urlscan.io logo urlscan.io
SecurityTrails logo

account.hoyoverse.com Open in urlscan Pro
2600:9000:223f:7000:1:c539:3800:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://account.hoyoverse.com/#/register/email?cb_route=%2Faccount%2FaccountInfo
Effective URL: https://account.hoyoverse.com/
Submission: On April 29 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2600:9000:223f:7000:1:c539:3800:93a1, located in United States and belongs to AMAZON-02, US. The main domain is account.hoyoverse.com. The Cisco Umbrella rank of the primary domain is 183217.
TLS certificate: Issued by Secure Site CA G2 on November 18th 2022. Valid for: a year.
This is the only time account.hoyoverse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2600:9000:223... 16509 (AMAZON-02)
2 163.181.56.159 24429 (TAOBAO Zh...)
2 2600:9000:223... 16509 (AMAZON-02)
2 52.222.214.91 16509 (AMAZON-02)
2 13.32.121.129 16509 (AMAZON-02)
1 23.45.106.82 16625 (AKAMAI-AS)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 139.224.233.228 37963 (ALIBABA-C...)
3 2600:9000:225... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 13
5    2600:9000:223f:7000:1:c539:3800:93a1 (United States)

ASN16509 (AMAZON-02, US)
account.hoyoverse.com
2    163.181.56.159 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
webstatic.mihoyo.com
2    2600:9000:223e:f400:17:49e7:a000:93a1 (United States)

ASN16509 (AMAZON-02, US)
webstatic.hoyoverse.com
2    52.222.214.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-91.fra56.r.cloudfront.net
api-account-os.hoyoverse.com
2    13.32.121.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-129.fra60.r.cloudfront.net
log-upload-os.hoyoverse.com
1    23.45.106.82 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-106-82.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    139.224.233.228 (Shanghai, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
sentry-api.mihoyo.com
3    2600:9000:2250:b000:3:b190:1b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
sg-public-data-api.hoyoverse.com
3    2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
14 hoyoverse.com
account.hoyoverse.com — Cisco Umbrella Rank: 183217
webstatic.hoyoverse.com — Cisco Umbrella Rank: 23031
api-account-os.hoyoverse.com — Cisco Umbrella Rank: 125456
log-upload-os.hoyoverse.com — Cisco Umbrella Rank: 18113
sg-public-data-api.hoyoverse.com — Cisco Umbrella Rank: 25348
709 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 236
accounts.google.com — Cisco Umbrella Rank: 92
63 KB
4 mihoyo.com
webstatic.mihoyo.com — Cisco Umbrella Rank: 111460
sentry-api.mihoyo.com — Cisco Umbrella Rank: 336342
28 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
89 KB
1 gstatic.com
www.gstatic.com
35 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 4198
17 KB
27 6
Domain Requested by
5 account.hoyoverse.com account.hoyoverse.com
3 accounts.google.com apis.google.com
account.hoyoverse.com
www.gstatic.com
3 sg-public-data-api.hoyoverse.com webstatic.mihoyo.com
2 sentry-api.mihoyo.com webstatic.mihoyo.com
2 apis.google.com account.hoyoverse.com
apis.google.com
2 connect.facebook.net account.hoyoverse.com
connect.facebook.net
2 log-upload-os.hoyoverse.com webstatic.hoyoverse.com
2 api-account-os.hoyoverse.com account.hoyoverse.com
2 webstatic.hoyoverse.com account.hoyoverse.com
2 webstatic.mihoyo.com account.hoyoverse.com
webstatic.mihoyo.com
1 www.gstatic.com accounts.google.com
1 appleid.cdn-apple.com account.hoyoverse.com
27 12

This site contains no links.

