d8316f9bc8a0613985b14b5cae34c45a32341f1f4037d9dffc34c6c60275698e Loading...

	#3 Eval - b706af60fc28ff92ae9c34466ce7951d	64 B	2024-05-01	2024-05-19
Pretty Observations First Seen2024-05-01 18:12:36 Last Seen2024-05-19 08:51:02 Times Seen659 Hash b706af60fc28ff92ae9c34466ce7951d bd02c394ad4a54806a98acc12b1953c3e2aec859 1117c9b78f6471007670c821545f68063d1ddec9165712e0c4c4aef0b931112b Loading...

	#4 Eval - bb27712b34a01ef30a491717d8973804	18 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-08 17:53:08 Times Seen1 Hash bb27712b34a01ef30a491717d8973804 0b1592587e0a2fd130c580c3bc893a99d6ba5f5c 33ddd3b620b754fe1219dfcf01a08a32aca1caaaa168eb01c3e47356cae14f3a Loading...

	#5 Eval - 404a8acfa245787ec570d723e54fe63c	22 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-08 17:53:08 Times Seen1 Hash 404a8acfa245787ec570d723e54fe63c 290c38e7c0d1b48fd55512d8e0eda35c36046c8c 2afb0e8be9c7353c72bb2898769ac7021edec2e3b21e1467d2d475405443a109 Loading...

	#6 Eval - 62289cae4dba4b7afa176ff6398ebd5f	17 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-08 17:53:08 Times Seen1 Hash 62289cae4dba4b7afa176ff6398ebd5f ffd5dc57b634618beb8ac5ac40fbdc360a6d8df6 102a233a7deb0ef9cb626d183bcb188bdf9affd7cecf30cd6929d1307fd60801 Loading...

	#7 Eval - 14fe3c24da54f6fc8e4b16ea5b5970c6	22 B	2024-05-01	2024-05-19
Pretty Observations First Seen2024-05-01 18:12:36 Last Seen2024-05-19 08:51:02 Times Seen654 Hash 14fe3c24da54f6fc8e4b16ea5b5970c6 b1e330a8f15bdcfa478ba6c65878ef2f971967f6 9c82420263b512161ec1aa2eb6cae244c14143157c5a0b3d7a2e35a993d929a0 Loading...

	#8 Eval - 0e64ad66420ea42b9913abde6289b991	24 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 17:53:08 Last Seen2024-05-08 17:53:08 Times Seen1 Hash 0e64ad66420ea42b9913abde6289b991 bd8d554b988dac246a1189a82bf6529bb67220ba 8feda3eb1b80d54833e1d60c182f0f4b0a3ace6167d5a5261a8353f2904b7740 Loading...

	#9 Eval - eb94905b9da3f67da3f000d1bb6efbde	64 B	2023-03-09	2024-05-08
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-05-08 17:53:08 Times Seen111 Hash eb94905b9da3f67da3f000d1bb6efbde 1d3286e8759266d0f632990a00153ac614ca6c39 ef56a8332ced72dcd8b9a2756ce1fe129be6db47ca4863412b51e8028a9d1eb2 Loading...

	#10 Eval - 272eb139968a9665de1db4beccf568d2	22 B	2023-03-09	2024-05-08
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-05-08 17:53:08 Times Seen112 Hash 272eb139968a9665de1db4beccf568d2 e6505fdd0680c557e102b20212d31942c7d24429 26ef4c313a8ffd1b7fc79977328690a19336ac1187fa07d9cfc3a8327f5a08ba Loading...

	#11 Eval - 15760900e488ec647450f20eeaa49944	15 kB	2023-03-09	2024-05-08
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-05-08 17:53:08 Times Seen110 Hash 15760900e488ec647450f20eeaa49944 208ad236b244f8adbd138cda9ad9f7f1d4e7758e 90d9c75dc0b4578e5468206d805353952b0a650c707ac7f9632b29f3694c1dff Loading...

	#12 Eval - ad83cd1fb4f9f294d9b6e177a370a1ba	22 B	2024-05-01	2024-05-19
Pretty Observations First Seen2024-05-01 18:12:36 Last Seen2024-05-19 08:51:02 Times Seen659 Hash ad83cd1fb4f9f294d9b6e177a370a1ba 3e636dbc45770532447ea14cfac88ff44653ff5f 61b681b0a2a66131fa836eaf7f878e863a71cbb2d6a9e09eab9f1a6e84fbb58f Loading...

HTTP Transactions (88)

URL IP Response Size

cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html

104.17.64.14

301 Moved Permanently

131 B

URL User Request GET HTTP/2
cf-ipfs.com/ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html
IP
104.17.64.14:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint52:AB:96:DB:E9:BE:89:E5:DD:52:F1:32:96:17:32:F0:A3:F2:E7:41
ValidityThu, 04 Apr 2024 23:41:09 GMT - Wed, 03 Jul 2024 23:41:08 GMT

File type
HTML document, ASCII text
Size
131 B (131 bytes)
Hash
f465ea98709a7de4c342fcba9800fa89
806e05e25d5c9f7ae9547440ec9e1865019b6059
45a65f0af26ab0e2cc2e6d6480869ccf7a1d3f4eb00f33e17e675e2d9be9c95b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other

HTTP Headers

GET /ipfs/QmStsPsKVvrFs1DhrsHwspUv3EjZUh9SirKbrTBPR8vML3/secure.html HTTP/1.1
Host: cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 08 May 2024 15:52:33 GMT
content-type: text/html; charset=utf-8
content-length: 131
location: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
cf-ray: 880a9e1b5cc456cc-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
set-cookie: __cf_bm=FX5tY63YDpiy7HI7QKRHK6ATqdyelkRopBdDjW_auSw-1715183553-1.0.1.1-_mbhlk8iA_yXaLje_TBLMgE7fi0qHfsop9k8Kv.qdB.X2fMY.yzRbWotyY4dDF.zSBLR.Ku7exINCo3rS0rPYA; path=/; expires=Wed, 08-May-24 16:22:33 GMT; domain=.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download

54.83.64.233

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
3.7 kB (3674 bytes)
Hash
ce0366d3c0ef2d5187efc621c5e7fb00
83f60d035e88968d24178360639a8ad6cc08dc26
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

HTTP Headers

GET /recaptcha__nl.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 08 May 2024 15:52:35 GMT
content-length: 3674
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/tag.js.download

