Report - bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/

Report Overview

Visited public
2023-08-29 18:17:12
Tags
crypto phishing
URL
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Finishing URL
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
IP / ASN
209.94.90.1
#40680 PROTOCOL
Title
MetaMask - A crypto wallet & gateway to blockchain apps
Phishing - Generic Crypto/Wallet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12 22:43:53	2023-08-29 05:12:09	1.4 kB	3.8 kB	54.230.80.227
grateful-summer-afterthought.glitch.me	unknown	2008-07-18	2023-01-19 13:34:46	2023-07-01 09:21:10	17 kB	3.0 MB	3.224.43.36
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-29 04:31:45	1.0 kB	10 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-29 04:31:24	5.6 kB	148 kB	216.58.207.227
forms.hsforms.com	5160	2013-09-18	2018-03-07 16:21:13	2023-08-29 05:03:38	539 B	3.2 kB	104.18.176.125
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-08-28 20:45:32	4.4 kB	91 kB	142.250.74.132
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-08-29 05:06:00	7.5 kB	810 kB	142.250.74.35
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link	unknown	2017-02-24	2023-02-23 12:34:03	2023-07-18 10:56:52	2.2 kB	17 kB	209.94.90.1
doggybars.shop	unknown	unknown	2022-11-28 12:36:00	2023-07-01 09:21:10	443 B	0 B	0.0.0.0
metamask.io	81413	2015-07-02	2015-11-15 18:16:41	2023-08-29 10:48:05	972 B	37 kB	185.199.109.153
perf.hsforms.com	10768	2013-09-18	2020-07-03 15:11:28	2023-08-29 07:19:36	565 B	1.1 kB	104.18.176.125
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-28 18:12:02	2.0 kB	4.2 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-08-29 18:16:39	low	Client IP	Internal IP	ET HUNTING IPFS Gateway Domain in DNS Lookup (ipfs .dweb .link)
2023-08-29 18:16:39	low	Client IP	Internal IP	ET HUNTING IPFS Gateway Domain in DNS Lookup (ipfs .dweb .link)
2023-08-29 18:16:39	low	Client IP	209.94.90.1	ET HUNTING Observed IPFS Gateway Domain (ipfs .dweb .link) in TLS SNI
2023-08-29 18:16:39	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:39	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	3.224.43.36	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	3.224.43.36	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	3.224.43.36	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	3.224.43.36	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	3.224.43.36	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	3.224.43.36	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	3.224.43.36	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	3.224.43.36	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2023-08-29 18:16:40	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:41	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:42	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:42	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:42	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:42	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:42	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing
2023-08-29 18:16:42	medium	Client IP	Internal IP	ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-08-18	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	Crypto/Wallet
2023-08-18	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	Crypto/Wallet
2023-08-18	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	Crypto/Wallet
2023-08-18	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	Crypto/Wallet

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-08-29	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link	Sinkholed
2023-08-29	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link	Sinkholed
2023-08-29	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link	Sinkholed
2023-08-29	medium	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link	Sinkholed

ThreatFox

No alerts detected

JavaScript (35)

	URL	From	Size	First Seen	Last Seen
	grateful-summer-afterthought.glitch.me/tag.js.download	ScriptElement	22 kB	2023-03-07	2024-12-23
Pretty URL grateful-summer-afterthought.glitch.me/tag.js.download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-12-23 16:45 Times Seen103 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	grateful-summer-afterthought.glitch.me/v2.js.download	ScriptElement	579 kB	2023-03-09	2024-12-23
Pretty URL grateful-summer-afterthought.glitch.me/v2.js.download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen62 Hash d3b2366c9977c975fc6abdc6a119c361 ed6031ba0b0efe5b77acd0382f8d647f2cc88018 7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25 Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	ScriptElement	5.8 kB	2023-08-29	2023-08-29
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.18.176.125 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-29 20:17 Last Seen2023-08-29 20:17 Times Seen1 Hash 510b80f0b85979b24317873044ccf9ea 37506059f13195553c58d16b7ee2295daf546eb1 52faa52cab81230d12cd64253659e084d2cbdeb11feeda6311e9cabc06ea17f6 Loading...

	grateful-summer-afterthought.glitch.me/storage.secure.min.js.download	ScriptElement	39 kB	2023-03-07	2024-12-31
Pretty URL grateful-summer-afterthought.glitch.me/storage.secure.min.js.download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2024-12-31 05:03 Times Seen69 Hash 3386ec5559f1ba569cf0ab6acab436cc e98e11d37c5172ee128a85f68447efb3cb0e853c 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73 Loading...

	www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js	ScriptElement	462 kB	2023-08-25	2024-08-21
Pretty URL www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 14:13 Last Seen2024-08-21 08:07 Times Seen5931 Hash a5654a0210fc0019b5edca973ad5bb5e ca96425226fd0088aaa504a5b8fa5675a1c4f429 6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f Loading...

	grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download	ScriptElement	354 kB	2023-03-07	2024-12-31
Pretty URL grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29 Last Seen2024-12-31 05:03 Times Seen66 Hash e735084e8ffed1ad8d89df08d98d4d23 6cdab8dac12030c8bc980ec129affecc626285c3 6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4	ScriptElement	75 B	2023-03-07	2025-05-11
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-05-11 18:53 Times Seen14270 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 20:25 Times Seen4657149 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	ScriptElement	73 B	2023-03-07	2025-05-10
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-10 22:20 Times Seen201 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	ScriptElement	181 B	2023-03-07	2025-05-11
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17 Last Seen2025-05-11 18:57 Times Seen15982 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	grateful-summer-afterthought.glitch.me/webflow.js.download	ScriptElement	601 kB	2023-03-07	2025-05-06
Pretty URL grateful-summer-afterthought.glitch.me/webflow.js.download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20 Last Seen2025-05-06 11:44 Times Seen100 Hash 9758f7e3aa0c79ea7a3cadb16d10087b 07f3c4e552e28eba6172f53d6dcf981a55f42031 0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d Loading...

	grateful-summer-afterthought.glitch.me/v2.js(1).download	ScriptElement	516 kB	2023-03-10	2024-08-21
Pretty URL grateful-summer-afterthought.glitch.me/v2.js(1).download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:50 Last Seen2024-08-21 07:49 Times Seen29 Hash 53c7729f9a5c32a04b6d48dd118565af 2757661583ee87fda362428569353e67519a0cc5 3e7d91fbd301e53ba7c3cf31ae3580a9ff821df913fc58297eb1675bcb068222 Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	ScriptElement	209 B	2023-03-08	2024-08-21
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 00:08 Last Seen2024-08-21 07:49 Times Seen3 Hash 075157c0ca914acfd9a17177ab358924 fa0e25950455475dba820d56a5aa122d5f245340 2a17c2d6f20d232e749159d8de12555345ca7d89da67c487955c0df9f3cd26e0 Loading...

	grateful-summer-afterthought.glitch.me/enterprise.js.download	ScriptElement	1.0 kB	2023-03-07	2024-12-31
Pretty URL grateful-summer-afterthought.glitch.me/enterprise.js.download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29 Last Seen2024-12-31 05:03 Times Seen67 Hash d07e7630bc23cbdd7520d0a4f086c922 b50685923a96d55109959fdf21f369d902971b2a 15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2 Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	ScriptElement	164 B	2023-03-07	2025-05-10
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-10 22:20 Times Seen135 Hash 9fb685752617cf9403453cc16f9b0469 84d82954770f482fbea43960d5a5dc36e3572d1a d57443d0c7faf37db40a6058be8401314277c4b2662d8ed301ee6c0bd99a8c4d Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	ScriptElement	1.8 kB	2023-03-07	2025-05-06
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 17:55 Last Seen2025-05-06 11:44 Times Seen114 Hash 8b1fb904d189e68aaf32a2223915fdfd d1a510fab3db50f7482275581d2171914e1d6631 c1863d7b43731c0cb9a160099c3fa80215e0b0966f27061f78eb6af1da84f026 Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	ScriptElement	116 B	2023-03-07	2025-05-06
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-06 11:44 Times Seen140 Hash 65eedcd8ea68974fc10b18a001f5ff0d d57d865c29e2ba5f817f850194c33f6d1e7ea064 681e6299492c0b7a15980513d81a420ff8d912dadc14d90148b77bd81018926e Loading...

	bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/	ScriptElement	184 B	2023-03-07	2025-05-10
Pretty URL bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/ IP 209.94.90.1 ASN #40680 PROTOCOL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-10 22:20 Times Seen150 Hash 12c0659e2686c193368d09f53edc8090 e2a481f856253ec2b3dfe266ab035bc1ca650b72 7269e1e3bae2d22edc632e41922fd7e090dd785fdb749c05b577f78e9126075c Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true	ScriptElement	1.4 kB	2023-08-25	2023-09-15
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 21:59 Last Seen2023-09-15 01:47 Times Seen16 Hash 38d2e0771ccfa191eab966915d6b1dea f34816a5049379b4b783d23c62f714b2b448336b 1357dfb006b09d5cef16f9dfa8d897578b2f71698da13bd9ab529e8f5cf83050 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4	ScriptElement	48 kB	2024-08-21	2024-08-21
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 07:49 Last Seen2024-08-21 07:49 Times Seen1 Hash f6fb2fd7f92f49a2cde1fe58d31d9219 8331e55473e1f86a8181eef43d8408a2dc4ad07b e0d241f8ca0d79c8a656695bfeafcc8488a98124614b082e499b0ac7310917aa Loading...

	grateful-summer-afterthought.glitch.me/webfont.js.download	ScriptElement	13 kB	2023-03-07	2025-05-11
Pretty URL grateful-summer-afterthought.glitch.me/webfont.js.download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-11 16:24 Times Seen17548 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download	ScriptElement	90 kB	2023-03-07	2025-05-11
Pretty URL grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 19:20 Times Seen108977 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	grateful-summer-afterthought.glitch.me/bframe.html	ScriptElement	175 B	2023-03-07	2025-05-03
Pretty URL grateful-summer-afterthought.glitch.me/bframe.html IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17 Last Seen2025-05-03 11:49 Times Seen98 Hash 117ee3a6ec35b36713c5e48205ff5fce 8f892b6a14a32c6e5e1cf000d06b18535a7b6238 7317f1aa4ede14314da978897b86477afe5fbc7b634899c0e33a740ca235e675 Loading...

	grateful-summer-afterthought.glitch.me/anchor.html	ScriptElement	33 kB	2023-03-09	2025-05-03
Pretty URL grateful-summer-afterthought.glitch.me/anchor.html IP 3.224.43.36 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 10:05 Last Seen2025-05-03 11:49 Times Seen91 Hash 27fe4cb47aa233ddd8165960b6d65929 11cc82d6e20cc46d88bacc3ed4bfb3f24bbf4b3b 692d9a7342c1fcb4c0417afee37d21695396088ca85a5a29f116f63189e0c595 Loading...

		Size	First Seen	Last Seen
	#1 Eval - eb94905b9da3f67da3f000d1bb6efbde	64 B	2023-03-09 10:05	2024-12-23 16:45
Pretty Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen62 Hash eb94905b9da3f67da3f000d1bb6efbde 1d3286e8759266d0f632990a00153ac614ca6c39 ef56a8332ced72dcd8b9a2756ce1fe129be6db47ca4863412b51e8028a9d1eb2 Loading...

	#2 Eval - 272eb139968a9665de1db4beccf568d2	22 B	2023-03-09 10:05	2024-12-23 16:45
Pretty Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen63 Hash 272eb139968a9665de1db4beccf568d2 e6505fdd0680c557e102b20212d31942c7d24429 26ef4c313a8ffd1b7fc79977328690a19336ac1187fa07d9cfc3a8327f5a08ba Loading...

	#3 Eval - 7a5e1b70fffcbabef80d0d66c1202447	19 kB	2024-08-21 07:49	2024-08-21 07:49
Pretty Observations First Seen2024-08-21 07:49 Last Seen2024-08-21 07:49 Times Seen1 Hash 7a5e1b70fffcbabef80d0d66c1202447 95e64f3de11f8b069a19c9865f9a2391fbdb7681 ff5125957dab9b1ec41011e331f731bf61bfbc19367e5be549a0ddb6ce54d6a7 Loading...

	#4 Eval - ff08f30d8b24994bb1650e9e629c4f86	22 B	2023-08-16 08:42	2024-08-21 08:36
Pretty Observations First Seen2023-08-16 08:42 Last Seen2024-08-21 08:36 Times Seen566 Hash ff08f30d8b24994bb1650e9e629c4f86 3a5c681cc2847bbec5d96bac8f0ea36554d02800 281dedb55d99025d1eb1ccff22b6d21bfbaa8bd6027bed7799f4e1512c9585f1 Loading...

	#5 Eval - 6e2eefeef10d2b02666f73d648f418d9	22 B	2023-08-16 08:42	2024-08-21 08:36
Pretty Observations First Seen2023-08-16 08:42 Last Seen2024-08-21 08:36 Times Seen568 Hash 6e2eefeef10d2b02666f73d648f418d9 9d927fb797bd7f44a69a67ab82c615f209a2519b 9563f2f021db2e304976360087ae9e533798c5bd57f730556daac9ffafa29cb9 Loading...

	#6 Eval - 15760900e488ec647450f20eeaa49944	15 kB	2023-03-09 10:05	2024-12-23 16:45
Pretty Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen60 Hash 15760900e488ec647450f20eeaa49944 208ad236b244f8adbd138cda9ad9f7f1d4e7758e 90d9c75dc0b4578e5468206d805353952b0a650c707ac7f9632b29f3694c1dff Loading...

	#7 Eval - a3c97de2bf24df0cfe84e3e0e1d57256	16 kB	2023-08-16 08:42	2024-08-21 08:36
Pretty Observations First Seen2023-08-16 08:42 Last Seen2024-08-21 08:36 Times Seen568 Hash a3c97de2bf24df0cfe84e3e0e1d57256 ff14e9a5745623f28dc642515553fd812cf860a4 c56e997cb5b3a46cdf7246052303c76583e3085fc9ed5c5a9e15664f8dacb4ce Loading...

	#8 Eval - cb2062ea978c422323ba9f190324b156	21 kB	2024-08-21 07:49	2024-08-21 07:49
Pretty Observations First Seen2024-08-21 07:49 Last Seen2024-08-21 07:49 Times Seen1 Hash cb2062ea978c422323ba9f190324b156 7a23fcd366b6ffd5355dccb3d14e936ccce0f649 aefa3580cb1788143ab837f03ece583867bdf6f056bd3eae498e79dcf68d8cd1 Loading...

	#9 Eval - 16716278cd32a433d9d061bab2d9013a	22 kB	2024-08-21 07:49	2024-08-21 07:49
Pretty Observations First Seen2024-08-21 07:49 Last Seen2024-08-21 07:49 Times Seen1 Hash 16716278cd32a433d9d061bab2d9013a 3c4142038c48d811da267053daaeb76a8ace8ed4 37037067fced80808eb67aaa13df1186fe89327de9fa1d71f523c0f9cd5e92ec Loading...

	#10 Eval - 8239ee6044ad7e817a1f26d19412f6eb	22 B	2023-03-09 10:05	2024-12-23 16:45
Pretty Observations First Seen2023-03-09 10:05 Last Seen2024-12-23 16:45 Times Seen62 Hash 8239ee6044ad7e817a1f26d19412f6eb 7116e217d05810b609ff09ac21e2c6097f14484c df78f0db59a013604da430bf67714a0445ddb583f42925592cfed1774716374d Loading...