Subject Issuer Validity Valid
*.hoyoverse.com
Secure Site CA G2		 2022-11-18 -
2023-11-17		 a year crt.sh
*.mihoyo.com
GeoTrust CN RSA CA G1		 2022-09-15 -
2023-10-11		 a year crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-05 -
2023-05-06		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://account.hoyoverse.com/
Frame ID: 33AFC06DBEA5083A5FD70C9C9C663A6F
Requests: 26 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 51A2C8A567335FAD0DFBB6E72D0580F6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mit E-Mail-Adresse registrieren

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

27
Requests

100 %
HTTPS

58 %
IPv6

6
Domains

12
Subdomains

13
IPs

3
Countries

945 kB
Transfer

3573 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account.hoyoverse.com/ 		867 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://account.hoyoverse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7000:1:c539:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780fb8a9722d5fd7bd790b7a35a9e2a684f24d56226a01693b50622cb893ef8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9
content-length
867
content-type
text/html
date
Sat, 29 Apr 2023 11:30:49 GMT
etag
"4f7b5c6dd43728fa6747c4688b8f4e97"
last-modified
Wed, 12 Apr 2023 07:09:50 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-id
gA0CCGD9_ysvT8bGkmwsTR03XZTfX-erXoSzlvs43NTtPOj_nw8X_A==
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sentry-lazy.global.js
webstatic.mihoyo.com/dora/lib/sentry-lazy/1.3.0/ 		936 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webstatic.mihoyo.com/dora/lib/sentry-lazy/1.3.0/sentry-lazy.global.js
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.159 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2344bcf171928d58d59e34f5935b17cef79284e6fa405edfaad839c9a1799df3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 06:33:27 GMT
via
cache19.l2de2[0,0,304-0,H], cache3.l2de2[1,0], ens-cache6.de4[0,0,200-0,H], ens-cache3.de4[0,0]
x-oss-request-id
644622B7D99A560C570373BC
content-md5
82OPTUBpyBevBn3Ke4S/Ug==
age
449844
x-swift-cachetime
604797
x-cache
HIT TCP_MEM_HIT dirn:9:12902430
x-oss-cdn-auth
success
x-swift-savetime
Mon, 24 Apr 2023 06:33:30 GMT
content-length
936
x-oss-object-type
Normal
last-modified
Mon, 10 Apr 2023 06:32:34 GMT
server
Tengine
etag
"F3638F4D4069C817AF067DCA7B84BF52"
ali-swift-global-savetime
1682318007
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Range
cache-control
max-age=300
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
2387073588334573404
access-control-allow-headers
*
eagleid
2ff62b1b16827678511917866e
x-oss-server-time
13
1_e31614e0bc85ab76b6d1.css
account.hoyoverse.com/ 		61 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.hoyoverse.com/1_e31614e0bc85ab76b6d1.css
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7000:1:c539:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b915db159fafef7aa2b3f770a1f6af6aea8a320aff3780ffb22626a9eaf4d01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:30:50 GMT
content-encoding
br
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 07:09:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
5
x-amz-server-side-encryption
AES256
etag
W/"dc3c47c0220aad515c87f1d98066e2f7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
lNtVHImHCi7Y2lUHM4hY8KAVQrjtfyJSMPJEhWJrFAfuDNDrMN4DSg==
bundle_87f62fdeb2c8eb000efb.css
account.hoyoverse.com/ 		96 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.hoyoverse.com/bundle_87f62fdeb2c8eb000efb.css
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7000:1:c539:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ce70a8dea8df7d75eac59e57c41c3a54a8d509c38f2e5cf541fa29ad61ab6e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:30:50 GMT
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 07:09:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
1
x-amz-server-side-encryption
AES256
etag
W/"4033587ded911b930d48347bdeb4c753"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
KcT4dV_A4e8gDijyXsEbYB03mICjZsN40ZsO1iPNlcY8HK6GbKjUgg==
main.js
webstatic.hoyoverse.com/dora/biz/mihoyo-analysis/v2/ 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webstatic.hoyoverse.com/dora/biz/mihoyo-analysis/v2/main.js
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:f400:17:49e7:a000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b3621c3ca2fa930c9466b41ad06a898838a02a7b976543ead22e6f4cccec918

