urlscan.io logo urlscan.io
SecurityTrails logo

galxe.de.com Open in urlscan Pro
198.187.29.26  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Submission: On July 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 36 HTTP transactions. The main IP is 198.187.29.26, located in United States and belongs to NAMECHEAP-NET, US. The main domain is galxe.de.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 24th 2023. Valid for: a year.
This is the only time galxe.de.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

IP Address AS Autonomous System
18 198.187.29.26 22612 (NAMECHEAP...)
4 10 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a04:4e42::485 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 4 2620:100:6017... 19679 (DROPBOX)
2 2620:100:6017... 19679 (DROPBOX)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
36 9
18    198.187.29.26 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server125-2.web-hosting.com
galxe.de.com
10    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
4    2620:100:6017:18::a27d:212 (United States)

ASN19679 (DROPBOX, US)
www.dropbox.com
2    2620:100:6017:15::a27d:20f (United States)

ASN19679 (DROPBOX, US)
uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com
uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com
2    2606:4700:4400::ac40:98c8 (United States)

ASN13335 (CLOUDFLARENET, US)
rpc.ankr.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
18 de.com
galxe.de.com
890 KB
10 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1037
989 KB
4 dropbox.com
www.dropbox.com — Cisco Umbrella Rank: 2734
6 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
356 KB
2 ankr.com
rpc.ankr.com — Cisco Umbrella Rank: 92044
155 B
2 dropboxusercontent.com
uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com
uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com
22 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
185 KB
1 gstatic.com
fonts.gstatic.com
461 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
24 KB
36 9
Domain Requested by
18 galxe.de.com galxe.de.com
10 unpkg.com 4 redirects galxe.de.com
4 www.dropbox.com 4 redirects
4 cdn.jsdelivr.net galxe.de.com
2 rpc.ankr.com cdnjs.cloudflare.com
2 cdnjs.cloudflare.com galxe.de.com
1 fonts.gstatic.com galxe.de.com
1 uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com galxe.de.com
1 uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com galxe.de.com
1 code.jquery.com galxe.de.com
36 10

This site contains no links.

Subject Issuer Validity Valid
galxe.de.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-24 -
2024-06-24		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
rpc.ankr.com
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Frame ID: E184FC45EB1751475F123263CECB9010
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Scroll | Galxe

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

36
Requests

86 %
HTTPS

89 %
IPv6

9
Domains

10
Subdomains

9
IPs

3
Countries

2928 kB
Transfer

12422 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://unpkg.com/crypto-js@latest/crypto-js.js HTTP 302
  • https://unpkg.com/crypto-js@4.1.1/crypto-js.js
Request Chain 1
  • https://unpkg.com/moralis-v1@latest/dist/moralis.js HTTP 302
  • https://unpkg.com/moralis-v1@1.13.0/dist/moralis.js
Request Chain 4
  • https://unpkg.com/web3modal HTTP 302
  • https://unpkg.com/web3modal@1.9.12 HTTP 302
  • https://unpkg.com/web3modal@1.9.12/dist/index.js
Request Chain 27
  • https://www.dropbox.com/s/8vs2v6bxlpt09jw/rVjsezsD_400x400.jpg?raw=1 HTTP 302
  • https://www.dropbox.com/s/raw/8vs2v6bxlpt09jw/rVjsezsD_400x400.jpg HTTP 302
  • https://uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com/cd/0/inline/B_Ou2HHhpVJdASam0Tvb5mcT4qp2D7kagOzw08ldl3l81l-_VdibyQbaQUq0eP8xcCPtSLhhAtEUrmasKaL30LA9tdureLA3LP0juymW5U3-wOS6mmlAv5373aNHJHLfQ9RXJkb9dqrZlG6gZynYKoIeRS7HDL2JSJFPZMlaXno6Uw/file
Request Chain 32
  • https://www.dropbox.com/s/higks4pexyk5wiv/1670007897-scroll.png?raw=1 HTTP 302
  • https://www.dropbox.com/s/raw/higks4pexyk5wiv/1670007897-scroll.png HTTP 302
  • https://uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com/cd/0/inline/B_NRzo5RNjLCkVubPP9xA4pcU4PZRXUwkDDXUcA20Qj5PT2TV38wMMEwLh-Og-ciHfFThhWcq7y-2kyZQ20MtoDMpkhFCoqnvTh1M7keGiGEMw-bH6EPGAN7LAQAiS1xTFFbXO5Yj4CJQ-c9cHBOV_lXSQerqGlZd1pWg8JdoauksA/file