	#11 Eval - 16bdfef01036bdca12d985b34ef67d8f	64 B	2023-08-16 08:42	2024-08-21 08:36
Pretty Observations First Seen2023-08-16 08:42 Last Seen2024-08-21 08:36 Times Seen565 Hash 16bdfef01036bdca12d985b34ef67d8f 9f8e95833aafb56f347853589f93679c1e664a3a defb92fe3de46608d55894d4420840522403ad0e935b312b5331dfa4353c3a4f Loading...

HTTP Transactions (84)

URL IP Response Size

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/plx.chock.js

209.94.90.1

404 Not Found

190 B

URL GET HTTP/2
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/plx.chock.js
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
ASCII text
Size
190 B (190 bytes)
Hash
c4399f2a626e4fba8a0fb982686fa840
5c3a909b75bf87ab33ad825a227755d07df3cb70
4786380af2d2cca6b54207d5513e4b1846e06408de165ea180673755a8958df0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /meta/plx.chock.js HTTP/1.1
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: text/plain; charset=utf-8
content-length: 190
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
x-content-type-options: nosniff
x-ipfs-gateway-host: ipfs-bank13-fr2
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/meta/plx.chock.js
x-ipfs-pop: ipfs-bank13-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/wpp.gif

209.94.90.1

404 Not Found

185 B

URL GET HTTP/2
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/wpp.gif
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
ASCII text
Size
185 B (185 bytes)
Hash
192b846387308074ff88a19cee7ac36d
31aa92b9c860765ad67a2ba71f78562aa472db3e
a4c064cd993b01c2cfc760b7de28ec734e052edea4bfab1e68f5a549a8c334f7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /meta/wpp.gif HTTP/1.1
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: text/plain; charset=utf-8
content-length: 185
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
x-content-type-options: nosniff
x-ipfs-gateway-host: ipfs-bank12-fr2
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/meta/wpp.gif
x-ipfs-pop: ipfs-bank12-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f3b5e76a2485d8990cd79df3341412e6
2717c7d1e2ff0cda7606438e15e351a3e388bd47
ebf58ad3b9ac4ed2d047a87b3599990b94318ecfa0ea56502ccbf9c3ff786982

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Aug 2023 18:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
64e3800e5a1d860d952022de50c2d90a
5e717f6cf527be02c9d495efa00747f9abe27f8c
4952c18dbde84f4cb5eab087e6e23b993c7819bde24868e7767fa1f20f211faf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 29 Aug 2023 18:16:50 GMT
Last-Modified: Tue, 29 Aug 2023 17:30:47 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XhkAuAIRDPLCeP2Zw_dbKiSyL7_e2mzVszi7ybDuXfU7GJS_znnEhA==
Age: 2763

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f3b5e76a2485d8990cd79df3341412e6
2717c7d1e2ff0cda7606438e15e351a3e388bd47
ebf58ad3b9ac4ed2d047a87b3599990b94318ecfa0ea56502ccbf9c3ff786982

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Aug 2023 18:16:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
64e3800e5a1d860d952022de50c2d90a
5e717f6cf527be02c9d495efa00747f9abe27f8c
4952c18dbde84f4cb5eab087e6e23b993c7819bde24868e7767fa1f20f211faf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 29 Aug 2023 18:16:50 GMT
Last-Modified: Tue, 29 Aug 2023 17:33:06 GMT
Server: ECAcc (ska/F77E)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X9YgIos0oRvBcyWVYVMxiumTHNykVV1bnpow5bHPuDYfuoEPg_Emfw==
Age: 2624

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
64e3800e5a1d860d952022de50c2d90a
5e717f6cf527be02c9d495efa00747f9abe27f8c
4952c18dbde84f4cb5eab087e6e23b993c7819bde24868e7767fa1f20f211faf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 29 Aug 2023 18:16:50 GMT
Last-Modified: Tue, 29 Aug 2023 18:04:46 GMT
Server: ECAcc (amb/6AA6)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6HDiW__BGNlgtZW06pb2XOu0FzWPl-GYwcjLT4CU8SiOG0r3xg1NHQ==
Age: 724

ocsp.r2m01.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
64e3800e5a1d860d952022de50c2d90a
5e717f6cf527be02c9d495efa00747f9abe27f8c
4952c18dbde84f4cb5eab087e6e23b993c7819bde24868e7767fa1f20f211faf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 29 Aug 2023 18:16:50 GMT
Last-Modified: Tue, 29 Aug 2023 17:53:04 GMT
Server: ECAcc (amb/6B61)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cRdgdbkeGQdTiEcWCZM8XF1zdpNcpngOrWh4YmmZwKxAB3K3enO6BA==
Age: 1426

grateful-summer-afterthought.glitch.me/js

3.224.43.36

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/js
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.7 kB (3672 bytes)
Hash
cb7041c1a55eafb11d1cd3803a1d6ece
ca77adb188cc5841de7c4da8ea09d4f31e6b6210
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

HTTP Headers

GET /js HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Tue, 29 Aug 2023 18:16:50 GMT
content-length: 3672
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download

3.224.43.36

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/recaptcha__nl.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.7 kB (3672 bytes)
Hash
cb7041c1a55eafb11d1cd3803a1d6ece
ca77adb188cc5841de7c4da8ea09d4f31e6b6210
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

HTTP Headers

GET /recaptcha__nl.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Tue, 29 Aug 2023 18:16:50 GMT
content-length: 3672
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/storage.secure.min.js.download

3.224.43.36

200 OK

39 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/storage.secure.min.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38562), with no line terminators
Size
39 kB (38562 bytes)
Hash
3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /storage.secure.min.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: application/octet-stream
content-length: 38562
x-amz-id-2: yz+bmJcDJ1oWt91x97lgmkRCUPE58U6maRJikVhxf+l7msMz6bNjf7TPDhzKh5rY95smMjYbgxM=
x-amz-request-id: AW5RYG42S7EPCCDA
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "3386ec5559f1ba569cf0ab6acab436cc"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: f5IFtR__VUc9jobOUhOr5TFLZBJncVmK
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/jsonp

3.224.43.36

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/jsonp
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.7 kB (3672 bytes)
Hash
cb7041c1a55eafb11d1cd3803a1d6ece
ca77adb188cc5841de7c4da8ea09d4f31e6b6210
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

HTTP Headers

GET /jsonp HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Tue, 29 Aug 2023 18:16:50 GMT
content-length: 3672
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/webfont.js.download

3.224.43.36

200 OK

13 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/webfont.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2134)
Size
13 kB (13188 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /webfont.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: application/octet-stream
content-length: 13188
x-amz-id-2: qRtJ9FitAJWhfZQ9SVMnMvhlKYttSnhmC+gHCWQzumQr3WfjXwggOe7qP8V2J0m8E2MHgPDxqPQ=
x-amz-request-id: AW5QQ6XXDNB9APS4
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "7c96a5f11d9741541d5e3c42ff6380d7"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: b8K03pzd.aaK3VqR3acDAt6XWCNkiA2j
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/tag.js.download

3.224.43.36

200 OK

22 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/tag.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (21652), with no line terminators
Size
22 kB (21652 bytes)
Hash
e2ee8a9cd68c3d310a4c62fdb4b5c93a
67eb5f9547f1d9de0a8b143c3b50511c26281399
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /tag.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: application/octet-stream
content-length: 21652
x-amz-id-2: o/DW8yQfBFzyyPCRdXkTvHdy+1e0MS78kH2U60mctyXoIrlgdohNxEkItVmtrvOkMLUPVLQ1VuA=
x-amz-request-id: AW5WGCW0JN3CZNXC
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "e2ee8a9cd68c3d310a4c62fdb4b5c93a"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: FJ0y366MfHBK3YDWmrN.aZZCS4J.X5ef
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/enterprise.js.download