54.83.64.233

200 OK

22 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/tag.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21652), with no line terminators
Size
22 kB (21652 bytes)
Hash
e2ee8a9cd68c3d310a4c62fdb4b5c93a
67eb5f9547f1d9de0a8b143c3b50511c26281399
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /tag.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: application/octet-stream
content-length: 21652
x-amz-id-2: nvtChWc/Hsk4KIpK0w7G1dJPbjSwI67EZxf4eu+HjsVGcXxQbewmCElk1P1FrlHqxs/Sy1qKHPA=
x-amz-request-id: N1HFB9JCY0JRRV2B
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "e2ee8a9cd68c3d310a4c62fdb4b5c93a"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: TUU0ZjXoyzGQtWVuxcfDzv8bYgA4uR3p
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html

104.17.96.13

200 OK

13 kB

URL User Request GET HTTP/2
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (362), with CRLF line terminators
Size
13 kB (13298 bytes)
Hash
ee1b1d44f99379ead707c9be1317ce43
3ca502c03dcce21be0606437d1907c834c8a2493
8508c8a9cb51d906d5b92ca25dd9daace42415b05d4f14bf6b07928531b3d9fa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other

HTTP Headers

GET /secure.html HTTP/1.1
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:34 GMT
content-type: text/html
cf-ray: 880a9e1d1d6056a5-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=29030400, immutable
etag: W/"bafkreiefbdekts2r3ednlojmujo5twvm4qsblmc5j4kl62yhskctdm6z7i"
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/secure.html
x-ipfs-roots: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla,bafkreiefbdekts2r3ednlojmujo5twvm4qsblmc5j4kl62yhskctdm6z7i
set-cookie: __cf_bm=aIxGQpQ9wDWTvRO2816L1F0IZGT_8w1XwD5uXIoLjJI-1715183554-1.0.1.1-4zDtxydhksgYivbXPr9N8_0L3YzJXfjI7LIa4.ATbS7irqT5ZBIdw3Sy_LBlKHlHaLaoA1uJzLGfyrIjshC9dg; path=/; expires=Wed, 08-May-24 16:22:34 GMT; domain=.bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/css

54.83.64.233

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/css
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
3.7 kB (3674 bytes)
Hash
ce0366d3c0ef2d5187efc621c5e7fb00
83f60d035e88968d24178360639a8ad6cc08dc26
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

HTTP Headers

GET /css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 08 May 2024 15:52:35 GMT
content-length: 3674
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/enterprise.js.download

54.83.64.233

200 OK

1.0 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/enterprise.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1008), with no line terminators
Size
1.0 kB (1008 bytes)
Hash
d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /enterprise.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: application/octet-stream
content-length: 1008
x-amz-id-2: 9L88UUyvovbYCKx5Gh3p7FyJSr8GycRD/MVYKr6XHMKD4qGaQzekCoBgeHTOayTWGJTGSfyG4dE=
x-amz-request-id: N1H6J3ZDTS0EP7YQ
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "d07e7630bc23cbdd7520d0a4f086c922"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: ObiUJ2noAKZGuRj8wbfBsazSx7RTllc4
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/jsonp

54.83.64.233

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/jsonp
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
3.7 kB (3674 bytes)
Hash
ce0366d3c0ef2d5187efc621c5e7fb00
83f60d035e88968d24178360639a8ad6cc08dc26
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

HTTP Headers

GET /jsonp HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 08 May 2024 15:52:35 GMT
content-length: 3674
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/webfont.js.download

54.83.64.233

200 OK

13 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/webfont.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2134)
Size
13 kB (13188 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /webfont.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: application/octet-stream
content-length: 13188
x-amz-id-2: seunHCive3utfBsvaXnb9QxxOdbTEy8D9TXadDdsS4AA2cJS2t5iY1y5m2y3b6D3876iIEOnKlY=
x-amz-request-id: N1H7KHR0B9VWRY4B
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "7c96a5f11d9741541d5e3c42ff6380d7"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: _cr5b3QEbFXqNrMy7nPsc7GUdyzA11jK
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/storage.secure.min.js.download

54.83.64.233

200 OK

39 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/storage.secure.min.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (38562), with no line terminators
Size
39 kB (38562 bytes)
Hash
3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /storage.secure.min.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: application/octet-stream
content-length: 38562
x-amz-id-2: IAdyrkwHbOKknF33BRIzlJndS2v9IBk+4nJeJdK78tfoLeyqLfuCByNGW81GjHAzZbQNS+3g1j0=
x-amz-request-id: N1HFQ5W3DFJP1WMR
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "3386ec5559f1ba569cf0ab6acab436cc"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: KKigjc5ZmRWSj0hXBKP.I9_HXfZqFSQg
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/analytics.js.download

54.83.64.233

200 OK

50 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/analytics.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1325)
Size
50 kB (50230 bytes)
Hash
fda30e8a22c9bcd954fd8d0fadd0e77c
ae47cd34cbde081a48d7f92fc80aaf06a1381193
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

HTTP Headers

GET /analytics.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: application/octet-stream
content-length: 50230
x-amz-id-2: VEFU6TU5D4uXQ17530e97z6gG6lzh4kuV5E/Hc4uFxoXxOfXEah8zjzRyH1kG3W3FRudPF+ECUQDt42vz+hbyVRRq7yg4J+ysacA5uPM/0E=
x-amz-request-id: N1H223RM5DSEWY4C
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "fda30e8a22c9bcd954fd8d0fadd0e77c"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: i5vwO7SfqQRsu0dnc00kKvyxdahod4U8
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/mm-logo.svg

54.83.64.233

200 OK

12 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/mm-logo.svg
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mm-logo.svg HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: image/svg+xml
content-length: 12019
x-amz-id-2: GOISrlKa3ihb8a4JSCcmW+VLRz3Ahy+G6PGloUzUMy9FoXh1tmRoTuTcYVm1CnSgC9FdGyFSakyD/+CIPWCwEYZ3Ah+jNMPAsK35CiouIzs=
x-amz-request-id: N1H042CQQ97H2J2Q
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: P_EpZSaqEQzUZNxOiWe0aXD1oaAcWPY_
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download

54.83.64.233

200 OK

90 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: application/octet-stream
content-length: 89476
x-amz-id-2: xpndQhZayFlLvWapGeb6Om32lCzU5xjRwR1iKhthknPYry6wiBWGV8EZ5U2mu8KjaiSAAXCMtNA=
x-amz-request-id: N1H8ZQNQWNHZAWJ5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: cqsq1AvkEyGRMHvfFyD0.1CsHB3UsEn5
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/webflow.css