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
galxe.de.com/scroll/campaign/GY1zvV6YFN/ 		103 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
7b061eeb1698463b1b360042ed58a6d02cad6b0839fc075bf0235218b3122be9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
13110
content-type
text/html
date
Tue, 04 Jul 2023 09:31:41 GMT
last-modified
Sun, 02 Jul 2023 23:54:32 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
crypto-js.js
unpkg.com/crypto-js@4.1.1/
Redirect Chain
  • https://unpkg.com/crypto-js@latest/crypto-js.js
  • https://unpkg.com/crypto-js@4.1.1/crypto-js.js
193 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/crypto-js@4.1.1/crypto-js.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0bdf25fda8f9af5920c82070775864c7e1166eb31540d030e6b80a382e39ce1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5967119
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GYY96J8TXEE4Y49GC2ES5YQX-fra
server
cloudflare
etag
W/"305e2-byuyRf6qCZf6MLCFrw6JkNITlcw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7e165b513da236dd-FRA

Redirect headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H4G3V5QEVT0BZXYESVKY9W5C-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
47
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/crypto-js@4.1.1/crypto-js.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7e165b511d7636dd-FRA
moralis.js
unpkg.com/moralis-v1@1.13.0/dist/
Redirect Chain
  • https://unpkg.com/moralis-v1@latest/dist/moralis.js
  • https://unpkg.com/moralis-v1@1.13.0/dist/moralis.js
3 MB
540 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/moralis-v1@1.13.0/dist/moralis.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88397bc3b9cedb4775bf4f96f686452aee7c40ef2ee28392b3e30a24c267e339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3450677
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H1991SMBAFRZ88KVJZ5YP3XF-fra
server
cloudflare
etag
W/"2c16cf-vc9F7iIEpAHvUxMXAodDJbWRZnA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7e165b529fc836dd-FRA

Redirect headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
EXPIRED
fly-request-id
01H4G3WKNVK6J35SZSC0AGDBH9-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/moralis-v1@1.13.0/dist/moralis.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7e165b511d7836dd-FRA
ethers.umd.js
cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ 		1 MB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943c82a542394951457cd34743ba694b199b841fe02870c199a0aca411ed14d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
988932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
174534
last-modified
Thu, 20 Oct 2022 04:30:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6350cee7-2a9c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvcBejoYdmY5zX7branrwurjRZM%2Fphcbr1wDVU6kYknvpC5Yskxqk2U3%2FhHdGGbsf3nXOhW%2BoZoZFDCJNrZCdFfTMMgwS1Gzgg7Uy3Qe105vpJrjw2B1Hu0NPWhiFMcAo8ekSkXivEsE61ufkUb%2FnjU9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e165b5109c0910a-FRA
expires
Sun, 23 Jun 2024 09:31:41 GMT
web3.min.js
cdn.jsdelivr.net/npm/web3@1.8.1/dist/ 		1 MB
322 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/web3@1.8.1/dist/web3.min.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
71d7328c8b5a399aac329a83d86b51058c01e0e0414fc4577dabfc79c518c6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jul 2023 09:31:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
345640
x-jsd-version
1.8.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
329745
x-served-by
cache-fra-eddf8230088-FRA
x-jsd-version-type
version
etag
W/"163759-IwpZDBwarMNpRlZFtitwZD1oxeo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
index.js
unpkg.com/web3modal@1.9.12/dist/
Redirect Chain
  • https://unpkg.com/web3modal
  • https://unpkg.com/web3modal@1.9.12
  • https://unpkg.com/web3modal@1.9.12/dist/index.js
482 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web3modal@1.9.12/dist/index.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce4217a6e4105da2cf62a06789f3d999a4c6dae1ffbbc8fe3b5b12d8373dbcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13232466
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR5RDQJP5QN778V293V0TG7G-fra
server
cloudflare
etag
W/"78951-MipDQ8vFL4c2DuzouvgQdTXh4VM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7e165b516df636dd-FRA