3.224.43.36

200 OK

1.0 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/enterprise.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
1.0 kB (1008 bytes)
Hash
d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /enterprise.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: application/octet-stream
content-length: 1008
x-amz-id-2: nqQ/I67mU6lw52upzFCtHIho9X+2yLtqHM58WGIB1YQ+wUK0Iisgw0EWQt2OkWVj3Va1IfyET+w=
x-amz-request-id: AW5J2YX5SZ6TCDS3
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "d07e7630bc23cbdd7520d0a4f086c922"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: fVepNCb7kRiLZw0QvLD9o5PsK914ZnDd
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/css

3.224.43.36

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/css
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.7 kB (3672 bytes)
Hash
cb7041c1a55eafb11d1cd3803a1d6ece
ca77adb188cc5841de7c4da8ea09d4f31e6b6210
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

HTTP Headers

GET /css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Tue, 29 Aug 2023 18:16:50 GMT
content-length: 3672
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download

3.224.43.36

200 OK

90 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: application/octet-stream
content-length: 89476
x-amz-id-2: cQYKsr8e5PadORM6CrJJZHf1XdwmOncfKLi1as/Eo2k0CASSUgqdNtg49/tjIP4HBOuQkgBRFib3VeZVikSf7g==
x-amz-request-id: AW5MDA0V6HW2NV9T
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: R0goWdxe0P8Hk5gqI.YA8WXKnFQU9K4a
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/

209.94.90.1

200 OK

13 kB

URL User Request GET HTTP/2
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
gzip compressed data, from Unix\012- data
Size
13 kB (13284 bytes)
Hash
86f3cceef7b7df50bbca29a851e6e344
e22091c12a748d9af5622d10bab3a8bd0768720b
3fc6031d2021e605d4cc40466ee5f23e2a2789884f8cf6070ae8d67fe1aa6428

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Tue, 29 Aug 2023 18:16:49 GMT
content-type: text/html
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
cache-control: public, max-age=29030400, immutable
etag: W/"bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla"
x-ipfs-gateway-host: ipfs-bank16-fr2
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/
x-ipfs-roots: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla
x-ipfs-pop: ipfs-bank16-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
x-proxy-cache: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/css

3.224.43.36

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/css
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.7 kB (3672 bytes)
Hash
cb7041c1a55eafb11d1cd3803a1d6ece
ca77adb188cc5841de7c4da8ea09d4f31e6b6210
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

HTTP Headers

GET /css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Tue, 29 Aug 2023 18:16:51 GMT
content-length: 3672
cache-control: max-age=0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
192472e74e2003bcc455cb1c2a50f2e2
133e70ed5882e7756dd5ffb18e6daa13cf12077a
943d73140cadab7a40c9599b1d646756c7dd758b31aae8c53c21ee9120e74d2f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Aug 2023 18:16:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.106

200 OK

8.7 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Changa+One:400,400italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
gzip compressed data, max compression\012- data
Size
8.7 kB (8716 bytes)
Hash
cf1c2be9b2508aa501ecf48ef9eb4c71
eb27f95975d60f57f31cc0ed6e7fb2e802dd8dc4
170527fb6c5a1e24c21d9a5598ed7b1d0f6e34ea04414cd7197448e67d2aebc4

HTTP Headers

GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Aug 2023 18:16:51 GMT
date: Tue, 29 Aug 2023 18:16:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
192472e74e2003bcc455cb1c2a50f2e2
133e70ed5882e7756dd5ffb18e6daa13cf12077a
943d73140cadab7a40c9599b1d646756c7dd758b31aae8c53c21ee9120e74d2f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Aug 2023 18:16:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

grateful-summer-afterthought.glitch.me/js

3.224.43.36

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/js
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.7 kB (3672 bytes)
Hash
cb7041c1a55eafb11d1cd3803a1d6ece
ca77adb188cc5841de7c4da8ea09d4f31e6b6210
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

HTTP Headers

GET /js HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Tue, 29 Aug 2023 18:16:51 GMT
content-length: 3672
cache-control: max-age=0
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/jsonp

3.224.43.36

404 Not Found

3.7 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/jsonp
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.7 kB (3672 bytes)
Hash
cb7041c1a55eafb11d1cd3803a1d6ece
ca77adb188cc5841de7c4da8ea09d4f31e6b6210
39636ae7f7de3deacfe55d573d85d1bb5c349440065b16e573e5e3c62a0e3fb6

HTTP Headers

GET /jsonp HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Tue, 29 Aug 2023 18:16:51 GMT
content-length: 3672
cache-control: max-age=0
X-Firefox-Spdy: h2

fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Aug 2023 18:08:48 GMT
expires: Sat, 24 Aug 2024 18:08:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:10:56 GMT
content-type: font/woff2
age: 346083
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
192472e74e2003bcc455cb1c2a50f2e2
133e70ed5882e7756dd5ffb18e6daa13cf12077a
943d73140cadab7a40c9599b1d646756c7dd758b31aae8c53c21ee9120e74d2f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Aug 2023 18:16:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/wpp.gif

209.94.90.1

404 Not Found

185 B

URL GET HTTP/2
bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/meta/wpp.gif
IP
209.94.90.1:443
ASN
#40680 PROTOCOL

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectdweb.link
FingerprintDC:9D:6C:D8:0D:F2:9C:6C:A8:73:22:4E:0D:D5:B5:9B:81:78:F1:39
ValiditySat, 26 Aug 2023 17:15:50 GMT - Fri, 24 Nov 2023 17:15:49 GMT

File type
ASCII text
Size
185 B (185 bytes)
Hash
192b846387308074ff88a19cee7ac36d
31aa92b9c860765ad67a2ba71f78562aa472db3e
a4c064cd993b01c2cfc760b7de28ec734e052edea4bfab1e68f5a549a8c334f7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /meta/wpp.gif HTTP/1.1
Host: bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: openresty
date: Tue, 29 Aug 2023 18:16:51 GMT
content-type: text/plain; charset=utf-8
content-length: 185
access-control-allow-methods: GET, HEAD, OPTIONS, GET, POST, OPTIONS
x-content-type-options: nosniff
x-ipfs-gateway-host: ipfs-bank12-fr2
x-ipfs-path: /ipfs/bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla/meta/wpp.gif
x-ipfs-pop: ipfs-bank12-fr2
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
x-ipfs-lb-pop: gateway-bank3-fr2
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/mm-logo.svg

3.224.43.36

200 OK

12 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/mm-logo.svg
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mm-logo.svg HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:51 GMT
content-type: image/svg+xml
content-length: 12019
x-amz-id-2: c7Zg+KK2fxISXR1PE1KSJhqNxGHUPS55ajY0jBTSjBHL8VYR8TTInhYZl2M2qFYTkWvpWQGuzIM=
x-amz-request-id: 6ZZN0V577BGDYY25
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: Jc.CDrX8O4qBxmZwDMBa39RTuyeu01Dt
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/v2.js.download

3.224.43.36

200 OK

579 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/v2.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
579 kB (578833 bytes)
Hash
d3b2366c9977c975fc6abdc6a119c361
ed6031ba0b0efe5b77acd0382f8d647f2cc88018
7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /v2.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:51 GMT
content-type: application/octet-stream
content-length: 578833
x-amz-id-2: vyEE13AM0j1dzm+1GViHS+63nVHJpSM29i9fLDKsUWPNxonm7u7rHhAai+k2hTx9rFupdJAYw5g=
x-amz-request-id: 6ZZYF6X6ZYRD8E9G
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "d3b2366c9977c975fc6abdc6a119c361"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: Rb2dVUb4JkkGtOekehqbihmeGMe2M3Qb
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/saved_resource.html