54.83.64.233

200 OK

39 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/webflow.css
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
39 kB (39109 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /webflow.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: text/css; charset=utf-8
content-length: 39109
x-amz-id-2: TFTQAU+ROnFMqC1aJBIFQNyLGoz3+yjHR5N7Q6oTsljvoepGg0asA8tsonHz+qyb+QOLeFpA6gA=
x-amz-request-id: N1H7XRZV14JZPN8Y
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "13fc860cb6eddbf469d986e1a6b6480b"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: VpGosWU.ymaRj4rI8WAdhxXxK8NkYodE
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/css

54.83.64.233

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/css
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
3.7 kB (3674 bytes)
Hash
ce0366d3c0ef2d5187efc621c5e7fb00
83f60d035e88968d24178360639a8ad6cc08dc26
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

HTTP Headers

GET /css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 08 May 2024 15:52:36 GMT
content-length: 3674
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/js

54.83.64.233

3.7 kB

URL GET
grateful-summer-afterthought.glitch.me/js
IP
54.83.64.233:0
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
3.7 kB (3674 bytes)
Hash
ce0366d3c0ef2d5187efc621c5e7fb00
83f60d035e88968d24178360639a8ad6cc08dc26
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

HTTP Headers

GET /js HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 08 May 2024 15:52:36 GMT
content-length: 3674
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/enterprise.js.download

54.83.64.233

200 OK

1.0 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/enterprise.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1008), with no line terminators
Size
1.0 kB (1008 bytes)
Hash
d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /enterprise.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:36 GMT
content-type: application/octet-stream
content-length: 1008
x-amz-id-2: 6L2Xs0qK7QE1E69soxSUbafO7FVw/Qp9vYlQDTFn6fo7FnqyiBeKgDCKGZEPRXBfatwPAmAkMcg=
x-amz-request-id: 9S2MD6H6QP4TVVQ8
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "d07e7630bc23cbdd7520d0a4f086c922"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: ObiUJ2noAKZGuRj8wbfBsazSx7RTllc4
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/jsonp

54.83.64.233

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/jsonp
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
3.7 kB (3674 bytes)
Hash
ce0366d3c0ef2d5187efc621c5e7fb00
83f60d035e88968d24178360639a8ad6cc08dc26
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

HTTP Headers

GET /jsonp HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 08 May 2024 15:52:36 GMT
content-length: 3674
cache-control: max-age=0
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:43:48 GMT
expires: Sat, 03 May 2025 03:43:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
age: 475728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/mm-logo.svg

54.83.64.233

200 OK

12 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/mm-logo.svg
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mm-logo.svg HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:36 GMT
content-type: image/svg+xml
content-length: 12019
x-amz-id-2: YKxyWkZutSbEup1hHJS7t30sjmDSYgU4c62plTMU19hVKhTUxgR6FEiYeC0x21SRWjGhmPSS5WA=
x-amz-request-id: 9S2W00WPZW14KD8X
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: P_EpZSaqEQzUZNxOiWe0aXD1oaAcWPY_
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/v2.js.download

54.83.64.233

200 OK

579 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/v2.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
579 kB (578833 bytes)
Hash
d3b2366c9977c975fc6abdc6a119c361
ed6031ba0b0efe5b77acd0382f8d647f2cc88018
7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /v2.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:36 GMT
content-type: application/octet-stream
content-length: 578833
x-amz-id-2: 5jHGIZIH1mQflybYbCcF38mkb6hIZxbb0OgozDmJhwtYsVmZbAU+sel6Vn7c1WcuGhaxLFWcwOQ=
x-amz-request-id: 9S2V2Y83537D7J1Q
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "d3b2366c9977c975fc6abdc6a119c361"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: mv_qM5YGXp6zrYYaoQ4hh8TUYIH1XC8u
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/anchor.html

54.83.64.233

200 OK

43 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/anchor.html
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (33133)
Size
43 kB (43290 bytes)
Hash
194b5744abd15c4045d5be0aae957e8f
b742502aa284cf374360452582cf510c2134bb11
73fa074ce47af396244ddc3077f9ee27cbd71122679ffe05ca0230022673d1a8

HTTP Headers

GET /anchor.html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/html; charset=utf-8
content-length: 43290
x-amz-id-2: d8Jg3u+OPfNmY3biXjCWbSGBmXocq3lBVsj9ygd0gvmivMOsaYGfLBzTz1W/UUux7pI63TxPk+I=
x-amz-request-id: QY0XDY7Q6QFJZP3G
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "194b5744abd15c4045d5be0aae957e8f"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: dxDuxkvYFAyiPsUXbU8OIvYqNOYLn5rY
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/saved_resource.html

54.83.64.233

200 OK

57 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/saved_resource.html
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (32691)
Size
57 kB (56613 bytes)
Hash
ec0bcfe99f4f2e8174bd36b54b04ed25
64a504bd3143c6269b70366b4f2029cc494d7d5d
c9f03917045beadc11043c219f9ed97c462d5504f8bbfd49a758f1fa91d0af29

HTTP Headers

GET /saved_resource.html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/html; charset=utf-8
content-length: 56613
x-amz-id-2: dvKmt/OGguJl0zYUvNNBYKpWV6DpT0xeYj2H0Lm1gpE5nlLONBSE6DOkI8BmWyd/yPPaf2a34gY=
x-amz-request-id: QY0YJ92VASS615KR
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "ec0bcfe99f4f2e8174bd36b54b04ed25"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: YaHcRlML9P83ib0UbAtTKFjHsR3Q5ixM
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.18.80.204

200 OK

2.1 kB

URL GET HTTP/1.1
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.18.80.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subjecthsforms.com
Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A
ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (5921), with no line terminators
Size
2.1 kB (2138 bytes)
Hash
8d8e146811c22c8304077b32f337aa2a
4f8c1e2ce9df61338beb194e93a798d126ff206a
695e3b7b49fb529e59ce5f4e525d733c87bfc1e057b1112909d8a19750247fe7

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 15:52:37 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Origin-Hublet: na1
Vary: origin
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
x-envoy-upstream-service-time: 10
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
X-HubSpot-Correlation-Id: 43a7b09f-18bb-485e-a4f5-8f6ae3a35799
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 43a7b09f-18bb-485e-a4f5-8f6ae3a35799
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Set-Cookie: __cf_bm=07vZh8lRqzCdCRQh7K6YOGznESdKnI4d98Q9s0Oh4lk-1715183557-1.0.1.1-p2zcO_7Mjn7Mm6MoSg34fhChMzA2giWWViyGWQOR8lK7_r3VBO2Wu6WrL20QudWoCxZxoFgxizX87LVpm4gbUA; path=/; expires=Wed, 08-May-24 16:22:37 GMT; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
_cfuvid=TKPprC9s87ENjSyegf35mH5V3KZ7q8xZgDK.Yq4HruI-1715183557115-0.0.1.1-604800000; path=/; domain=.hsforms.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 880a9e2f1b0256a8-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

grateful-summer-afterthought.glitch.me/saved_resource(1).html

54.83.64.233

200 OK

55 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/saved_resource(1).html
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (32691)
Size
55 kB (55268 bytes)
Hash
b00c3321ca08b705efe2acd1364bacae
113e4303b866f26cd263b842c30ce3fad00eb9d1
1af67cf16d9dfbf8e79e1b357767b932bd54c08fcd8c5df86d06b868f7f8e04b