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:10:08 GMT
content-encoding
gzip
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
last-modified
Mon, 03 Apr 2023 12:30:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
51643
x-amz-server-side-encryption
AES256
etag
W/"9f7cc728e9efeb52d1007df5b058ad3f"
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
HUECgftTEzEBVm_O4VQ26ehACOxapvqMI3E2MmhHdLGoTiW2DZlOKA==
vendors_2.12.0_8f15e0c69113556469b4.js
account.hoyoverse.com/ 		2 MB
414 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.hoyoverse.com/vendors_2.12.0_8f15e0c69113556469b4.js
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7000:1:c539:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47c0f5dfd25f09c85178c35a9068987c1652a10599a0d3bcdcb68ab67d93105e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:30:50 GMT
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 07:11:25 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
5
x-amz-server-side-encryption
AES256
etag
W/"72d618be233fb40cd91cd1b2767b43a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
V8g9XhQQ7NsaFLMLHGCudpPXlzhmGajM0a_EiNQHh62Ivql5cAQ24Q==
bundle_2.12.0_03593745c6537aed1c33.js
account.hoyoverse.com/ 		445 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.hoyoverse.com/bundle_2.12.0_03593745c6537aed1c33.js
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7000:1:c539:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a59d9a0a0398a087ef732e9cd96ed6c32f8f41d9b6931536d65727cf111f3ea3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:30:50 GMT
content-encoding
br
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 07:12:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
5
x-amz-server-side-encryption
AES256
etag
W/"5bb9a97a9401449d41e8ff33cffd6978"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
LAWS5qrmeJbfjRJ3PQ8lb1NpmLmZ3-wHS_9cLbVeG5BiiqwZ9rSMsQ==
getConfig
api-account-os.hoyoverse.com/account/auth/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-account-os.hoyoverse.com/account/auth/api/getConfig
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-91.fra56.r.cloudfront.net
Software
/ takumi
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-rpc-client_type,x-rpc-device_id
Access-Control-Request-Method
POST
Origin
https://account.hoyoverse.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Rpc-Client_Type, X-Rpc-Device_Id
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://account.hoyoverse.com
Access-Control-Max-Age
86400
Connection
keep-alive
Date
Sat, 29 Apr 2023 11:30:51 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Via
1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
zFIJd3hXSRnH7CgVsfMTEY-t3ai61IXZ0z3U70K046hsZuKULSS_-A==
X-Amz-Cf-Pop
FRA56-P3
X-Cache
Miss from cloudfront
X-Powered-By
takumi
X-Trace-Id
338fd153698bc655:338fd153698bc655:0:1
getConfig
api-account-os.hoyoverse.com/account/auth/api/ 		200 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-account-os.hoyoverse.com/account/auth/api/getConfig
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/vendors_2.12.0_8f15e0c69113556469b4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-91.fra56.r.cloudfront.net
Software
/ takumi
Resource Hash
40810261901a3cdbed5561401aeb50e722f1395eee8b51ad18871979fd751d03

Request headers

Accept
application/json, text/plain, */*
Referer
https://account.hoyoverse.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
x-rpc-client_type
4
x-rpc-device_id
c7f93533-b91e-4505-8dc7-1d029a5864dd