3.224.43.36

200 OK

57 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/saved_resource.html
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32691)
Size
57 kB (56613 bytes)
Hash
ec0bcfe99f4f2e8174bd36b54b04ed25
64a504bd3143c6269b70366b4f2029cc494d7d5d
c9f03917045beadc11043c219f9ed97c462d5504f8bbfd49a758f1fa91d0af29

HTTP Headers

GET /saved_resource.html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:51 GMT
content-type: text/html; charset=utf-8
content-length: 56613
x-amz-id-2: sI4mHHE1c1iWxcUdXjk2GW2D2Nzlgcqwp7eLOGlfbjEhu4+I2JFTUEDMIJ4H4coFJ+vfyPLbkZ8=
x-amz-request-id: 6ZZR74WAJMJF01KA
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "ec0bcfe99f4f2e8174bd36b54b04ed25"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: m1Ica0nL_ypxq3G.CMbJbv0bmcdvSX6L
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/saved_resource(1).html

3.224.43.36

200 OK

55 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/saved_resource(1).html
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Size
55 kB (55268 bytes)
Hash
b00c3321ca08b705efe2acd1364bacae
113e4303b866f26cd263b842c30ce3fad00eb9d1
1af67cf16d9dfbf8e79e1b357767b932bd54c08fcd8c5df86d06b868f7f8e04b

HTTP Headers

GET /saved_resource(1).html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:51 GMT
content-type: text/html; charset=utf-8
content-length: 55268
x-amz-id-2: yn/UZ6fBG0ebpj5dpg5QUL5GPkG+MVlLR0T0yrADHH0tGG59kOpI0/145mo0J5ZOza/NKNx6Rvk=
x-amz-request-id: 6ZZYJMHGSKA4YF28
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "b00c3321ca08b705efe2acd1364bacae"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: ZDUCzPERWhy_3GgyPR73iT1imj870QMx
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.18.176.125

200 OK

2.1 kB

URL GET HTTP/1.1
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.18.176.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5788), with no line terminators
Size
2.1 kB (2111 bytes)
Hash
510b80f0b85979b24317873044ccf9ea
37506059f13195553c58d16b7ee2295daf546eb1
52faa52cab81230d12cd64253659e084d2cbdeb11feeda6311e9cabc06ea17f6

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Aug 2023 18:16:52 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace: 2B80EE074724AC0F9C3613D809073EAC1E6F624270000000000000000000
X-Origin-Hublet: na1
Vary: origin
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
x-envoy-upstream-service-time: 7
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-hgnfq
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
X-HubSpot-Correlation-Id: df49d6f0-86ec-439c-89d3-72237025222e
x-request-id: df49d6f0-86ec-439c-89d3-72237025222e
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 7fe6c99c3cb0b50b-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

grateful-summer-afterthought.glitch.me/anchor.html

3.224.43.36

200 OK

43 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/anchor.html
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
43 kB (43290 bytes)
Hash
194b5744abd15c4045d5be0aae957e8f
b742502aa284cf374360452582cf510c2134bb11
73fa074ce47af396244ddc3077f9ee27cbd71122679ffe05ca0230022673d1a8

HTTP Headers

GET /anchor.html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:51 GMT
content-type: text/html; charset=utf-8
content-length: 43290
x-amz-id-2: H7Q55GAzNV0iVHEiIp5We0nOY4/g/57uExGm3EARvsBnJT+Au1o3GFmtGLU2uG1mlg5Y5WLquAY=
x-amz-request-id: 6ZZHT8GD81V2EDXZ
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "194b5744abd15c4045d5be0aae957e8f"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: gB_GaeQNc7YDtrFpazQr6ZKlyR7InKra
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/webflow.js.download

3.224.43.36

200 OK

601 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/webflow.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (50020)
Size
601 kB (601104 bytes)
Hash
9758f7e3aa0c79ea7a3cadb16d10087b
07f3c4e552e28eba6172f53d6dcf981a55f42031
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /webflow.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:51 GMT
content-type: application/octet-stream
content-length: 601104
x-amz-id-2: zar/gyqjpBeeHTJh80XyBNWAinbHaElMYq262ZFuPtskZuVv75pSgSiWVg30JWm2FIypRlmnTneZ6pBZ/eqsBOql5gsnhbfO
x-amz-request-id: 6ZZMW5T0901XB8B5
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "9758f7e3aa0c79ea7a3cadb16d10087b"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: YsEA8Y0SI5Vp1akGGi5rZQVUyYqL6N2L
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/webflow.css

3.224.43.36

200 OK

33 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/webflow.css
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
data
Size
33 kB (32734 bytes)
Hash
ca4e08f2cb41244ddddfd823992a5cd7
981df048b72ba6657ee872956619c0f3be952758
36c68be26e12e9e4c10b40754d90b76e45a79056f3b1285e34ef2160115d0561

HTTP Headers

GET /webflow.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: text/css; charset=utf-8
content-length: 39109
x-amz-id-2: mpe1Qh2Ebtq6U38lxQcXLPV+q7BVJTmNQTu/HTas1wxEgbWj+6+h1VKMeK9ZLJ1n+QEs/7P3OSc=
x-amz-request-id: AW5S5YT3JBRF81Y4
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "13fc860cb6eddbf469d986e1a6b6480b"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 5aeNTSOM5hL42cV6DOBRpBQLxRBgDmYp
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

142.250.74.132

200 OK

895 B

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint9A:F7:68:99:17:95:7D:AE:08:51:0E:97:CE:A7:C3:18:3E:FB:E0:89
ValidityMon, 07 Aug 2023 12:22:44 GMT - Mon, 30 Oct 2023 12:22:43 GMT

File type
ASCII text, with very long lines (1380), with no line terminators
Size
895 B (895 bytes)
Hash
38d2e0771ccfa191eab966915d6b1dea
f34816a5049379b4b783d23c62f714b2b448336b
1357dfb006b09d5cef16f9dfa8d897578b2f71698da13bd9ab529e8f5cf83050

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Tue, 29 Aug 2023 18:16:52 GMT
date: Tue, 29 Aug 2023 18:16:52 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 895
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
7587573b56af5a3e73c7b784b817c53e
891e755f19b176f2c246d439fc26a26f3c96c182
0ef3140c4caf3c14d26501b0ec191d67c2b92e526641bf675104129a1c422a8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Aug 2023 18:16:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

grateful-summer-afterthought.glitch.me/analytics.js.download

3.224.43.36

200 OK

85 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/analytics.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (33977)
Size
85 kB (84629 bytes)
Hash
9112d480b15af7c557b3e59b7faf36d2
ed52d9c6eac899159db9b6489ba137065abd7301
8adf65e7a86da1f990f8309d99fa18c0b3b2e78e49cba125bb5cfc46512b24d3

HTTP Headers

GET /analytics.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: application/octet-stream
content-length: 50230
x-amz-id-2: IaQR9xtaqo05m9naTu7T0PSgPAGYIxnuks7Y5SlwzRNeUNQ13UA/LH1yGsCO8lHbPTkCZb6wpmM=
x-amz-request-id: AW5T2SR3WHRR5ANZ
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "fda30e8a22c9bcd954fd8d0fadd0e77c"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: E1QoSXwBx_z3NnVACxxFF_WtjXAHAjBr
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

142.250.74.35

200 OK

185 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (627)
Size
185 kB (185062 bytes)
Hash
a5654a0210fc0019b5edca973ad5bb5e
ca96425226fd0088aaa504a5b8fa5675a1c4f429
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

HTTP Headers

GET /recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185062
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Aug 2023 10:21:22 GMT
expires: Tue, 27 Aug 2024 10:21:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 114930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