HTTP Headers

GET /saved_resource(1).html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/html; charset=utf-8
content-length: 55268
x-amz-id-2: KO/CdOujZAx09GZV0zyOiTPxN+D89TTlAZ+wm6wp8t3KkDZ/V9lSOO6f5FEh++M9ulN/doQ0NtM=
x-amz-request-id: QY0W7GHCP9C9DPEA
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "b00c3321ca08b705efe2acd1364bacae"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: j12ibLCu3YjUNlHqYChHU4P7T0mb6npu
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/webflow.js.download

54.83.64.233

200 OK

601 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/webflow.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (50020)
Size
601 kB (601104 bytes)
Hash
9758f7e3aa0c79ea7a3cadb16d10087b
07f3c4e552e28eba6172f53d6dcf981a55f42031
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /webflow.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: application/octet-stream
content-length: 601104
x-amz-id-2: x0/EovgLH4qZCGoWo/N/P4rUHGgji/8PSJ2n4kwMzBFTVFDBEX8SyvbMvA/okkBQkTaQWyA665g=
x-amz-request-id: QY0N8V8T6GN1S559
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "9758f7e3aa0c79ea7a3cadb16d10087b"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: UTKlo1hGdz_dUFIcS8sBNnGKYs0tphfn
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/styles__ltr.css

54.83.64.233

200 OK

52 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/styles__ltr.css
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (52368), with no line terminators
Size
52 kB (52368 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /styles__ltr.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/anchor.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/css; charset=utf-8
content-length: 52368
x-amz-id-2: Rh97uYXeIBa4VZh/bI6CnzLw8XE3KkXyx86mJuGKQnRbiRR0i6Nt5jBK5kX9MhM6GURmSZ+f3Ks=
x-amz-request-id: QY0R8HRTRDY5BM69
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "97c3d49b83dc004fcda822b1853b787b"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: t.EXRdu7Vlidf1PVA2ynwu5VXPsv1eUE
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download

54.83.64.233

200 OK

354 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (820)
Size
354 kB (353655 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /recaptcha__nl.js(1).download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/anchor.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: application/octet-stream
content-length: 353655
x-amz-id-2: ECWn+/dxYv2Dw/+h2Bf/W7QNISMLJxzAdVxxUT3sTyigzD5muDPtvQ/C4p2tu1MipPy9FKt3dOU=
x-amz-request-id: QY0J8936X0JSXMFD
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "e735084e8ffed1ad8d89df08d98d4d23"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: kpENiTiMjrqbSEPD8TVFrqMctHb0egDa
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/v2.js(1).download

54.83.64.233

200 OK

516 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/v2.js(1).download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (60882), with no line terminators
Size
516 kB (516406 bytes)
Hash
53c7729f9a5c32a04b6d48dd118565af
2757661583ee87fda362428569353e67519a0cc5
3e7d91fbd301e53ba7c3cf31ae3580a9ff821df913fc58297eb1675bcb068222

HTTP Headers

GET /v2.js(1).download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: application/octet-stream
content-length: 516406
x-amz-id-2: L25OF2a3EAUnPD4kpOMwZc5pH5bGT+W0Ee2M3t0yWcyC8rT86Hxujx+oh8VHhiprpIhmIVCs98A=
x-amz-request-id: QY0XER8RZVGZQC76
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "53c7729f9a5c32a04b6d48dd118565af"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: z1M_X7zr.bUgC9Jxa5DLhiEmBNS8Xl.l
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/storage.secure.min.js.download

54.83.64.233

200 OK

39 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/storage.secure.min.js.download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (38562), with no line terminators
Size
39 kB (38562 bytes)
Hash
3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /storage.secure.min.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: application/octet-stream
content-length: 38562
x-amz-id-2: j8WYGRLYvd5fdtD4DHL91xQtOWLduiJf+TiS70ZS5MtAqgh6IuOn/2ZsXcGpt+LccONNptRiqc4=
x-amz-request-id: QY0V1GPM7BRXPH8D
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "3386ec5559f1ba569cf0ab6acab436cc"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: KKigjc5ZmRWSj0hXBKP.I9_HXfZqFSQg
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grateful-summer-afterthought.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 429693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grateful-summer-afterthought.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 568905
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.131

200 OK

204 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://js.hsforms.net
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 170700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.131

200 OK

2.2 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:37:29 GMT
expires: Fri, 10 May 2024 00:37:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 486908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.hsforms.net/forms-next/shell-recaptcha

104.18.142.119

200 OK

1.2 kB

URL GET HTTP/2
js.hsforms.net/forms-next/shell-recaptcha
IP
104.18.142.119:443
ASN
#13335 CLOUDFLARENET

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource.html
Certificate
IssuerGoogle Trust Services LLC
Subjecthsforms.net
Fingerprint49:63:68:DE:D1:58:F7:46:97:8D:A9:5F:77:E7:1E:EF:95:DF:EB:E3
ValidityMon, 15 Apr 2024 01:41:40 GMT - Sun, 14 Jul 2024 01:41:39 GMT

File type
HTML document, ASCII text
Size
1.2 kB (1221 bytes)
Hash
b398fe98f83c84b8e686c2169573245a
6b5610c4d51770d21119485a9ac316566aae8b1c
df7ea8fd76f1aa2239de4eba7d7a325c85695e822b1cdeb2fefb3a90394cb724