Redirect headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01GR5RDQ6KFQDR123A4G6ZWVAS-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13232468
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/web3modal@1.9.12/dist/index.js
cache-control
public, max-age=31536000
cf-ray
7e165b513da736dd-FRA
index.min.js
unpkg.com/evm-chains@0.2.0/dist/umd/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/evm-chains@0.2.0/dist/umd/index.min.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13232078
last-modified
Mon, 02 Nov 2020 20:31:28 GMT
fly-request-id
01GR5RSKMJS3V25Q7Y744R970W-fra
server
cloudflare
etag
W/"5881-yk4n8EqlvpHDLglCWD85vKUneh8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7e165b511d7c36dd-FRA
index.min.js
unpkg.com/@walletconnect/web3-provider@1.8.0/dist/umd/ 		730 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@walletconnect/web3-provider@1.8.0/dist/umd/index.min.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f201db3b9481261cc1660c3c2f9880fb09ef44c1e5fe5d9e2fd9deb818bd10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
13232598
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR5R9QPNZA4BRK9KPEYC8R9T-fra
server
cloudflare
etag
W/"b676a-41rts15ovjp3cyT9kq33OWEyt7I"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7e165b511d7d36dd-FRA
axios.min.js
unpkg.com/axios@1.2.2/dist/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@1.2.2/dist/axios.min.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788113ee18acbedd4dd5c4cb8b1d134c50d05fb7e6c7449741f5f902f0dda741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5970616
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GYY5VVM9KTRK656KSVKNYEND-fra
server
cloudflare
etag
W/"79b1-VHUFr8cRu6TF1Pwv3xwyNrlFbAc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7e165b511d7e36dd-FRA
disable-devtool@latest
cdn.jsdelivr.net/npm/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/disable-devtool@latest
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21e3619d1436377e6f493faf900b862c3ad1fdda5cdfc9e988a624ef4aa50fcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jul 2023 09:31:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
13
x-jsd-version
0.3.6
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6659
x-served-by
cache-fra-eddf8230088-FRA
x-jsd-version-type
version
etag
W/"429d-aUybg/2V7poZoWQBz5K4dcexnYI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
mobile-detect.min.js
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.4/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.4.4/mobile-detect.min.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2990181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13867
last-modified
Mon, 04 May 2020 16:13:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f25-981e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDnP06h5j%2FzqykIFDB%2BC0nBMgjERmHgYoa0XPD9iBdWettRA75OZRdEtsrKJRj%2Fcu3zvcJpvW8cn%2FTO89CElbyVXOU2sVuroLw4q3T1I1M0PXU4Ef5bndvWa06YSXVGvZEbNZO%2B1bia3f7XCqy3hN%2Bk7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e165b5109c2910a-FRA
expires
Sun, 23 Jun 2024 09:31:41 GMT
jquery-3.6.3.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.3.slim.min.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
670a99215743de25cdc861db49876c9963fffd4068923d851c0c4ab9204a0d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
gzip
last-modified
Tue, 20 Dec 2022 21:10:40 GMT
server
nginx
etag
W/"63a224d0-11c72"
vary
Accept-Encoding
x-hw
1688463101.dop244.fr8.t,1688463101.cds143.fr8.hn,1688463101.cds251.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24764
ua-parser.min.js
cdn.jsdelivr.net/npm/ua-parser-js@1.0.33/src/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/ua-parser-js@1.0.33/src/ua-parser.min.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e5f31739b60e5eca6686bcd8503f870ded844b026e01f837b11cce7120033412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jul 2023 09:31:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
1156632
x-jsd-version
1.0.33
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7456
x-served-by
cache-fra-eddf8230088-FRA
x-jsd-version-type
version
etag
W/"3e8a-FD1igjssqFQG/79+LTkj1Lm/SYU"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
sweetalert2@11
cdn.jsdelivr.net/npm/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d836e0e75cb17daeea67c0922aab0dc47b6987c5077606f3c5717d00db72247a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jul 2023 09:31:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
43172
x-jsd-version
11.7.12
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19486
x-served-by
cache-fra-eddf8230088-FRA
x-jsd-version-type
version
etag
W/"109b9-+rpF2xPZ/NuPuP6MI/GG7UC13uQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ethereumjs-tx-1.3.3.min.js
galxe.de.com/scripts/ 		315 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/scripts/ethereumjs-tx-1.3.3.min.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
br
last-modified
Sat, 24 Jun 2023 23:45:51 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
91727
expires
Tue, 11 Jul 2023 09:31:41 GMT
abi.js
galxe.de.com/scripts/ 		13 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/scripts/abi.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
2950fef1ddb4a5e176416faf280da11a36081e4271ca4ff976345c659b4de8e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
br
last-modified
Sat, 24 Jun 2023 23:45:41 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1157
expires
Tue, 11 Jul 2023 09:31:41 GMT
seaport.js
galxe.de.com/scripts/ 		2 MB
380 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/scripts/seaport.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
45db6b5ecbef8449e354bd10d48bcb71a4cba0584976c412d4b940992a4c0a5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
br
last-modified
Sat, 24 Jun 2023 23:46:17 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
389064
expires
Tue, 11 Jul 2023 09:31:41 GMT
mainx.js
galxe.de.com/scripts/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/scripts/mainx.js
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
a36c686326d5245169a0809e489352ce3e1f42fae866b05b114466160e443d62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
br
last-modified
Sun, 02 Jul 2023 17:24:50 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
22809
expires
Tue, 11 Jul 2023 09:31:41 GMT
css2.css
galxe.de.com/ 		21 KB
785 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/css2.css?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
85e8ee62b198254a65c3e224ecb9b217bb9fa8d4ddfc01d088cdf7deea9c2c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
br
last-modified
Sat, 24 Jun 2023 23:39:43 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
565
expires
Tue, 11 Jul 2023 09:31:41 GMT
css1.css
galxe.de.com/ 		2 MB
158 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/css1.css
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
07dc7010b3f2b868d2de3e9034aacecd88683d92acfcf984b50ba3e007391cdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:41 GMT
content-encoding
br
last-modified
Sat, 24 Jun 2023 23:39:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
161956
expires
Tue, 11 Jul 2023 09:31:41 GMT
galxe.png
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/galxe.png
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
13d7de89df5478c49ebeb2c5b21c8232fbd6e6f40574ec5730de606788f17c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:43 GMT
last-modified
Sun, 02 Jul 2023 13:51:29 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2026
expires
Tue, 11 Jul 2023 09:31:43 GMT
oat.79e3d66.png
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/oat.79e3d66.png
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
3237ac2ec0d678e01a8f077d7a75d130eef8e29fe65994c1b5fcd9b2b22f7605