142.250.74.35

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/v2.js(1).download

3.224.43.36

200 OK

516 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/v2.js(1).download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (60882), with no line terminators
Size
516 kB (516406 bytes)
Hash
53c7729f9a5c32a04b6d48dd118565af
2757661583ee87fda362428569353e67519a0cc5
3e7d91fbd301e53ba7c3cf31ae3580a9ff821df913fc58297eb1675bcb068222

HTTP Headers

GET /v2.js(1).download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: application/octet-stream
content-length: 516406
x-amz-id-2: j+kwpjZ4JZLkAQEfWJxR4CyPhrPMYKe7USwdal/hINDPkql8i9HztXA19lJt+TI7+qMdHEJQfbM=
x-amz-request-id: PJQ0SHM2G0AW0MAH
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "53c7729f9a5c32a04b6d48dd118565af"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: hOVn02x4JhC6XQcMRPbNjr8.yW_EEtFK
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download

3.224.43.36

200 OK

354 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (820)
Size
354 kB (353655 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /recaptcha__nl.js(1).download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/anchor.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: application/octet-stream
content-length: 353655
x-amz-id-2: /ccrU5FCzieDdxjM+nNsfZXukZhpWZ9sN/Wzeiko5reqwQrc7JYzSEuyC/gt4RBrfY9sFt6mVkc=
x-amz-request-id: PJQ1M86Z9H16EPMD
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "e735084e8ffed1ad8d89df08d98d4d23"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: B6oIRqGX5oTlQVOPZNh9OSNxp4hbHORf
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/bframe.html

3.224.43.36

200 OK

11 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/bframe.html
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
11 kB (11399 bytes)
Hash
161c81930eb1b582be7559429dd87816
16709379e40d79dd50a0aed35c42ad96e4aed734
463c25dbddba27ac61e150288d07f2bb4bcb1bb48e05c64f797cc18887af1581

HTTP Headers

GET /bframe.html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: text/html; charset=utf-8
content-length: 11399
x-amz-id-2: 7mu16b/DgpW7OYGxsbUst+jCDib9uZnxSyd5mwgefqfU4zUduN+XMqf9gYDwI35RHMOY4CpPusccf8Hq++qp7sHJZWI+QSxfPKTNyW6xm34=
x-amz-request-id: PJQ2HK3Y9QBB0P6C
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "161c81930eb1b582be7559429dd87816"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: xu0Zcsq_wdw4He84Ag96GbyZItFKLh2u
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

metamask.io/images/favicon.png

185.199.109.153

404 Not Found

18 kB

URL GET HTTP/2
metamask.io/images/favicon.png
IP
185.199.109.153:443
ASN
#54113 FASTLY

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint27:5C:85:87:68:B7:03:89:D6:D0:B1:2B:9B:5B:7E:45:6C:E4:62:4E
ValidityMon, 24 Jul 2023 10:11:34 GMT - Sun, 22 Oct 2023 10:11:33 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (36272)
Size
18 kB (17747 bytes)
Hash
1621cd88968aa2c22c426a9733c2ed9a
44bc097d2fc4df0ea420dccf8ad56bb813d490d5
cf1217800c8172c959578057d8aa6b9d1617b0c9038aacd4123a1e334f107070

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"64ec72c2-12c02"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: FE4E:724B:124F5B:12BA86:64EE3614
accept-ranges: bytes
date: Tue, 29 Aug 2023 18:16:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1693333012.449434,VS0,VE111
vary: Accept-Encoding
x-fastly-request-id: cd969dc6724b053ad85f7f93032ca9cded93a66e
content-length: 17747
X-Firefox-Spdy: h2

metamask.io/images/webclip.png

185.199.109.153

404 Not Found

18 kB

URL GET HTTP/2
metamask.io/images/webclip.png
IP
185.199.109.153:443
ASN
#54113 FASTLY

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint27:5C:85:87:68:B7:03:89:D6:D0:B1:2B:9B:5B:7E:45:6C:E4:62:4E
ValidityMon, 24 Jul 2023 10:11:34 GMT - Sun, 22 Oct 2023 10:11:33 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (36272)
Size
18 kB (17747 bytes)
Hash
1621cd88968aa2c22c426a9733c2ed9a
44bc097d2fc4df0ea420dccf8ad56bb813d490d5
cf1217800c8172c959578057d8aa6b9d1617b0c9038aacd4123a1e334f107070

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"64ec72c2-12c02"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: D654:345F:124DFE:12B92A:64EE3613
accept-ranges: bytes
date: Tue, 29 Aug 2023 18:16:52 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1627-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1693333012.453858,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: c7f5fac0cd0ce4bd1b33b24ff4e64ff66b379dab
content-length: 17747
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4

142.250.74.132

200 OK

32 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint9D:80:9B:CF:63:AA:86:29:E9:3C:78:9A:EA:DA:15:56:7E:BF:56:D8
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (47738)
Size
32 kB (31455 bytes)
Hash
30dc99404cd060c9d46ab796bfe54f64
7910cb8f3ee9ac3ad25e1d5a9087c3239dce8b4d
ce9a8a5601c3080930b85aa53d0d7a53493ece1526f5386e15c2325e8d82cca4

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Aug 2023 18:16:52 GMT
content-security-policy: script-src 'nonce-yYoWj5y2mlZUXbGCLcEO6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 31455
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grateful-summer-afterthought.glitch.me/styles__ltr.css

3.224.43.36

200 OK

52 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/styles__ltr.css
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (52368), with no line terminators
Size
52 kB (52368 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /styles__ltr.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/bframe.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: text/css; charset=utf-8
content-length: 52368
x-amz-id-2: cd6wE5DH2gED5vtTn48I8lYUAGgrKql7TYlllC+Ut54DQdqT0iTZ8IydkiuKs3hVeDzxrAA13J0=
x-amz-request-id: PJQC7RNJN1RTVD7D
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "97c3d49b83dc004fcda822b1853b787b"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: YAliMspUtSHE5TM.2yWj316LcBXeitUk
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download

3.224.43.36

200 OK

354 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/recaptcha__nl.js(1).download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (820)
Size
354 kB (353655 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /recaptcha__nl.js(1).download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/bframe.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: application/octet-stream
content-length: 353655
x-amz-id-2: DGNxcaEszUGVgqFlL+oN6JkyNB7mMsPOO9aAvZ/ApvSQjDiQEtxMvz0DLCEpGcRBdjehzHKd5t8=
x-amz-request-id: PJQE8FVZT1VH95N3
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "e735084e8ffed1ad8d89df08d98d4d23"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: B6oIRqGX5oTlQVOPZNh9OSNxp4hbHORf
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/mm-logo.svg

3.224.43.36

200 OK

149 B

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/mm-logo.svg
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
149 B (149 bytes)
Hash
3c2ccda97c47ede0b1c91b11efd575ea
0a348c4b61c961aba7618f909beb87f740a81983
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

HTTP Headers

GET /mm-logo.svg HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: image/svg+xml
content-length: 12019
x-amz-id-2: wlnxcHq7RfUhhp3vy2+gHI9/z/kDtr1WLp4UcWHkxFQXlEP1yeUIE1OU7fd/B56hJOOvfo0Gu4FhtpafzcK3Vr7EdfAa5W3f1uvkxbwDuaU=
x-amz-request-id: AW5Y56HHF23CXXTJ
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "51bcea2625eb2c6e9268a7377a792c86"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: Jc.CDrX8O4qBxmZwDMBa39RTuyeu01Dt
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/saved_resource(3).html

3.224.43.36

200 OK

149 B

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/saved_resource(3).html
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
149 B (149 bytes)
Hash
3c2ccda97c47ede0b1c91b11efd575ea
0a348c4b61c961aba7618f909beb87f740a81983
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50