HTTP Headers

GET /forms-next/shell-recaptcha HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Thu, 28 Mar 2024 11:42:53 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: D1_oTagfNv09jQ9QUhCaHiC1hTQuAPN0
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: nWr_3n_juDI5ZSBIjrJZ2_KeGfkpW1nCpgBoK16xvVE7NU8adjm6UQ==
age: 3364
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.746/html/recaptcha.html
x-content-type-options: nosniff
access-control-allow-origin: *
x-hs-cache-status: MISS
x-envoy-upstream-service-time: 6
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: d2b66b5e-6af5-4775-9088-af1f91120178
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-w988t
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: d2b66b5e-6af5-4775-9088-af1f91120178
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=9uIG5ilkr_e2nYtYZhhwYWCAC1x1WCotmp9gmJ_7yiE-1715183557-1.0.1.1-brJvHOXzDUKyzHAOZZyS_EOpBwBauHOMku801V2gdMI.Kh9O8rWyVqrx4fmOiDF_6Ie8YhGrjkgQXyFBSq4HgA; path=/; expires=Wed, 08-May-24 16:22:37 GMT; domain=.hsforms.net; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIls2lITgV%2FlqhQ1MGcnYdUYBpR%2BALhGFUNmBArZzzKdVdqtkmRJVn9mXAxxRZtouR3Cwnei1W6pFwj91dYmOaIOFAkkSY3nUjq7ERwDFBJZBdD40mKyUCLfMIWY5QGa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880a9e311d9256a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.131

200 OK

204 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 170700
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/saved_resource(4).html

54.83.64.233

200 OK

196 B

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/saved_resource(4).html
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
196 B (196 bytes)
Hash
8f180af3f4a0348d2da6a0092d1e07b7
72b97502017a0713adbaf01471bda7cdb2e8e8c7
652108eecc73ab61542ec918e255707b4b5b69343677a14a38bbde5b6e4c9d9a

HTTP Headers

GET /saved_resource(4).html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/anchor.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/html; charset=utf-8
content-length: 196
x-amz-id-2: YR5escc5IN+FUVBKilRdMmTQZA3uSjtk0OZrAyx5HYeqs6k0TXEh3U3mg7Om2fZ9Jc2i3nVN3AA=
x-amz-request-id: QY0J09CPGMTF64JC
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "8f180af3f4a0348d2da6a0092d1e07b7"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: tv5DH9lEu3zHmcjLkQMwrEnGzUhMj5LP
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/bframe.html

54.83.64.233

200 OK

11 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/bframe.html
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
11 kB (11399 bytes)
Hash
161c81930eb1b582be7559429dd87816
16709379e40d79dd50a0aed35c42ad96e4aed734
463c25dbddba27ac61e150288d07f2bb4bcb1bb48e05c64f797cc18887af1581

HTTP Headers

GET /bframe.html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/html; charset=utf-8
content-length: 11399
x-amz-id-2: VxTYbfIi8Iu/Xept6s522e8So5xM2kmTnsjQURdXTC7qr0GehjQDPYTFi9tBhFKK+uSe3e7YGtE=
x-amz-request-id: QY0GG8KF1PBBQ9T0
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "161c81930eb1b582be7559429dd87816"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: H6FRTwhTvUDOKh5FazE27_3A5CXCGAfK
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/saved_resource(3).html

54.83.64.233

200 OK

149 B

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/saved_resource(3).html
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
149 B (149 bytes)
Hash
3c2ccda97c47ede0b1c91b11efd575ea
0a348c4b61c961aba7618f909beb87f740a81983
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

HTTP Headers

GET /saved_resource(3).html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/html; charset=utf-8
content-length: 149
x-amz-id-2: M+xyt7zAjUAzxMrEbcvxst3XfypMRhBomfzl7rOY17rI7eopdj+wb4B/ee81WTwNy6YETgGB+fU=
x-amz-request-id: QY0TS0SDYFKC85C1
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "3c2ccda97c47ede0b1c91b11efd575ea"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: H047Kprl4vRRdmlLotjnhzPqk6zpMHgs
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

metamask.io/images/favicon.png

185.199.108.153

404 Not Found

20 kB

URL GET HTTP/2
metamask.io/images/favicon.png
IP
185.199.108.153:443
ASN
#54113 FASTLY

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint57:38:77:EC:4D:50:0A:4E:6C:2E:0A:BD:23:D5:61:5E:66:33:32:56
ValidityTue, 30 Apr 2024 10:14:57 GMT - Mon, 29 Jul 2024 10:14:56 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (50781)
Size
20 kB (20405 bytes)
Hash
dc0f9faacb401e4127aea9206d176b5e
1de1fb6e22a3aae24315ee2403dc7712b2e1bdde
96748729fc0d966177eead88688a21e932d093cd33bbfc8505f6b66d4ea8dd49

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"663b90b8-16b6e"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: E2AA:2C3A13:1DE430:1E8C46:663B9A3F
accept-ranges: bytes
age: 1414
date: Wed, 08 May 2024 15:52:38 GMT
via: 1.1 varnish
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715183558.008237,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: f1e34b2957de26e2185f345bc9496991476c6f6c
content-length: 20405
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css

142.250.74.131

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 17:09:08 GMT
expires: Tue, 06 May 2025 17:09:08 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 168210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download

54.83.64.233

200 OK

354 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (820)
Size
354 kB (353655 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /recaptcha__nl.js(1).download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/bframe.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:38 GMT
content-type: application/octet-stream
content-length: 353655
x-amz-id-2: EJjdrz9lxqgAE4H8pMs2NwXUcylkVQY+7EOkq1qALehwdzL1SVD2feOZCmSR5RQg4C6BPaFv5OA=
x-amz-request-id: XC11M3XSHSKZMM1T
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "e735084e8ffed1ad8d89df08d98d4d23"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: kpENiTiMjrqbSEPD8TVFrqMctHb0egDa
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/styles__ltr.css

54.83.64.233

200 OK

52 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/styles__ltr.css
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (52368), with no line terminators
Size
52 kB (52368 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /styles__ltr.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/bframe.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:38 GMT
content-type: text/css; charset=utf-8
content-length: 52368
x-amz-id-2: K5t4nilAPDSUPmoPBSehR1LkPww1VMSSzY4nuQLNgXVsqj5VxKYPYkG/fUqj2mczBiIWYu9pJ24=
x-amz-request-id: XC112D679V9PZY8H
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "97c3d49b83dc004fcda822b1853b787b"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: t.EXRdu7Vlidf1PVA2ynwu5VXPsv1eUE
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.131

200 OK

204 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 170701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css

142.250.74.131

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24617
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 17:09:08 GMT
expires: Tue, 06 May 2025 17:09:08 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/css
vary: Accept-Encoding
age: 168210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

104.18.80.204

200 OK

35 B

URL GET HTTP/3
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP
104.18.80.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subjecthsforms.com
Fingerprint51:25:A5:7D:FF:CF:F7:55:55:AE:CE:CF:B2:F6:5E:61:6C:D4:74:7A
ValidityWed, 17 Apr 2024 00:47:37 GMT - Tue, 16 Jul 2024 00:47:36 GMT