Response headers

X-Trace-Id
37be126eb2363d50:37be126eb2363d50:0:1
Date
Sat, 29 Apr 2023 11:30:51 GMT
Via
1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P3
X-Powered-By
takumi
Vary
Origin, Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
application/json
Access-Control-Allow-Origin
https://account.hoyoverse.com
Access-Control-Expose-Headers
Ab_experiment_info_v1
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
200
X-Amz-Cf-Id
5nTeAwLSRegM3Nc5pM7ltnV5zkdprbisGOEK983G3Ihq2JTx1O4Pvw==
20190812_5d51512fdef47-de-de.json
webstatic.hoyoverse.com/admin/mi18n/bh3_global/20190812_5d51512fdef47/ 		239 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://webstatic.hoyoverse.com/admin/mi18n/bh3_global/20190812_5d51512fdef47/20190812_5d51512fdef47-de-de.json
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/vendors_2.12.0_8f15e0c69113556469b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:f400:17:49e7:a000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d8e570fa309050370db2884bbab7a2efe763f2a67443fc6cf814a6c4c5f94b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:15:20 GMT
content-encoding
gzip
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
22071
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 18 Apr 2023 11:14:31 GMT
server
AmazonS3
etag
W/"574962728d1dcaee579dd1b4e7062faf"
access-control-max-age
10
access-control-allow-methods
PUT, POST, GET
content-type
application/json
access-control-allow-origin
https://account.hoyoverse.com
vary
Accept-Encoding,origin
access-control-allow-credentials
true
x-amz-cf-id
cQwQfMb6V0oHWVbc7DWxhri8lhJYD9SUU0PkOpG5iYsiL2rqbz3YoQ==
upload
log-upload-os.hoyoverse.com/h5/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://log-upload-os.hoyoverse.com/h5/upload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-129.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-md5,content-type,timestamp,verification
Access-Control-Request-Method
POST
Origin
https://account.hoyoverse.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AccessToken,X-CSRF-Token, Authorization, Token, Content-Length,Content-Type,Content-MD5, Timestamp, Verification
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://account.hoyoverse.com
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
date
Sat, 29 Apr 2023 11:30:52 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
x-amz-cf-id
2t30D-aGlK3IMCaJeBasu4c-1iHL8fedHHOb6S2sAiA8o3We4uIlQw==
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/de_DE/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/de_DE/appleid.auth.js
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/vendors_2.12.0_8f15e0c69113556469b4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.106.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-106-82.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
bb4659a656b1c9bedccde3abf8f3d38de83567495d9d4201535ac27c5c67eb08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Sat, 29 Apr 2023 11:30:52 GMT
Last-Modified
Fri, 28 Apr 2023 16:48:05 GMT
Server
Apple
ETag
W/"42917-1682700485466"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17337
sdk.js
connect.facebook.net/de_DE/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/vendors_2.12.0_8f15e0c69113556469b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
07a95c6f1da52c937272381b1632bee3dff01e8232b6408ac9543bd4e9aa8f09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Apr 2023 11:30:52 GMT
content-md5
YbC2DK1Tv9ySrnUaTO2oww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
6h50wlCZUKjiVmCUcZUETmHCMD1nPf8BZtWX7D1nXUfZZRqMNofXrhOjvJqe6hUchpwW5ZYWAkrQMpJ+8lvXdw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
2545dc949f9079e18e1fb4e9077db4a8
cross-origin-opener-policy
same-origin-allow-popups
etag
"32be77cfe947f7acd39d4f035b17300a"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 29 Apr 2023 11:39:12 GMT
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js?onload=onGapiLoad
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/vendors_2.12.0_8f15e0c69113556469b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a602d26c2268197f0cc5e1f239483f1e9a33e7bddce4915f4efd3f3b0553254
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Apr 2023 11:30:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21027
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"69fe2dc59deed9a1"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Apr 2023 11:30:52 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c6d6e1bd3f6e62c33f21bf2e755c673a903ecfe4dde68cde470412ed0a75ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8f20379118c26cf2c86d333b214a018398d524d05aeffdc49a3298aa1d6b331

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08532a2c616375d2399237f2318810fbb3d8237c8ceb7e59cbbc9597a494fec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ba93f827f652cfb6530927f22064f1fdbe989dfb27a8cbf16771f6fa54b5493

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0865bf997d9c8a037823d8cd35a63f73a08037e5db52ac9b7a151a909d779c8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
upload
log-upload-os.hoyoverse.com/h5/ 		10 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log-upload-os.hoyoverse.com/h5/upload
Requested by
Host: webstatic.hoyoverse.com
URL: https://webstatic.hoyoverse.com/dora/biz/mihoyo-analysis/v2/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-129.fra60.r.cloudfront.net
Software
/
Resource Hash
7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3

Request headers

Timestamp
1682767852
Referer
https://account.hoyoverse.com/
Verification
45ae35b8dfdb8b650f7c066fb376c429c14337a7
Content-MD5
8a1c13ecdde48c80878cf026ca6f0743
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 29 Apr 2023 11:30:52 GMT
via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://account.hoyoverse.com
x-cache
Miss from cloudfront
access-control-expose-headers
Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials
true
access-control-allow-headers
AccessToken,X-CSRF-Token, Authorization, Token, Content-Length,Content-Type,Content-MD5, Timestamp, Verification
content-length
10
x-amz-cf-id
BHBIBmG1slMkMa8j7PUuCGpODCSjDZmkPM3fWTFprXDqpns5yahnsA==
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d89c415d4c7cdb67eeeb4becd6c6ead5e0dfca29449cd074d09cdd3851ad3cf

Request headers

Referer
Origin
https://account.hoyoverse.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
sentry-tracing.min.js
webstatic.mihoyo.com/dora/lib/sentry/7.19.0/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webstatic.mihoyo.com/dora/lib/sentry/7.19.0/sentry-tracing.min.js
Requested by
Host: webstatic.mihoyo.com
URL: https://webstatic.mihoyo.com/dora/lib/sentry-lazy/1.3.0/sentry-lazy.global.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.56.159 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
317abeabc89780e10dc4b55beb895fe511a3b989ea5cadc91828e14587b0eaab