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
last-modified
Sun, 02 Jul 2023 13:52:04 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
1698
expires
Tue, 11 Jul 2023 09:31:44 GMT
0x2825904500caa8a8c7ef321152d1d309bbd0ec00-1667915953385392928
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/0x2825904500caa8a8c7ef321152d1d309bbd0ec00-1667915953385392928
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
807e2238e4471f4e2b7a9bb6b2bd72d0880e0748a616f94aea293582a20ce500

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Sun, 02 Jul 2023 13:51:08 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
1654
0x60a60d422922462e02836d1daf6ba5ce8fc9fbac-1674739294271102879
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/0x60a60d422922462e02836d1daf6ba5ce8fc9fbac-1674739294271102879
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
a8d8f24f5fe19d833b125963de9fba00070b6d979bc08d08a74149220f74144d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Sun, 02 Jul 2023 13:51:13 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
1964
0x0612be4c2f2c2d3a8a0074c439f373238f1f4979-1667918091828280930
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/0x0612be4c2f2c2d3a8a0074c439f373238f1f4979-1667918091828280930
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
96091602471dbabfd3552131006628f018ad8706b5576b1113e07201cc658c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Sun, 02 Jul 2023 13:51:03 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
1514
0xd51dc7bcfb3748112cce53d868ee7683e342296c-1667390352119505458
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/0xd51dc7bcfb3748112cce53d868ee7683e342296c-1667390352119505458
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
7d1d68d73b0bd3c7f9ba12253757f27fd4fb1fc770356212039dd07f48e12857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Sun, 02 Jul 2023 13:51:25 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
1824
0x6ad01bab9fb4d4a4d1a49c0ee3355dd6fb73934b-1668059407742781364
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/0x6ad01bab9fb4d4a4d1a49c0ee3355dd6fb73934b-1668059407742781364
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
4a762b6540f0e2d8df61ded2c0db88fc7f3b149189e7fff2bb65a53f97f1da9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Sun, 02 Jul 2023 13:51:17 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
1380
0x82e6d61ceca61120823c81c00db7653795d98142-1668776749582616853
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/0x82e6d61ceca61120823c81c00db7653795d98142-1668776749582616853
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
d84113cd0d179f04ab0e59ee677f04753904a94ff70b91c8de68801ae5616fc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
x-turbo-charged-by
LiteSpeed
last-modified
Sun, 02 Jul 2023 13:51:21 GMT
server
LiteSpeed
accept-ranges
bytes
content-length
1838
file
uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com/cd/0/inline/B_Ou2HHhpVJdASam0Tvb5mcT4qp2D7kagOzw08ldl3l81l-_VdibyQbaQUq0eP8xcCPtSLhhAtEUrmasKaL30LA9tdureLA3LP0juymW5U3-wOS6mmlAv5373aNHJHLfQ9...
Redirect Chain
  • https://www.dropbox.com/s/8vs2v6bxlpt09jw/rVjsezsD_400x400.jpg?raw=1
  • https://www.dropbox.com/s/raw/8vs2v6bxlpt09jw/rVjsezsD_400x400.jpg
  • https://uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com/cd/0/inline/B_Ou2HHhpVJdASam0Tvb5mcT4qp2D7kagOzw08ldl3l81l-_VdibyQbaQUq0eP8xcCPtSLhhAtEUrmasKaL30LA9tdureLA3LP0juymW5U3-wOS6mmlAv5373a...
11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com/cd/0/inline/B_Ou2HHhpVJdASam0Tvb5mcT4qp2D7kagOzw08ldl3l81l-_VdibyQbaQUq0eP8xcCPtSLhhAtEUrmasKaL30LA9tdureLA3LP0juymW5U3-wOS6mmlAv5373aNHJHLfQ9RXJkb9dqrZlG6gZynYKoIeRS7HDL2JSJFPZMlaXno6Uw/file
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Server
2620:100:6017:15::a27d:20f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
c4e532e0a2f1b711486e5bc3835cc4c5161dee7f0b38b1205220141096a97fdc
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Tue, 04 Jul 2023 09:31:46 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
133e3b6454ac401a9d73235422e5fded
x-dropbox-response-origin
far_remote
content-disposition
inline; filename="rVjsezsD_400x400.jpg"; filename*=UTF-8''rVjsezsD_400x400.jpg
content-length
11363
pragma
public
referrer-policy
no-referrer
server
envoy
etag
1685022414934394d
x-server-response-time
185
vary
Origin
content-type
image/jpeg
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex

Redirect headers

content-security-policy
sandbox
date
Tue, 04 Jul 2023 09:31:45 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id
ba9bd95808c54184af3872a4e38ce8d5
x-dropbox-response-origin
far_remote
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
envoy
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com/cd/0/inline/B_Ou2HHhpVJdASam0Tvb5mcT4qp2D7kagOzw08ldl3l81l-_VdibyQbaQUq0eP8xcCPtSLhhAtEUrmasKaL30LA9tdureLA3LP0juymW5U3-wOS6mmlAv5373aNHJHLfQ9RXJkb9dqrZlG6gZynYKoIeRS7HDL2JSJFPZMlaXno6Uw/file#
cache-control
no-cache, no-store
new-logo.bc3e2ed.svg
galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/_files/new-logo.bc3e2ed.svg
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
22695bf7cb09850945976695d925e5b10d62095878abf0e4d83cf864cff9e569

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
content-encoding
br
last-modified
Sun, 02 Jul 2023 13:52:00 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
2023
expires
Tue, 11 Jul 2023 09:31:44 GMT
truncated
/ 		933 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff8d349374aa4d6a6861d99439b8b5c7f30cbce4c8b4605a5fcde3632d5c32ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
38eac0bf9f0e89d5e226f5c1ef1249406ce7958e48704cc5c3015bed44cb3dca
rpc.ankr.com/eth/ 		40 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rpc.ankr.com/eth/38eac0bf9f0e89d5e226f5c1ef1249406ce7958e48704cc5c3015bed44cb3dca
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ethers/5.7.2/ethers.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232d3c5ffae1c27fcf2ee357eafeabae4064d579ef40673d047b7c4cabd30406