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Cookie: __cf_bm=07vZh8lRqzCdCRQh7K6YOGznESdKnI4d98Q9s0Oh4lk-1715183557-1.0.1.1-p2zcO_7Mjn7Mm6MoSg34fhChMzA2giWWViyGWQOR8lK7_r3VBO2Wu6WrL20QudWoCxZxoFgxizX87LVpm4gbUA; _cfuvid=TKPprC9s87ENjSyegf35mH5V3KZ7q8xZgDK.Yq4HruI-1715183557115-0.0.1.1-604800000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 15:52:38 GMT
content-type: image/gif
content-length: 35
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 2
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 662ab67c-9229-46f0-aad1-5227a977e642
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kcd8w
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 662ab67c-9229-46f0-aad1-5227a977e642
last-modified: Wed, 08 May 2024 15:52:38 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880a9e36dc8fb51d-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.131

200 OK

204 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 170701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

2.0 kB

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
2.0 kB (1961 bytes)
Hash
a8065214fda7dc58563bab0eeb118c2e
148d38f2009c7a2d5e90a553ac9665535d2e07b1
4da955bca77b3be5bd83363936fb3b381dfdc394ef49339d1ca1ec971ffa46b5

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 15:52:35 GMT
date: Wed, 08 May 2024 15:52:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grateful-summer-afterthought.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 568906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 429694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grateful-summer-afterthought.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 429694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 568906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.131

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 12:37:20 GMT
expires: Thu, 09 May 2024 12:37:20 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 530118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.131

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:45:28 GMT
expires: Thu, 09 May 2024 23:45:28 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 490030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.131

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:44:25 GMT
expires: Thu, 09 May 2024 22:44:25 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 493693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q

142.250.74.164

200 OK

2.3 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
gzip compressed data
Size
2.3 kB (2340 bytes)
Hash
c6706c47fb76abfef475b22947d327c1
fb80906ec3634f828b62d6545ad9bd62fb937ac4
bb43b0c7e62a11decbc66d012ab27a3dbb95aac8266fd51637d84d7355197ea8

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 08 May 2024 15:52:38 GMT
date: Wed, 08 May 2024 15:52:38 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17624)
Size
7.5 kB (7467 bytes)
Hash
1b84878b10f495c0906cf29733630286
f0253a2a4155c4b073f72bb19d81f6a065b3671a
475e7c98ff87111f1c17ed96d5de19b3703ef37d3db768817fdad7c6c9ae18e6

HTTP Headers

GET /js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7467
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:25 GMT
expires: Sat, 03 May 2025 03:22:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 477013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 429694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 568906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.131

200 OK

204 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 170701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.131

200 OK

2.2 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 00:37:29 GMT
expires: Fri, 10 May 2024 00:37:29 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 486909
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17624)
Size
7.5 kB (7467 bytes)
Hash
1b84878b10f495c0906cf29733630286
f0253a2a4155c4b073f72bb19d81f6a065b3671a
475e7c98ff87111f1c17ed96d5de19b3703ef37d3db768817fdad7c6c9ae18e6

HTTP Headers

GET /js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=1az1mvi594ro
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7467
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:25 GMT
expires: Sat, 03 May 2025 03:22:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 477013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.131

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
ASCII text, with very long lines (56412), with no line terminators
Size
25 kB (24617 bytes)
Hash
2c00b9f417b688224937053cd0c284a5
17b4c18ebc129055dd25f214c3f11e03e9df2d82
1e754b107428162c65a26d399b66db3daaea09616bf8620d9de4bc689ce48eed

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 170701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.131

200 OK

204 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 170702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js

142.250.74.131

200 OK

204 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (632)
Size
204 kB (204445 bytes)
Hash
add520996e437bff5d081315da187fbf
2e489fe16f3712bf36df00b03a8a5af8fa8d4b42
922b951591d52d44aa7015ebc95cab08192aa435b64f9016673ac5da1124a8b4

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 16:27:37 GMT
expires: Tue, 06 May 2025 16:27:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 170702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17624)
Size
7.5 kB (7467 bytes)
Hash
1b84878b10f495c0906cf29733630286
f0253a2a4155c4b073f72bb19d81f6a065b3671a
475e7c98ff87111f1c17ed96d5de19b3703ef37d3db768817fdad7c6c9ae18e6

HTTP Headers

GET /js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7467
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:25 GMT
expires: Sat, 03 May 2025 03:22:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 477014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 16:31:04 GMT
expires: Sat, 03 May 2025 16:31:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 429695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:50:52 GMT
expires: Fri, 02 May 2025 01:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 568907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

16 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
gzip compressed data
Size
16 kB (16302 bytes)
Hash
f4a615c229390ca0eaac2764534b5127
b607e9423ba4daca207b8b7ea8c3a658a2e8f707
687e298354e6e225149fb3a254f1a443a015a6f157b4fd6b9687953660c77b78

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 15:52:39 GMT
content-security-policy: script-src 'nonce-WbtiG_GIssDFSyjlj3Yvqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.131

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:45:28 GMT
expires: Thu, 09 May 2024 23:45:28 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 490032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.131

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:44:25 GMT
expires: Thu, 09 May 2024 22:44:25 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 493695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:48:27 GMT
expires: Fri, 02 May 2025 01:48:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 569053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06AFcWeA4vYGDhClgPTKG8eY8SV5jaOaO99VD7fRM2kzZ-HFWDQtH_jZwkmasHIbgBqXBGzR9EVJsuQdddmk8yp6OGXbT7vTstsvcX2yX1nTC_IcTWSdkdOwj7ekwQf4JFpuahGMDIdGaFdyTPeJxT8rKr5cvaq-0sC7FBSNG_frJNkeQ-F-CHYJE3P2YdxIovxTevi7Ci3aY0&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

46 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06AFcWeA4vYGDhClgPTKG8eY8SV5jaOaO99VD7fRM2kzZ-HFWDQtH_jZwkmasHIbgBqXBGzR9EVJsuQdddmk8yp6OGXbT7vTstsvcX2yX1nTC_IcTWSdkdOwj7ekwQf4JFpuahGMDIdGaFdyTPeJxT8rKr5cvaq-0sC7FBSNG_frJNkeQ-F-CHYJE3P2YdxIovxTevi7Ci3aY0&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3
Size
46 kB (46414 bytes)
Hash
c83afbdaff816da9040df27c94752cdc
7856c06a59131eaf4bd85734fc61175d1c367547
7da7b151bbf1c6bb748eda57e009a977a263460247fef70a17b390afeebc4438