Request headers

Referer
https://account.hoyoverse.com/
Origin
https://account.hoyoverse.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:43:17 GMT
via
cache26.l2de2[0,0,304-0,H], cache23.l2de2[1,0], ens-cache4.de4[0,0,200-0,H], ens-cache7.de4[1,0]
content-encoding
gzip
x-oss-request-id
644776856B1B5CD8B2C5F092
content-md5
sVeYpz51k88wZI/T70SeFQ==
age
362855
x-swift-cachetime
604774
x-cache
HIT TCP_MEM_HIT dirn:0:1893518074
x-oss-cdn-auth
success
x-swift-savetime
Tue, 25 Apr 2023 06:43:43 GMT
content-length
25592
x-oss-object-type
Normal
last-modified
Mon, 10 Apr 2023 06:32:34 GMT
server
Tengine
etag
"B15798A73E7593CF30648FD3EF449E15"
vary
Accept-Encoding
ali-swift-global-savetime
1682404997
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Range
cache-control
max-age=300
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
15995932162826506805
access-control-allow-headers
*
eagleid
2ff62b1f16827678520334419e
x-oss-server-time
12
sdk.js
connect.facebook.net/de_DE/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/de_DE/sdk.js?hash=e46fa3028df57bae17cec477038f0ffa
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3eb04efefcfee002e053f0d72f64807e4f9913b84dd6a1bdf14d9be6981ad162
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://account.hoyoverse.com/
Origin
https://account.hoyoverse.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Apr 2023 11:30:52 GMT
content-md5
1Sodq/o7FRMdUYSI3swqxw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88724
x-fb-rlafr
0
x-fb-debug
0LV/p1XA7d5WOGDsSwYvCuhTER74s+29b9z/TSx4oJmnI/DvfGR8SdAoJMICMIjPB87TnqaoZX6X41jocv+Qzw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
0225a6541d080d40489b2acefb30c830
cross-origin-opener-policy
same-origin-allow-popups
etag
"504453043ea764edd751a4cc7a149af1"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 28 Apr 2024 10:14:41 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ 		116 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=onGapiLoad
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f8d667b706cda220bb8cfaf9195b273ad86e71fd8ce10e9b32d9ba625f14d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:48:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40092
x-xss-protection
0
last-modified
Sat, 01 Apr 2023 15:23:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 21:48:47 GMT
/
sentry-api.mihoyo.com/api/15/envelope/ 		2 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry-api.mihoyo.com/api/15/envelope/?sentry_key=4f0a5e8eeca546028b09fcab9b8f3d80&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0
Requested by
Host: webstatic.mihoyo.com
URL: https://webstatic.mihoyo.com/dora/lib/sentry/7.19.0/sentry-tracing.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.224.233.228 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://account.hoyoverse.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://account.hoyoverse.com
date
Sat, 29 Apr 2023 11:30:53 GMT
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
content-length
2
vary
Origin
content-type
application/json
getExtList
sg-public-data-api.hoyoverse.com/device-fp/api/ 		431 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sg-public-data-api.hoyoverse.com/device-fp/api/getExtList?platform=4
Requested by
Host: webstatic.mihoyo.com
URL: https://webstatic.mihoyo.com/dora/lib/sentry/7.19.0/sentry-tracing.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b000:3:b190:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ takumi
Resource Hash
f51432350bf39b56f5c61acb7c6f5e724e408974ad4f63dbc813ae4eafaf4801