HTTP Headers

GET /saved_resource(3).html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: text/html; charset=utf-8
content-length: 149
x-amz-id-2: x4rImKZM5JK6Zb7RX6k8ENfjmCFwjFLrzIfJ7bv2EawOWyYJsHCfduI8bzVera+AXu2XIkL76hk=
x-amz-request-id: PJQ2VFZCZHFV095Q
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "3c2ccda97c47ede0b1c91b11efd575ea"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: mgRR.b4coGROJnmxar_oTJoDJ.IAANQd
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

104.18.176.125

200 OK

35 B

URL GET HTTP/3
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP
104.18.176.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: image/gif
content-length: 35
x-trace: 2B825C3EF68DB2EBA3476918DF153D6DAA916D9E56000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 3
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-hgnfq
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 8699cc5d-009f-4fa2-9f9e-5e6293677de0
x-request-id: 8699cc5d-009f-4fa2-9f9e-5e6293677de0
last-modified: Tue, 29 Aug 2023 18:16:52 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7fe6c9a0eb911c12-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grateful-summer-afterthought.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:24:26 GMT
expires: Fri, 23 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 442346
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grateful-summer-afterthought.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Aug 2023 05:45:56 GMT
expires: Wed, 28 Aug 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 45056
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Aug 2023 14:42:45 GMT
expires: Fri, 01 Sep 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 358447
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Aug 2023 12:05:12 GMT
expires: Wed, 28 Aug 2024 12:05:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
content-type: text/css
vary: Accept-Encoding
age: 22300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

142.250.74.35

200 OK

185 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (627)
Size
185 kB (185062 bytes)
Hash
a5654a0210fc0019b5edca973ad5bb5e
ca96425226fd0088aaa504a5b8fa5675a1c4f429
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

HTTP Headers

GET /recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185062
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Aug 2023 10:21:22 GMT
expires: Tue, 27 Aug 2024 10:21:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 114930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grateful-summer-afterthought.glitch.me/v2.js.download

3.224.43.36

200 OK

48 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/v2.js.download
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
data
Size
48 kB (47572 bytes)
Hash
f30505ab34367a22ac75390558ac82d0
5a7bcdf8b4de9ae640aff1261f9e7944ed8d0e6f
3b2274c2e862f98d72a93aa50e65dcf0a5477d2756c001ac074e376fe408180b

HTTP Headers

GET /v2.js.download HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: application/octet-stream
content-length: 578833
x-amz-id-2: tUyxTyYPRfsUk8nNMdfFOT7chGd/LfQCizHpwIzmkBY2mUODHuoDfEL+ZosrQBbG9AAi4O6IH0QHzbR5aT4TdSJOophDjk/r/mqHYyGos2Q=
x-amz-request-id: AW5GNWT440X2KG22
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "d3b2366c9977c975fc6abdc6a119c361"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: Rb2dVUb4JkkGtOekehqbihmeGMe2M3Qb
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://grateful-summer-afterthought.glitch.me
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Aug 2023 05:45:56 GMT
expires: Wed, 28 Aug 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 45056
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grateful-summer-afterthought.glitch.me/saved_resource(4).html

3.224.43.36

200 OK

196 B

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/saved_resource(4).html
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
196 B (196 bytes)
Hash
8f180af3f4a0348d2da6a0092d1e07b7
72b97502017a0713adbaf01471bda7cdb2e8e8c7
652108eecc73ab61542ec918e255707b4b5b69343677a14a38bbde5b6e4c9d9a

HTTP Headers

GET /saved_resource(4).html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/anchor.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: text/html; charset=utf-8
content-length: 196
x-amz-id-2: 3zKhb1IAFTAfRl4Sk+VD7qWK0n/+SuWIlKqEjdilfIDsLBCgVEuscZiG/UuCrSh3DNF5waaWf+oQVDvM99kjZTjnQvPzI5nSl2pFVoy7WRY=
x-amz-request-id: PJQCZW8CAD0SBJVJ
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "8f180af3f4a0348d2da6a0092d1e07b7"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: cE3qigZp8IsyKWUF3ng6MH0n7DL.RHvu
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:12:23 GMT
expires: Thu, 31 Aug 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 443069
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 04:54:45 GMT
expires: Thu, 31 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 480127
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Aug 2023 11:00:47 GMT
expires: Sat, 02 Sep 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 285365
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:24:26 GMT
expires: Fri, 23 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 442347
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Aug 2023 05:45:56 GMT
expires: Wed, 28 Aug 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 45057
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1

142.250.74.132

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint9D:80:9B:CF:63:AA:86:29:E9:3C:78:9A:EA:DA:15:56:7E:BF:56:D8
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
fcc13e33ddd42c0c8544115dd5381a0a
13e871bffd15b80de64ecee60b3ab27dd1fb4046
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Tue, 29 Aug 2023 18:16:53 GMT
date: Tue, 29 Aug 2023 18:16:53 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Aug 2023 14:42:45 GMT
expires: Fri, 01 Sep 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 358448
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

142.250.74.35

200 OK

185 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (627)
Size
185 kB (185062 bytes)
Hash
a5654a0210fc0019b5edca973ad5bb5e
ca96425226fd0088aaa504a5b8fa5675a1c4f429
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

HTTP Headers

GET /recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185062
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Aug 2023 10:21:22 GMT
expires: Tue, 27 Aug 2024 10:21:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 114931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint9D:80:9B:CF:63:AA:86:29:E9:3C:78:9A:EA:DA:15:56:7E:BF:56:D8
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1166 bytes)
Hash
520f5b91e21c1c14bc4e61c0e5dff721
6b42769a5a0d5e953e34311a4908264896572f5b
7acfca944730e965980ac81475243d13ed14fdd89fc3acb988da685b0f2319cf

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Aug 2023 18:16:53 GMT
content-security-policy: script-src 'nonce-y90rLjKBzllcD8sG6ftpwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1166
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Aug 2023 12:05:12 GMT
expires: Wed, 28 Aug 2024 12:05:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
content-type: text/css
vary: Accept-Encoding
age: 22301
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

142.250.74.35

200 OK

185 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (627)
Size
185 kB (185062 bytes)
Hash
a5654a0210fc0019b5edca973ad5bb5e
ca96425226fd0088aaa504a5b8fa5675a1c4f429
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

HTTP Headers

GET /recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185062
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Aug 2023 10:21:22 GMT
expires: Tue, 27 Aug 2024 10:21:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 114931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

25 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint9D:80:9B:CF:63:AA:86:29:E9:3C:78:9A:EA:DA:15:56:7E:BF:56:D8
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
ASCII text, with very long lines (41574)
Size
25 kB (25254 bytes)
Hash
d626c8e18aaec2b228c20190407d9b49
18291c702e687517be20d70087cfbeb314caf923
5a85395e0abe625c3e1094f9b810b9442cb78f1162086d5f0ad125f9fc63dfa1

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6949
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Tue, 29 Aug 2023 18:16:53 GMT
expires: Tue, 29 Aug 2023 18:16:53 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 25254
server: GSE
set-cookie: _GRECAPTCHA=09AG8Zzss_zOs2X4J_D9io6NQ8HTCFA5i3sCK3ISWSG3Hb6Ed_OKny_GUiTF36um_fgigp3nj5RXUlrX35ofb41W8;Path=/recaptcha;Expires=Sun, 25-Feb-2024 18:16:53 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/anchor.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:24:26 GMT
expires: Fri, 23 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 442347
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:15:27 GMT
expires: Fri, 23 Aug 2024 15:15:27 GMT
cache-control: public, max-age=31536000
age: 442886
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9iYWZ5YmVpY2R2Nnd2eXVoeWJ2ZjNodG1ka2NwcDdzY2Z3N3dxNjVzeXVpbXR2M21zbGNxaG9ob2dsYS5pcGZzLmR3ZWIubGluazo0NDM.&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&badge=inline&cb=ivabkclz3xq4
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Aug 2023 05:45:56 GMT
expires: Wed, 28 Aug 2024 05:45:56 GMT
cache-control: public, max-age=31536000
age: 45057
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06ADUVZwBAiSFhAj3UHaKkwUem2kcND7END3tUKgfb4DRJetvQi8JI0UNkbAesGumMRBdZsTjVXS71DlvwrzUEuUZl7p2t02Hgaxnt4wGK33gvBF9kYSPVbRl7zVW0WzSpkNarKrUMCUZVD1eQoVC65gqSAGBs6YDehYQgt9QFDHJyLmXaiMdgueCdc0VlHDcuLg4FAvMFYHRF&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