HTTP Headers

GET /recaptcha/enterprise/payload?p=06AFcWeA4vYGDhClgPTKG8eY8SV5jaOaO99VD7fRM2kzZ-HFWDQtH_jZwkmasHIbgBqXBGzR9EVJsuQdddmk8yp6OGXbT7vTstsvcX2yX1nTC_IcTWSdkdOwj7ekwQf4JFpuahGMDIdGaFdyTPeJxT8rKr5cvaq-0sC7FBSNG_frJNkeQ-F-CHYJE3P2YdxIovxTevi7Ci3aY0&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AKDSkeayGjcKelO8oFT9uwipAfs3r9fObuD-Bg9dLWXU7XoL2AmQwIdRM82IPaGmcdDOoriemgofu5mwRpQ6de8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: image/jpeg
expires: Wed, 08 May 2024 15:52:40 GMT
date: Wed, 08 May 2024 15:52:40 GMT
cache-control: private, max-age=30
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:48:27 GMT
expires: Fri, 02 May 2025 01:48:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 569053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

30 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
gzip compressed data
Size
30 kB (30372 bytes)
Hash
66acc313c0340f292a4e2fbb3b334f0c
7125212e4ac14a6b5640dc27a73f0d07cef59a0e
92586610a685c0c8b5f3f98cb369fce0ee4e54124a0209339f3ab42969b7ea13

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 7710
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AKDSkeayGjcKelO8oFT9uwipAfs3r9fObuD-Bg9dLWXU7XoL2AmQwIdRM82IPaGmcdDOoriemgofu5mwRpQ6de8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Wed, 08 May 2024 15:52:40 GMT
expires: Wed, 08 May 2024 15:52:40 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AKDSkeZWgW8thA5zeQUEBD5qHWulJHgGi2B4XzQ2Q7nIgqFvyeW4FGbmaJxQs0azTQcmzsCXRRx-yWDnrQjS7gg;Path=/recaptcha;Expires=Mon, 04-Nov-2024 15:52:40 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js

142.250.74.164

200 OK

7.5 kB

URL GET HTTP/3
www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (17624)
Size
7.5 kB (7467 bytes)
Hash
1b84878b10f495c0906cf29733630286
f0253a2a4155c4b073f72bb19d81f6a065b3671a
475e7c98ff87111f1c17ed96d5de19b3703ef37d3db768817fdad7c6c9ae18e6

HTTP Headers

GET /js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 7467
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 03:22:25 GMT
expires: Sat, 03 May 2025 03:22:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Apr 2024 11:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 477015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q

142.250.74.164

200 OK

7.8 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
gzip compressed data
Size
7.8 kB (7814 bytes)
Hash
f2fb81390843406a8a822ec02f198931
1516f345d5019e1986dac7d7b7d2ade51f1c8118
ff0666b1c3676da57270066e91c148bf6b06b6f53032bf0cb3e0bc2bd9d517ef

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=vjbW55W42X033PfTdVf6Ft4q HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=1az1mvi594ro
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 08 May 2024 15:52:38 GMT
date: Wed, 08 May 2024 15:52:38 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

doggybars.shop/mata.io/meta/v2.js.download

0.0.0.0

0 B

URL GET
doggybars.shop/mata.io/meta/v2.js.download
IP
0.0.0.0:0
ASN
#0

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mata.io/meta/v2.js.download HTTP/1.1
Host: doggybars.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/plx.chock.js

104.17.96.13

404 Not Found

0 B

URL GET HTTP/2
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/meta/plx.chock.js
IP
104.17.96.13:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerLet's Encrypt
Subjectcf-ipfs.com
Fingerprint46:AD:9B:E1:02:E3:A8:FE:9B:E2:86:B5:A1:5C:07:B9:B7:3B:17:14
ValiditySat, 16 Mar 2024 23:28:47 GMT - Fri, 14 Jun 2024 23:28:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other

HTTP Headers

GET /meta/plx.chock.js HTTP/1.1
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Cookie: __cf_bm=aIxGQpQ9wDWTvRO2816L1F0IZGT_8w1XwD5uXIoLjJI-1715183554-1.0.1.1-4zDtxydhksgYivbXPr9N8_0L3YzJXfjI7LIa4.ATbS7irqT5ZBIdw3Sy_LBlKHlHaLaoA1uJzLGfyrIjshC9dg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 08 May 2024 15:52:35 GMT
content-type: text/plain; charset=utf-8
cf-ray: 880a9e232f0056a5-OSL
cf-cache-status: EXPIRED
access-control-allow-origin: *
cache-control: no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-content-type-options: nosniff
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/meta/plx.chock.js
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/payload?p=06AFcWeA4ftGmWDWrdX7Y9VNriJ8TzP8HTFBJU0-NSd7YMLZRDViW1UXueHFBsBBU0RpPLeqj3YyNMJf2dFFZRAtN92HbEpUckaUFkpYJ5RpnwTYHqbVrckGnm7xlk0hxHiA_RDkPYmdt-mpMhtpHlL8mrf3tex6Njry7irynAdwnJUK_FxPiNrYlbhnUV0uytldkucdBnI50p&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

37 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06AFcWeA4ftGmWDWrdX7Y9VNriJ8TzP8HTFBJU0-NSd7YMLZRDViW1UXueHFBsBBU0RpPLeqj3YyNMJf2dFFZRAtN92HbEpUckaUFkpYJ5RpnwTYHqbVrckGnm7xlk0hxHiA_RDkPYmdt-mpMhtpHlL8mrf3tex6Njry7irynAdwnJUK_FxPiNrYlbhnUV0uytldkucdBnI50p&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3
Size
37 kB (37099 bytes)
Hash
f4dd3344ae3518098f5053554f933788
ac89d3c8fa51fc386918b788777c78fbe657d5b0
9b787cb3bce3b7bd3b4ba7b8a04b9ecdb05489bb832f05dc46d2493ce8aaf6b8

HTTP Headers

GET /recaptcha/enterprise/payload?p=06AFcWeA4ftGmWDWrdX7Y9VNriJ8TzP8HTFBJU0-NSd7YMLZRDViW1UXueHFBsBBU0RpPLeqj3YyNMJf2dFFZRAtN92HbEpUckaUFkpYJ5RpnwTYHqbVrckGnm7xlk0hxHiA_RDkPYmdt-mpMhtpHlL8mrf3tex6Njry7irynAdwnJUK_FxPiNrYlbhnUV0uytldkucdBnI50p&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=vjbW55W42X033PfTdVf6Ft4q&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AKDSkeZWgW8thA5zeQUEBD5qHWulJHgGi2B4XzQ2Q7nIgqFvyeW4FGbmaJxQs0azTQcmzsCXRRx-yWDnrQjS7gg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/jpeg
expires: Wed, 08 May 2024 15:52:40 GMT
date: Wed, 08 May 2024 15:52:40 GMT
cache-control: private, max-age=30
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css