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.hoyoverse.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Trace-Id
4d49fbdda47ab8f5:4d49fbdda47ab8f5:0:0
Date
Sat, 29 Apr 2023 11:30:52 GMT
Via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
X-Powered-By
takumi
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://account.hoyoverse.com
X-Cache
Miss from cloudfront
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type,Accept,gameName,Channel,DS
Content-Length
431
X-Amz-Cf-Id
Zjvu249B0lTLWddDJS33poYYesnH35gHhLANl8IKQ23ozJJfBOt7wQ==
iframe
accounts.google.com/o/oauth2/ Frame 51A2 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
49d4e3d84129c9301820a30da9ddc92584eccbb937248c1f15ffdc84bbff9d3d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-G2zxYUxT2-GajXlpreHP2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://account.hoyoverse.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-G2zxYUxT2-GajXlpreHP2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 11:30:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 51A2 		2 KB
916 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: account.hoyoverse.com
URL: https://account.hoyoverse.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ae0037e8a793bb1f889c1aae8054eae737218f63ba02f07df6866810d45064be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 11:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Hn07i3VV6lo.es5.O/d=1/rs=AOaEmlEYyY5LopICgzdXh6PLd75QVKMWdw/ Frame 51A2 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Hn07i3VV6lo.es5.O/d=1/rs=AOaEmlEYyY5LopICgzdXh6PLd75QVKMWdw/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b86e88f17e32906be34551e80c5f946a923dfffef7e5702fb3f8c2efcbd89919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:32:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
363520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35173
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 20:42:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 06:32:12 GMT
getFp
sg-public-data-api.hoyoverse.com/device-fp/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sg-public-data-api.hoyoverse.com/device-fp/api/getFp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b000:3:b190:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ takumi
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://account.hoyoverse.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type,Accept,gameName,Channel,DS
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE
Access-Control-Allow-Origin
https://account.hoyoverse.com
Access-Control-Max-Age
3600
Connection
keep-alive
Content-Type
text/plain
Date
Sat, 29 Apr 2023 11:30:52 GMT
Via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
X-Amz-Cf-Id
j_klJlCn5JEdSHohPb2Yd2vyFcTlkou9N7USm7VBkrtlQ8Ic11qHYg==
X-Amz-Cf-Pop
FRA60-P2
X-Cache
Miss from cloudfront
X-Powered-By
takumi
X-Trace-Id
610b6850202da969:610b6850202da969:0:0
getFp
sg-public-data-api.hoyoverse.com/device-fp/api/ 		87 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sg-public-data-api.hoyoverse.com/device-fp/api/getFp
Requested by
Host: webstatic.mihoyo.com
URL: https://webstatic.mihoyo.com/dora/lib/sentry/7.19.0/sentry-tracing.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:b000:3:b190:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ takumi
Resource Hash
97559e1b0290b53c1aacb9530c5cca34029cbd84e086eb2c58b463de7bfaec97

Request headers

Referer
https://account.hoyoverse.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

X-Trace-Id
11659f44ec950782:11659f44ec950782:0:0
Date
Sat, 29 Apr 2023 11:30:52 GMT
Via
1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
X-Powered-By
takumi
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://account.hoyoverse.com
X-Cache
Miss from cloudfront
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin,X-Requested-With,Content-Type,Accept,gameName,Channel,DS
Content-Length
87
X-Amz-Cf-Id
So8mlH-VJfC6yoCW9SwutYvs7VhTo-aWZAlFA_ZZu7E5zpzlKAXxvg==
iframerpc
accounts.google.com/o/oauth2/ Frame 51A2 		49 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Faccount.hoyoverse.com&client_id=332303543001-mt3n63m59a8o33vs496a55ct6l42vipc.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.Hn07i3VV6lo.es5.O/d=1/rs=AOaEmlEYyY5LopICgzdXh6PLd75QVKMWdw/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-WlzAJC8a_0tLtTPSL4u8IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-WlzAJC8a_0tLtTPSL4u8IQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
x-content-type-options
nosniff
date
Sat, 29 Apr 2023 11:30:45 GMT
content-encoding
gzip
age
7
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Sat, 29 Apr 2023 12:30:45 GMT
/
sentry-api.mihoyo.com/api/15/envelope/ 		41 B
304 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry-api.mihoyo.com/api/15/envelope/?sentry_key=4f0a5e8eeca546028b09fcab9b8f3d80&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.19.0
Requested by
Host: webstatic.mihoyo.com
URL: https://webstatic.mihoyo.com/dora/lib/sentry/7.19.0/sentry-tracing.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.224.233.228 Shanghai, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
69d8956947b0634e32b64d970d4e5cf1628dd279beeab44b3f4858bcc472f552

Request headers

Referer
https://account.hoyoverse.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://account.hoyoverse.com
date
Sat, 29 Apr 2023 11:30:54 GMT
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
content-length
41
vary
Origin
content-type
application/json