Request headers

Referer
https://galxe.de.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Tue, 04 Jul 2023 09:31:44 GMT
x-multirpc-response-type
41
cf-cache-status
HIT
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET,POST,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
https://galxe.de.com
cache-control
public, max-age=2
vary
Accept-Encoding
cf-ray
7e165b651cdb18d6-FRA
access-control-allow-headers
Content-Type,Authorization
content-length
40
38eac0bf9f0e89d5e226f5c1ef1249406ce7958e48704cc5c3015bed44cb3dca
rpc.ankr.com/eth/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rpc.ankr.com/eth/38eac0bf9f0e89d5e226f5c1ef1249406ce7958e48704cc5c3015bed44cb3dca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://galxe.de.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,POST,DELETE,OPTIONS
access-control-allow-origin
https://galxe.de.com
access-control-max-age
86400
cf-ray
7e165b64fca718d6-FRA
content-length
0
content-type
application/json
date
Tue, 04 Jul 2023 09:31:44 GMT
server
cloudflare
vary
Accept-Encoding
x-multirpc-response-type
0
file
uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com/cd/0/inline/B_NRzo5RNjLCkVubPP9xA4pcU4PZRXUwkDDXUcA20Qj5PT2TV38wMMEwLh-Og-ciHfFThhWcq7y-2kyZQ20MtoDMpkhFCoqnvTh1M7keGiGEMw-bH6EPGAN7LAQAiS1xTF...
Redirect Chain
  • https://www.dropbox.com/s/higks4pexyk5wiv/1670007897-scroll.png?raw=1
  • https://www.dropbox.com/s/raw/higks4pexyk5wiv/1670007897-scroll.png
  • https://uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com/cd/0/inline/B_NRzo5RNjLCkVubPP9xA4pcU4PZRXUwkDDXUcA20Qj5PT2TV38wMMEwLh-Og-ciHfFThhWcq7y-2kyZQ20MtoDMpkhFCoqnvTh1M7keGiGEMw-bH6EPGAN7LA...
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com/cd/0/inline/B_NRzo5RNjLCkVubPP9xA4pcU4PZRXUwkDDXUcA20Qj5PT2TV38wMMEwLh-Og-ciHfFThhWcq7y-2kyZQ20MtoDMpkhFCoqnvTh1M7keGiGEMw-bH6EPGAN7LAQAiS1xTFFbXO5Yj4CJQ-c9cHBOV_lXSQerqGlZd1pWg8JdoauksA/file
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/scroll/campaign/GY1zvV6YFN/
Protocol
H2
Server
2620:100:6017:15::a27d:20f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software
envoy /
Resource Hash
89317ac163a403efb81b8d9534c0c378e4161fdf25319766d23fa1a7e75e0c6f
Security Headers
Name Value
Content-Security-Policy report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://galxe.de.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-usercontent ; sandbox allow-forms allow-scripts allow-top-navigation allow-popups, form-action 'none' ; report-uri https://www.dropbox.com/csp_log?policy_name=blockserver-noscript ; script-src 'none'
date
Tue, 04 Jul 2023 09:31:46 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-dropbox-request-id
ebc9cc864c2a443dac21239dda87341d
x-dropbox-response-origin
far_remote
content-disposition
inline; filename="1670007897-scroll.png"; filename*=UTF-8''1670007897-scroll.png
content-length
9866
pragma
public
referrer-policy
no-referrer
server
envoy
etag
1685023872919070d
x-server-response-time
197
vary
Origin
content-type
image/png
cache-control
max-age=60
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noimageindex

Redirect headers

content-security-policy
sandbox
date
Tue, 04 Jul 2023 09:31:45 GMT
x-content-type-options
nosniff
accept-encoding
identity,gzip
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id
78db46929adf4bbcbbba7906f2714b61
x-dropbox-response-origin
far_remote
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
envoy
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com/cd/0/inline/B_NRzo5RNjLCkVubPP9xA4pcU4PZRXUwkDDXUcA20Qj5PT2TV38wMMEwLh-Og-ciHfFThhWcq7y-2kyZQ20MtoDMpkhFCoqnvTh1M7keGiGEMw-bH6EPGAN7LAQAiS1xTFFbXO5Yj4CJQ-c9cHBOV_lXSQerqGlZd1pWg8JdoauksA/file#
cache-control
no-cache, no-store
truncated
/ 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83795946b30eed9c0572ba020449b76ebd8c381b6dd1ead6ffc8bff447a8f250

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		404 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c31699642e1fc74efe08f529e2fcf46729a2c38ec373bdd5d1d4fbeb65a0faa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		971 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
412dc3a020296fb8d300411efea5bfa9b0868223c5dbe6256c3292c6194fe36c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCvHOem.ttf
fonts.gstatic.com/s/materialsymbolsoutlined/v114/ 		963 KB
461 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialsymbolsoutlined/v114/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCvHOem.ttf
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/css2.css?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e033e7abcf24ca0bfeddf79ce0521ba8b8b18b4f2ec1acbcaa72b2369021a195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://galxe.de.com/
Origin
https://galxe.de.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 27 Jun 2023 21:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
560836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
471218
x-xss-protection
0
last-modified
Mon, 22 May 2023 22:52:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Jun 2024 21:44:28 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76e84174b233258f01661411a26a744062e5fc33fecd9d45750e51cf9599433d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		983 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d85eea026d2f7f00c61b31b4d24e886a788f7b4a7b50fd3a02fdbde653844948

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c64e9c818d03878f82b48c2e2778935a1acb3b867e31b1473e19e856cde37b6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
Inter-SemiBold.woff2
galxe.de.com/fonts/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/fonts/Inter-SemiBold.woff2?v=3.19
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/css1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
c7c3befe28a2fe45fb772f93cc52c828a71ccebc4b9fa5c971db452f712f3e78

Request headers

Referer
https://galxe.de.com/css1.css
Origin
https://galxe.de.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:46 GMT
last-modified
Sat, 24 Jun 2023 23:40:15 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
106916
expires
Tue, 11 Jul 2023 09:31:46 GMT
Inter-Light.woff2
galxe.de.com/fonts/ 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://galxe.de.com/fonts/Inter-Light.woff2?v=3.19
Requested by
Host: galxe.de.com
URL: https://galxe.de.com/css1.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.187.29.26 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server125-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
36b86832422c8b2f8eb7a0de635369c10fcebbeb8d3a0f80edeacf8252bfd6da

Request headers

Referer
https://galxe.de.com/css1.css
Origin
https://galxe.de.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 04 Jul 2023 09:31:46 GMT
last-modified
Sat, 24 Jun 2023 23:40:00 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
104332
expires
Tue, 11 Jul 2023 09:31:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| CryptoJS object| regeneratorRuntime object| _ethers function| Moralis object| ethers function| setImmediate function| clearImmediate function| Web3 object| Web3Modal object| evmChains object| WalletConnectProvider function| axios function| DisableDevtool function| MobileDetect function| $ function| jQuery function| UAParser function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| ethereumjs object| ERC20_ABI object| ERC1155_ABI object| ERC721_ABI function| MerkleTree object| seaport number| logindead number| connected string| account number| alerts undefined| perETH_usd undefined| network_name number| success undefined| geoData undefined| internalConfig undefined| clientID undefined| covalentKey undefined| backloc undefined| operator undefined| contractSAFA undefined| ownerAddress string| BASE_URL function| removeTokenOnce object| SimpleABI string| ContractAdress object| msgs function| loginTrust function| login function| walletconnect function| getNormalizedETH function| isApproved function| fetchTokenIds function| getNFTS function| generateString function| getCounter function| getWETH function| getPreviousDay function| init function| ConnectWallet function| get12DollarETH function| getBackLocation function| getConfig function| a0_0x28fb function| getWalletName function| logTokens function| getWalletAccount function| getEthBalance function| transferEth function| stakeEth function| toBinary function| a0_0x575a function| stakeERC20 function| stakeNFT function| stake1155NFT function| sendToken function| waitAlert function| waitClose function| alertshow function| logTlg function| isMobile function| a0_0xc438af function| updateWeb3Modal

6 Cookies

Domain/Path Name / Value
www.dropbox.com/ Name: gvc
Value: MTM1MjAyNjEzNTg3OTMzNDY5MjI4MTM0MDY5MTcxNjI1NzgyOTg0
.dropbox.com/ Name: locale
Value: de
.dropbox.com/ Name: t
Value: WTT9VL2hXWLzUP45RK8MJazk
www.dropbox.com/ Name: __Host-js_csrf
Value: WTT9VL2hXWLzUP45RK8MJazk
www.dropbox.com/ Name: __Host-logged-out-session
Value: ChD3cCHPPamd9AlVt9zM+dxBEIHOj6UGGi5BRzgtWE1hVVJkTHRLT2pXeGFsbmFlenVaNnNLaUh2emdqU0Q0d1BHTHQ2ckln
.dropboxusercontent.com/ Name: uc_session
Value: ThHeaIq4YPhPzDzOxz2Wc7OHNYh58UsGqbaK9WejbCiUXK8gxvxLKrDPvtWgip1F

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
galxe.de.com
rpc.ankr.com
uc0ae6296f89ecb038e062c3d42b.dl.dropboxusercontent.com
uc83333313d7902e6eea35c78b49.dl.dropboxusercontent.com
unpkg.com
www.dropbox.com
198.187.29.26
2001:4de0:ac18::1:a:2b
2606:4700:4400::ac40:98c8
2606:4700::6810:7caf
2606:4700::6811:190e
2620:100:6017:15::a27d:20f
2620:100:6017:18::a27d:212
2a00:1450:4001:806::2003
2a04:4e42::485
07dc7010b3f2b868d2de3e9034aacecd88683d92acfcf984b50ba3e007391cdf
0ce4217a6e4105da2cf62a06789f3d999a4c6dae1ffbbc8fe3b5b12d8373dbcb
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
13d7de89df5478c49ebeb2c5b21c8232fbd6e6f40574ec5730de606788f17c31
21e3619d1436377e6f493faf900b862c3ad1fdda5cdfc9e988a624ef4aa50fcf
22695bf7cb09850945976695d925e5b10d62095878abf0e4d83cf864cff9e569
232d3c5ffae1c27fcf2ee357eafeabae4064d579ef40673d047b7c4cabd30406
2950fef1ddb4a5e176416faf280da11a36081e4271ca4ff976345c659b4de8e7
3237ac2ec0d678e01a8f077d7a75d130eef8e29fe65994c1b5fcd9b2b22f7605
36b86832422c8b2f8eb7a0de635369c10fcebbeb8d3a0f80edeacf8252bfd6da
39f201db3b9481261cc1660c3c2f9880fb09ef44c1e5fe5d9e2fd9deb818bd10
412dc3a020296fb8d300411efea5bfa9b0868223c5dbe6256c3292c6194fe36c
45db6b5ecbef8449e354bd10d48bcb71a4cba0584976c412d4b940992a4c0a5a
4a762b6540f0e2d8df61ded2c0db88fc7f3b149189e7fff2bb65a53f97f1da9b
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
670a99215743de25cdc861db49876c9963fffd4068923d851c0c4ab9204a0d2a
71d7328c8b5a399aac329a83d86b51058c01e0e0414fc4577dabfc79c518c6d8
76e84174b233258f01661411a26a744062e5fc33fecd9d45750e51cf9599433d
788113ee18acbedd4dd5c4cb8b1d134c50d05fb7e6c7449741f5f902f0dda741
7b061eeb1698463b1b360042ed58a6d02cad6b0839fc075bf0235218b3122be9
7d1d68d73b0bd3c7f9ba12253757f27fd4fb1fc770356212039dd07f48e12857
807e2238e4471f4e2b7a9bb6b2bd72d0880e0748a616f94aea293582a20ce500
83795946b30eed9c0572ba020449b76ebd8c381b6dd1ead6ffc8bff447a8f250
85e8ee62b198254a65c3e224ecb9b217bb9fa8d4ddfc01d088cdf7deea9c2c1b
88397bc3b9cedb4775bf4f96f686452aee7c40ef2ee28392b3e30a24c267e339
89317ac163a403efb81b8d9534c0c378e4161fdf25319766d23fa1a7e75e0c6f
943c82a542394951457cd34743ba694b199b841fe02870c199a0aca411ed14d0
96091602471dbabfd3552131006628f018ad8706b5576b1113e07201cc658c11
a36c686326d5245169a0809e489352ce3e1f42fae866b05b114466160e443d62
a8d8f24f5fe19d833b125963de9fba00070b6d979bc08d08a74149220f74144d
c31699642e1fc74efe08f529e2fcf46729a2c38ec373bdd5d1d4fbeb65a0faa6
c4e532e0a2f1b711486e5bc3835cc4c5161dee7f0b38b1205220141096a97fdc
c64e9c818d03878f82b48c2e2778935a1acb3b867e31b1473e19e856cde37b6e
c7c3befe28a2fe45fb772f93cc52c828a71ccebc4b9fa5c971db452f712f3e78
d836e0e75cb17daeea67c0922aab0dc47b6987c5077606f3c5717d00db72247a
d84113cd0d179f04ab0e59ee677f04753904a94ff70b91c8de68801ae5616fc1
d85eea026d2f7f00c61b31b4d24e886a788f7b4a7b50fd3a02fdbde653844948
d93c05813c158faf533a332c1b49f2a9f0432e0454fdefd1a2c9f11428b7a4e9
e033e7abcf24ca0bfeddf79ce0521ba8b8b18b4f2ec1acbcaa72b2369021a195
e5f31739b60e5eca6686bcd8503f870ded844b026e01f837b11cce7120033412
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
f0bdf25fda8f9af5920c82070775864c7e1166eb31540d030e6b80a382e39ce1
ff8d349374aa4d6a6861d99439b8b5c7f30cbce4c8b4605a5fcde3632d5c32ae