54.83.64.233

200 OK

32 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
ASCII text
Size
32 kB (32261 bytes)
Hash
3347570c44bced253cb62ed2551e256a
e0f1ecb1b5e44464f54c2afb631a51cc112e8efd
8a7cb198c7650ec10849c615e5bdaf3d94efa9fb09c1af175ef342e963d70fa2

HTTP Headers

GET /metamask-staging-2.webflow.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: text/css; charset=utf-8
content-length: 142039
x-amz-id-2: 0wfBHSVJpZ+Icici7RG9G4TtwH/I7cQf/BuiTGLo402F5rbsmCFOnlB7AF8Ne9qlbCTBDHVQcN0=
x-amz-request-id: N1H2ZJXNG2A5S9Q0
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "1aed8830738b6a1e846ca6af968e7917"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: FGJzfWljwWKudZkkQden2BkVXb6GeUAd
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

metamask.io/images/webclip.png

185.199.108.153

404 Not Found

0 B

URL GET HTTP/2
metamask.io/images/webclip.png
IP
185.199.108.153:443
ASN
#54113 FASTLY

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint57:38:77:EC:4D:50:0A:4E:6C:2E:0A:BD:23:D5:61:5E:66:33:32:56
ValidityTue, 30 Apr 2024 10:14:57 GMT - Mon, 29 Jul 2024 10:14:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"663b90b8-16b6e"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 7720:38EC8F:1E398B:1EE273:663B9A3F
accept-ranges: bytes
age: 1414
date: Wed, 08 May 2024 15:52:37 GMT
via: 1.1 varnish
x-served-by: cache-hel1410026-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715183558.825561,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: f4a4c494e1166106c918bb338e24840edc8d7f2c
content-length: 20405
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

142.250.74.164

200 OK

1.0 kB

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
JavaScript source, ASCII text, with very long lines (1008), with no line terminators
Size
1.0 kB (1008 bytes)
Hash
be9e0752c7d4536d7794c1752253d894
dc291ec3115382fbb52425da738d3b7e0bc11f38
566ddc92cf8ee53fdd92d7b15ba66dd2d06eae47ce01e6c5829c53b271656367

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 08 May 2024 15:52:37 GMT
date: Wed, 08 May 2024 15:52:37 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz

142.250.74.164

200 OK

47 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with very long lines (38579)
Size
47 kB (47290 bytes)
Hash
56667ebc34372abe80a34d685aa6814b
4d49b91bd2d660260cfb6cb6cdcb6087200324c2
6919d7e84191f39c23c152020215eceaddcce5b5735eaf7dee8997300bcc88fc

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=den95swuj7iz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 15:52:38 GMT
content-security-policy: script-src 'nonce-1W3pJuFUwPr90vszGcqxag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grateful-summer-afterthought.glitch.me/normalize.css

54.83.64.233

200 OK

7.8 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/normalize.css
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (8147), with no line terminators
Size
7.8 kB (7772 bytes)
Hash
21240e0cead3210a28555c3fa89acab0
486fbbc9a997da04985e8ffb5b52e74e0a6f35ea
2881f1b580116868946ef393e44e46ce9ec94fda36f6d1eb840290671830db6a

HTTP Headers

GET /normalize.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:35 GMT
content-type: text/css; charset=utf-8
content-length: 7772
x-amz-id-2: DoYnYIteQ61a/IgWu+P7pU9QAD+0auD0Y1iCGq8FH+C2MhQwXGe7co0xavhOdl1KOF2wSLLh/es=
x-amz-request-id: N1HC671DCE9B5DFD
last-modified: Sun, 14 Apr 2024 09:16:20 GMT
etag: "4951cc88307c632cf285d3ba988ab283"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 8FygmLAq835jdMdey8BAwnOxwypqybk1
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

142.250.74.131

404 Not Found

0 B

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 08 May 2024 15:52:38 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=1az1mvi594ro

142.250.74.164

200 OK

48 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=1az1mvi594ro
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/secure.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
HTML document, ASCII text, with very long lines (38964)
Size
48 kB (47760 bytes)
Hash
df0814d9b5d7f69e9583a5d6be1bfac2
cd9cfe7e574586669b6a661523c3f49b406b2d13
6265f4cfc08e6e6a8f261170ee3ff604cca4db2c177be1379a86b315dea5a536

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmNmLWlwZnMuY29tOjQ0Mw..&hl=en&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&badge=inline&cb=1az1mvi594ro HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.cf-ipfs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 May 2024 15:52:38 GMT
content-security-policy: script-src 'nonce-r94MZ5m-J-7VWzQ9-g0j_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grateful-summer-afterthought.glitch.me/shell-recaptcha.html

54.83.64.233

200 OK

149 B

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/shell-recaptcha.html
IP
54.83.64.233:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with no line terminators
Size
149 B (149 bytes)
Hash
fb414be122309c0719179de4dc1047f8
9a6172309933dfafbce87ca8f1ef6a398efcbf04
bbb1e1f86ee39bc06aed5b3d4ae61b46b220635ca98b3f07021da24f68d0e53f

HTTP Headers

GET /shell-recaptcha.html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:52:37 GMT
content-type: text/html; charset=utf-8
content-length: 149
x-amz-id-2: Wff//grLXfMHkXt5/wii9FyOEHtZbnhrSsXEhc6BwfmdeuvY2nZk5DuCmnvaNDkWpET1UTAwFtg=
x-amz-request-id: QY0TX7D68CDTZJ7Q
last-modified: Sun, 14 Apr 2024 09:16:21 GMT
etag: "3c2ccda97c47ede0b1c91b11efd575ea"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: JsqRT6AFIAUEqM6teizTUxm_lHdciWkr
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

142.250.74.164

200 OK

1.0 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (1008), with no line terminators
Size
1.0 kB (1008 bytes)
Hash
be9e0752c7d4536d7794c1752253d894
dc291ec3115382fbb52425da738d3b7e0bc11f38
566ddc92cf8ee53fdd92d7b15ba66dd2d06eae47ce01e6c5829c53b271656367

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
expires: Wed, 08 May 2024 15:52:37 GMT
date: Wed, 08 May 2024 15:52:37 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (37)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML