urlscan.io logo urlscan.io
SecurityTrails logo

app-581259.galleom.com Open in urlscan Pro
2606:4700:3036::ac43:aa3e  Public Scan

Go To Rescan Add Verdict Report
URL: https://app-581259.galleom.com/register?code=2I1371
Submission: On May 23 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3036::ac43:aa3e, located in United States and belongs to CLOUDFLARENET, US. The main domain is app-581259.galleom.com.
TLS certificate: Issued by E1 on May 17th 2022. Valid for: 3 months.
This is the only time app-581259.galleom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 101.33.11.45 132203 (TENCENT-N...)
1 2a03:2880:f12... 32934 (FACEBOOK)
3 2606:4700:303... 13335 (CLOUDFLAR...)
17 7
7    2606:4700:3036::ac43:aa3e (United States)

ASN13335 (CLOUDFLARENET, US)
app-581259.galleom.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    101.33.11.45 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ai.1122pro.com
1    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2606:4700:3034::6815:5f59 (United States)

ASN13335 (CLOUDFLARENET, US)
aa599ace00d452cd.galleom.com
Apex Domain
Subdomains		 Transfer
10 galleom.com
app-581259.galleom.com
aa599ace00d452cd.galleom.com
1 MB
2 1122pro.com
ai.1122pro.com
2 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 100
112 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
85 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
297 B
17 5
Domain Requested by
7 app-581259.galleom.com app-581259.galleom.com
3 aa599ace00d452cd.galleom.com app-581259.galleom.com
2 ai.1122pro.com app-581259.galleom.com
ai.1122pro.com
2 apis.google.com app-581259.galleom.com
apis.google.com
2 connect.facebook.net app-581259.galleom.com
connect.facebook.net
1 www.facebook.com app-581259.galleom.com
17 6

This site contains no links.

Subject Issuer Validity Valid
*.galleom.com
E1		 2022-05-17 -
2022-08-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-01 -
2022-05-30		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
ai.1122pro.com
TrustAsia TLS RSA CA		 2021-11-12 -
2022-11-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app-581259.galleom.com/register?code=2I1371
Frame ID: DA66891CF4446E7D12D2356C47960097
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GALLEON

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

17
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

1549 kB
Transfer

3616 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request register
app-581259.galleom.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app-581259.galleom.com/register?code=2I1371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:aa3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f096eb308f6c061bacaa411a6388ade39be0d0f95656fc649bd89ce9f538334
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
70f9bee338a791d2-FRA
content-encoding
br
content-type
text/html
date
Mon, 23 May 2022 00:41:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 28 Apr 2022 06:51:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60qQkmRpL1VZET196L4bkzu%2Fu9LVVzaBBXdYWd%2F4abz2%2F8JwD%2FdWlj8S8wkogFIZ0KXPM2ku%2BpUjKoEBnrL1Ht%2BN1QFE9JyRsd3%2B0ezy1LU88PDw7Zan3m9Zx7oPvUnlAVNa5YhkVMPYMc3ELIta5o9ueouR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
sdk.js
connect.facebook.net/zh_CN/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_CN/sdk.js
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b5a436e52f2e0a578437140a991a990c0ae89a4a665bdbb21140e92cd0c8ffdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app-581259.galleom.com/
Origin
https://app-581259.galleom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
r8ra2C5HkHOfXgOdNascow==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 23 May 2022 00:55:31 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
f13KpoiTE5/VJY9ioBu7ouvK+XwNxPS6qfuV8RmwC9JPonszM7dmg/CcDnXkWp25LjrVBljD/hYzazJ9ojFrVA==
x-fb-trip-id
917726464
x-fb-content-md5
8a1e7bb62a3a542eb89966e061d85c11
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 23 May 2022 00:41:24 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1d24ffce699c6bfe81f0229cdcc885d4"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
api:client.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api:client.js
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f351bf72961f59f69d6b2f626da1fc76a4e0eef71258e55e259bf61c88eb3a6d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 23 May 2022 00:41:24 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"bd7d21773a00baac"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 23 May 2022 00:41:24 GMT
traceinstall.js
ai.1122pro.com/v2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ai.1122pro.com/v2/traceinstall.js?app_key=app001
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.45 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
32deeb2218d25ca73b466aed5ca7a945e0ee3dca44c4e84ac31b3d4971757c87
Security Headers
Name Value
Strict-Transport-Security max-age=36000;includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:25 GMT
content-encoding
gzip
vary
accept-encoding
x-cache-lookup
Hit From Upstream
content-length
1702
last-modified
Mon, 23 May 2022 00:40:00 GMT
server
nginx/1.20.1
strict-transport-security
max-age=36000;includeSubDomains
access-control-allow-methods
*
content-type
javascript
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
*
x-daa-tunnel
hop_count=1
x-nws-log-uuid
700e31c9-bad7-40a2-9430-2a442b5a9981
access-control-allow-headers
*
app.c87ea641.js
app-581259.galleom.com/js/ 		1 MB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-581259.galleom.com/js/app.c87ea641.js
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:aa3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980f6519e55cbd969c50092e0306c9c7a1602478051286cc105273340c1c061f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/register?code=2I1371
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Apr 2022 06:51:27 GMT
server
cloudflare
etag
W/"626a396f-124c43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLT1NIJ454CaPwdvWq%2BdZWLt3Bv5DPRYn2hcxxeDsXTpDIw0VHBsHwtLL5fggxdXWp0sWZ7f5XfecOioSyBAz4FJVgo0PA%2FIlGjKY25FE17F9M7Aa4hQMMug%2FU4VNTbylWoWvw%2BJBLPHEiWKf3e9FdDbPY5F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
70f9bee58a4a91d2-FRA
sdk.js
connect.facebook.net/zh_CN/ 		287 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_CN/sdk.js?hash=603292f1015a3c94d78e9e99b79c5e56
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_CN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
120d98a1d1abdd7c1e1469a2e48b7476043f2007f05d2bbf85dad26ccfecfd4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app-581259.galleom.com/
Origin
https://app-581259.galleom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
wNSCPYB1AtINCjy+Falk2g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 23 May 2023 00:37:17 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
83989
x-fb-rlafr
0
x-fb-debug
w8Hh2bYvHFWX1A19q6gnY21E/GUXze+UXcStSCw/hQfvrP+oi/bPV6bWxMT9yWnfSpImGZLnUa68Ru2vKQmW/w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
21d6c9edbd246d00fb95d8adf5ba4adc
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 23 May 2022 00:41:25 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a84db4750a7db4fe0a55b39def5c96d5"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/ 		313 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xpRpP2dSg9Q.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9dZuaTDdeBSZM_cuQEqPNJoPpOvA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e5d4be918200081673a10df00301d8f01706f51d1947bf78e98e8b5bbea2f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 17 May 2022 05:42:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
500355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108245
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 15:20:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 May 2023 05:42:10 GMT
chunk-42f59980.cc8689d4.js
app-581259.galleom.com/js/ 		0
394 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app-581259.galleom.com/js/chunk-42f59980.cc8689d4.js
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:aa3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/register?code=2I1371
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Apr 2022 06:51:27 GMT
server
cloudflare
etag
W/"626a396f-18b051"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5V5PiGzjlIdH685c2fpiTGYCVghs%2FIRvBjjV95NvRcSLPrGhWlI94GKyWPRCEdTVQUdrQIRdKuORPUehZn8EKJ5UUVU72dweQHRbovM4hjpDdDdoLT8tPrpkJqVVh0dAMpzhlNX4uVxMwKlcyZy2bWdk20FE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
70f9beeccb0791de-FRA
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=314209393956081&ev=fb_page_view&dl=https%3A%2F%2Fapp-581259.galleom.com%2Fregister%3Fcode%3D2I1371&rl=&if=false&ts=1653266485360&sw=1600&sh=1200&at=
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 23 May 2022 00:41:25 GMT
chunk-42f59980.cc8689d4.js
app-581259.galleom.com/js/ 		2 MB
394 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-581259.galleom.com/js/chunk-42f59980.cc8689d4.js
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/js/app.c87ea641.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:aa3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee9e09ec50792da9c88df610b412232145025171727c697192fc45cce671b2c8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/register?code=2I1371
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Apr 2022 06:51:27 GMT
server
cloudflare
etag
W/"626a396f-18b051"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTm0y%2B9LdrgsBLDl6IwATD8H1DXuQHWPiqgnT4a3MqUxF6NlddJuZ3m2yjLysLK%2FxTG1d2xvP%2BWzMl3fZRu1Z0mHWxEIb5Jfz%2FXfWlzpqXwjTigdJj0y2U0YDQcYZ%2FppdHUPgKxnhVvlDx0UuiG7dyasvyZ0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
70f9beef4d7b91de-FRA
listCsConfig
aa599ace00d452cd.galleom.com/hall/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aa599ace00d452cd.galleom.com/hall/listCsConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app-581259.galleom.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Token,Content-Type,Tz
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70f9bef71f6c92ae-FRA
date
Mon, 23 May 2022 00:41:27 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8PmZbpy2FFnMlUXuqOeDp1da8TbIOBa%2B5l61%2B27Ev24OHcjy3X%2B7LcPjwCADVU516AP%2BkyXLIWnZ3grSi8FkMm3W7Kk1QwmjM9lbjKa26kik6GjJCM2iKx1Gks0ptDIdWthVhg3IH%2F%2BqcBBzy2NRDQlJ1JnntEA9%2FDB"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
x-request-id
FvGVHFVCO74P7f0BO4FG
bj.549ec8f5.png
app-581259.galleom.com/img/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-581259.galleom.com/img/bj.549ec8f5.png
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:aa3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04093687936d52b9fcc2f48735a0749f045f20203f8b773a3715c51ebc6b96f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/register?code=2I1371
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
151334
last-modified
Thu, 28 Apr 2022 06:51:27 GMT
server
cloudflare
etag
"626a396f-24f26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WViPrrshJaR%2FdOZ%2Bl9XVOcxtQP%2FZJdlQjK1%2BE4%2FDzlE2bOg9JXNK2QXYJojhvV2rzAvUecTuKdjbap88mjBpvzucg6AucqudpBH%2FctijyB8scgJSNIwuFheBSAvzOnOIYNMPFxia3vt7x4kOC52gX05lx7Vf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70f9bef66cd891de-FRA
btn_kefu.c1eb10cf.png
app-581259.galleom.com/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-581259.galleom.com/img/btn_kefu.c1eb10cf.png
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:aa3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e90567e4d399d0efef332bdd3f818f0778bd5f22fd79b2e9e0f2a6f33a4a9e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/register?code=2I1371
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10070
last-modified
Thu, 28 Apr 2022 06:51:27 GMT
server
cloudflare
etag
"626a396f-2756"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rL%2BkjvP3kIrQSPofUYiulZx8VCZMn%2FUiNKEHy2T6QRPQjcI0YnKFVGINR0qhEMPhNSvJF0n04kTri8x87yB8IP9r%2BXDKtRExP7fAxUXPy3qpTLw2Ku7ElBhw6gvZ8nYkgGl0K1sKSWhNyRzqaMQgX97XAdv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70f9bef66cda91de-FRA
truncated
/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f578161682663132ec65b870e0ecb969d7dbe1eee9b8c4dff140e749e5a8ed7e

Request headers

Referer
Origin
https://app-581259.galleom.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
font/ttf
fingerprint
ai.1122pro.com/v1/ 		40 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ai.1122pro.com/v1/fingerprint?app_key=app001
Requested by
Host: ai.1122pro.com
URL: https://ai.1122pro.com/v2/traceinstall.js?app_key=app001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.45 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
47e952df48941af403a87d20e5b2645084fd13b5ed4923f9985ef4ed0b9e45cc
Security Headers
Name Value
Strict-Transport-Security max-age=36000;includeSubDomains

Request headers

Referer
https://app-581259.galleom.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 May 2022 00:41:27 GMT
server
nginx/1.20.1
strict-transport-security
max-age=36000;includeSubDomains
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
*
x-daa-tunnel
hop_count=1
x-nws-log-uuid
4806d58c-0507-4317-b136-b752ce10f520
access-control-allow-headers
*
content-length
40
login.6e73be56.png
app-581259.galleom.com/img/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-581259.galleom.com/img/login.6e73be56.png
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/register?code=2I1371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:aa3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34abb67997758047d53815e3f7c476a73703e8d4273170a4a3e3fac9703cd18
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-581259.galleom.com/register?code=2I1371
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:27 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19839
last-modified
Thu, 28 Apr 2022 06:51:27 GMT
server
cloudflare
etag
"626a396f-4d7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2ok9GQOy134fK9Pwf6%2F1RRVY0fFWG%2Btyy5TPg5Ni6vco%2BBNxHYqUKBDULlYnUFLWdbgfnesMVKOjvS1m8OO4fZXl68vNyBiZs9mR6vVcMdppxydSFlcAe44JzVEPwHYWnXNBqgH3PiptabvzlWM%2FYWOtTxl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
70f9bef68cf491de-FRA
listCsConfig
aa599ace00d452cd.galleom.com/hall/ 		140 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aa599ace00d452cd.galleom.com/hall/listCsConfig
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/js/app.c87ea641.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:5f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0a473f2e1c4ec4962e653350300a9b7472d4fb4cc3397cf2285b8adf0ddb6d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://app-581259.galleom.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 23 May 2022 00:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
FvGVHGZq9GOUFaoBMhHI
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY%2FNwvozgwiX2zaAcRRmml8rKeO7ywKvSVtIxyS0va%2FC8yGqtl4MIK1YsyfFS70qkabChRxe3YdPWFs3%2Fd9GPugYPFSe4S6qVW3ywC27qtAwC2KYL5isPKRATtVMpiKMWMZ%2BgtwLk1JNqVb4gRwQvADz2hQDRX3U2wVD"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70f9bef9edf791d8-FRA
captcha
aa599ace00d452cd.galleom.com/hall/ 		23 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aa599ace00d452cd.galleom.com/hall/captcha
Requested by
Host: app-581259.galleom.com
URL: https://app-581259.galleom.com/js/app.c87ea641.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:5f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdddf7992313e7a06f91fea5ec1594b79a31f106f5eeb2e5970be92ff5bae1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://app-581259.galleom.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 00:41:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
FvGVHFU4_eEFhcMBO4EG
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsYH9fLMfyREMy7Nr8es2356UScTdDF6%2BcyDTci5n950VEBwxLevDnGBIecEZ7Csc7M5guYsTj8zwuyU6OW4Tr59K7Dk8A%2BcXEtF9QIfZB%2BFRWtcN9oYwL4vP8m4qAQxXg6jGIiplrKmNCwQCh9IQJDpgHCuf21lMIqC"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
70f9bef71f6d92ae-FRA
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bff04fea45f8adec8ff19308300305f301dd81efa9bee8633e8454f1acac75d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| FB object| gapi object| ___jsl function| TraceInstall object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| webpackJsonp number| _vueCountryIntl_count

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa599ace00d452cd.galleom.com
ai.1122pro.com
apis.google.com
app-581259.galleom.com
connect.facebook.net
www.facebook.com
101.33.11.45
2606:4700:3034::6815:5f59
2606:4700:3036::ac43:aa3e
2a00:1450:4001:82a::200e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120d98a1d1abdd7c1e1469a2e48b7476043f2007f05d2bbf85dad26ccfecfd4b
2e5d4be918200081673a10df00301d8f01706f51d1947bf78e98e8b5bbea2f01
32deeb2218d25ca73b466aed5ca7a945e0ee3dca44c4e84ac31b3d4971757c87
47e952df48941af403a87d20e5b2645084fd13b5ed4923f9985ef4ed0b9e45cc
6bff04fea45f8adec8ff19308300305f301dd81efa9bee8633e8454f1acac75d
8f096eb308f6c061bacaa411a6388ade39be0d0f95656fc649bd89ce9f538334
980f6519e55cbd969c50092e0306c9c7a1602478051286cc105273340c1c061f
b34abb67997758047d53815e3f7c476a73703e8d4273170a4a3e3fac9703cd18
b5a436e52f2e0a578437140a991a990c0ae89a4a665bdbb21140e92cd0c8ffdf
c0a473f2e1c4ec4962e653350300a9b7472d4fb4cc3397cf2285b8adf0ddb6d3
cdbdddf7992313e7a06f91fea5ec1594b79a31f106f5eeb2e5970be92ff5bae1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e90567e4d399d0efef332bdd3f818f0778bd5f22fd79b2e9e0f2a6f33a4a9e
ee9e09ec50792da9c88df610b412232145025171727c697192fc45cce671b2c8
f04093687936d52b9fcc2f48735a0749f045f20203f8b773a3715c51ebc6b96f
f351bf72961f59f69d6b2f626da1fc76a4e0eef71258e55e259bf61c88eb3a6d
f578161682663132ec65b870e0ecb969d7dbe1eee9b8c4dff140e749e5a8ed7e