28 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06ADUVZwBAiSFhAj3UHaKkwUem2kcND7END3tUKgfb4DRJetvQi8JI0UNkbAesGumMRBdZsTjVXS71DlvwrzUEuUZl7p2t02Hgaxnt4wGK33gvBF9kYSPVbRl7zVW0WzSpkNarKrUMCUZVD1eQoVC65gqSAGBs6YDehYQgt9QFDHJyLmXaiMdgueCdc0VlHDcuLg4FAvMFYHRF&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint9D:80:9B:CF:63:AA:86:29:E9:3C:78:9A:EA:DA:15:56:7E:BF:56:D8
ValidityMon, 07 Aug 2023 12:16:40 GMT - Mon, 30 Oct 2023 12:16:39 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Size
28 kB (28305 bytes)
Hash
3b4ad6f72126b4f03d4335f352f695b4
d5a00c107980e056e02bcc0e838b070e2e73aeca
028825795bc0b9fbf728ccc0f52c523ef16feaa5167c15d4eb06880748f25af2

HTTP Headers

GET /recaptcha/enterprise/payload?p=06ADUVZwBAiSFhAj3UHaKkwUem2kcND7END3tUKgfb4DRJetvQi8JI0UNkbAesGumMRBdZsTjVXS71DlvwrzUEuUZl7p2t02Hgaxnt4wGK33gvBF9kYSPVbRl7zVW0WzSpkNarKrUMCUZVD1eQoVC65gqSAGBs6YDehYQgt9QFDHJyLmXaiMdgueCdc0VlHDcuLg4FAvMFYHRF&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AG8Zzss_zOs2X4J_D9io6NQ8HTCFA5i3sCK3ISWSG3Hb6Ed_OKny_GUiTF36um_fgigp3nj5RXUlrX35ofb41W8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Tue, 29 Aug 2023 18:16:53 GMT
date: Tue, 29 Aug 2023 18:16:53 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 28305
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:12:23 GMT
expires: Thu, 31 Aug 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 443070
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://grateful-summer-afterthought.glitch.me/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 04:54:45 GMT
expires: Thu, 31 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 480128
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Aug 2023 11:00:47 GMT
expires: Sat, 02 Sep 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 285366
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grateful-summer-afterthought.glitch.me/normalize.css

3.224.43.36

200 OK

7.8 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/normalize.css
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8147), with no line terminators
Size
7.8 kB (7772 bytes)
Hash
21240e0cead3210a28555c3fa89acab0
486fbbc9a997da04985e8ffb5b52e74e0a6f35ea
2881f1b580116868946ef393e44e46ce9ec94fda36f6d1eb840290671830db6a

HTTP Headers

GET /normalize.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: text/css; charset=utf-8
content-length: 7772
x-amz-id-2: w0ffhvWl0S8G/mq9xz9D/Wo2aGc7oYfL09gbhIlch+TLTb3lNk2/bT3wu94SIg0E6X6ff8i1PRsa1m625r0MtJTn44ZPR9cP
x-amz-request-id: AW5ZWZ3S7TFA16BQ
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "4951cc88307c632cf285d3ba988ab283"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 11lmb_CGkM0fATvAgSHiRO3tUd3.Hs0b
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint1B:14:11:9F:49:14:C3:A3:7C:87:B0:E1:5B:18:75:10:3D:2A:B3:72
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Aug 2023 18:10:51 GMT
expires: Sat, 24 Aug 2024 18:10:51 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:56:52 GMT
content-type: font/woff2
age: 345960
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css

3.224.43.36

200 OK

32 kB

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/metamask-staging-2.webflow.css
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
ASCII text
Size
32 kB (32261 bytes)
Hash
3347570c44bced253cb62ed2551e256a
e0f1ecb1b5e44464f54c2afb631a51cc112e8efd
8a7cb198c7650ec10849c615e5bdaf3d94efa9fb09c1af175ef342e963d70fa2

HTTP Headers

GET /metamask-staging-2.webflow.css HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:50 GMT
content-type: text/css; charset=utf-8
content-length: 142039
x-amz-id-2: waU1JovRhLO6NiqRnFiZbQQJ4fEhdP3AnmNFc1k7V88atrTyyNpyYEHhmJtJKj1IMhkPoOLP2hc=
x-amz-request-id: AW5JEFB76JTK05RQ
last-modified: Tue, 08 Aug 2023 06:24:25 GMT
etag: "1aed8830738b6a1e846ca6af968e7917"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: _PH32hY1K4pN_t.ePCGA2.io5wr722H3
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint94:C0:54:E4:BA:6C:E0:93:C6:8F:D9:27:1C:74:6F:E8:CE:6E:E2:BA
ValidityMon, 07 Aug 2023 12:21:56 GMT - Mon, 30 Oct 2023 12:21:55 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
bdcf60bde5544e1017e1f2e60888a9c7
6fb24309b7ff90c1c99d19c0c7a127a16508840e
d701601406acfca6bfc0c58b411446e3e0e96c659f35c143355d3dd72c390952

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bafybeicdv6wvyuhybvf3htmdkcpp7scfw7wq65syuimtv3mslcqhohogla.ipfs.dweb.link/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Aug 2023 18:16:50 GMT
date: Tue, 29 Aug 2023 18:16:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

grateful-summer-afterthought.glitch.me/shell-recaptcha.html

3.224.43.36

200 OK

149 B

URL GET HTTP/2
grateful-summer-afterthought.glitch.me/shell-recaptcha.html
IP
3.224.43.36:443
ASN
#14618 AMAZON-AES

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint13:93:2D:E4:50:7E:CE:BA:BC:F9:6D:7E:86:7F:43:5D:8E:63:45:3E
ValidityWed, 22 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
149 B (149 bytes)
Hash
fb414be122309c0719179de4dc1047f8
9a6172309933dfafbce87ca8f1ef6a398efcbf04
bbb1e1f86ee39bc06aed5b3d4ae61b46b220635ca98b3f07021da24f68d0e53f

HTTP Headers

GET /shell-recaptcha.html HTTP/1.1
Host: grateful-summer-afterthought.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/saved_resource(1).html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Aug 2023 18:16:52 GMT
content-type: text/html; charset=utf-8
content-length: 149
x-amz-id-2: ty/7uSIuNybiVrRetRQ41qLCpcPjQmaW/tsi8zqhO1fiixQQ6FJvt+pziLB4Q3UAVnkHroMtXJ0=
x-amz-request-id: PJQFMFNEN2VDD000
last-modified: Tue, 08 Aug 2023 06:24:24 GMT
etag: "3c2ccda97c47ede0b1c91b11efd575ea"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 449zJ8FegJu2tb7e5TW5ErRaA_BR4K_j
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

doggybars.shop/mata.io/meta/v2.js.download

0.0.0.0

0 B

URL GET
doggybars.shop/mata.io/meta/v2.js.download
IP
0.0.0.0:0
ASN
#0

Requested by
https://grateful-summer-afterthought.glitch.me/saved_resource.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /mata.io/meta/v2.js.download HTTP/1.1
Host: doggybars.shop
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grateful-summer-afterthought.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by