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| SentryLazy function| miHoYoAnalysis object| webpackJsonp function| setImmediate function| clearImmediate object| __core-js_shared__ object| core object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill function| initGeetest function| _ object| miHoYoGlobalMemoryCache object| Base64 object| platform function| mhyWebBridge function| onGapiLoad object| FB object| gapi object| ___jsl object| Sentry object| __SENTRY__ object| AppleID object| osapi object| __buffer

7 Cookies

Domain/Path Name / Value
account.hoyoverse.com/ Name: _MHYUUID
Value: c7f93533-b91e-4505-8dc7-1d029a5864dd
.hoyoverse.com/ Name: mi18nLang
Value: de-de
.account.hoyoverse.com/ Name: G_ENABLED_IDPS
Value: google
.hoyoverse.com/ Name: _MHYUUID
Value: c7f93533-b91e-4505-8dc7-1d029a5864dd
.hoyoverse.com/ Name: DEVICEFP_SEED_ID
Value: 7bb5d42c22cbcfa2
.hoyoverse.com/ Name: DEVICEFP_SEED_TIME
Value: 1682767852336
.hoyoverse.com/ Name: DEVICEFP
Value: 38d7ed2073728

3 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs(Line 177)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.hoyoverse.com
accounts.google.com
api-account-os.hoyoverse.com
apis.google.com
appleid.cdn-apple.com
connect.facebook.net
log-upload-os.hoyoverse.com
sentry-api.mihoyo.com
sg-public-data-api.hoyoverse.com
webstatic.hoyoverse.com
webstatic.mihoyo.com
www.gstatic.com
13.32.121.129
139.224.233.228
163.181.56.159
23.45.106.82
2600:9000:223e:f400:17:49e7:a000:93a1
2600:9000:223f:7000:1:c539:3800:93a1
2600:9000:2250:b000:3:b190:1b00:93a1
2a00:1450:4001:810::2003
2a00:1450:4001:831::200d
2a00:1450:4001:831::200e
2a03:2880:f083:9:face:b00c:0:3
52.222.214.91
07a95c6f1da52c937272381b1632bee3dff01e8232b6408ac9543bd4e9aa8f09
08532a2c616375d2399237f2318810fbb3d8237c8ceb7e59cbbc9597a494fec9
0865bf997d9c8a037823d8cd35a63f73a08037e5db52ac9b7a151a909d779c8a
1f8d667b706cda220bb8cfaf9195b273ad86e71fd8ce10e9b32d9ba625f14d23
2344bcf171928d58d59e34f5935b17cef79284e6fa405edfaad839c9a1799df3
317abeabc89780e10dc4b55beb895fe511a3b989ea5cadc91828e14587b0eaab
3eb04efefcfee002e053f0d72f64807e4f9913b84dd6a1bdf14d9be6981ad162
40810261901a3cdbed5561401aeb50e722f1395eee8b51ad18871979fd751d03
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47c0f5dfd25f09c85178c35a9068987c1652a10599a0d3bcdcb68ab67d93105e
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
49d4e3d84129c9301820a30da9ddc92584eccbb937248c1f15ffdc84bbff9d3d
5ba93f827f652cfb6530927f22064f1fdbe989dfb27a8cbf16771f6fa54b5493
5d89c415d4c7cdb67eeeb4becd6c6ead5e0dfca29449cd074d09cdd3851ad3cf
5d8e570fa309050370db2884bbab7a2efe763f2a67443fc6cf814a6c4c5f94b2
69d8956947b0634e32b64d970d4e5cf1628dd279beeab44b3f4858bcc472f552
780fb8a9722d5fd7bd790b7a35a9e2a684f24d56226a01693b50622cb893ef8c
7a602d26c2268197f0cc5e1f239483f1e9a33e7bddce4915f4efd3f3b0553254
7a97b9b4d758a3929b8a2be53fbe189c9ba9378d6fbb8190d37f7cc14f5cf5d3
7b3621c3ca2fa930c9466b41ad06a898838a02a7b976543ead22e6f4cccec918
7ce70a8dea8df7d75eac59e57c41c3a54a8d509c38f2e5cf541fa29ad61ab6e3
8b915db159fafef7aa2b3f770a1f6af6aea8a320aff3780ffb22626a9eaf4d01
8c6d6e1bd3f6e62c33f21bf2e755c673a903ecfe4dde68cde470412ed0a75ff1
97559e1b0290b53c1aacb9530c5cca34029cbd84e086eb2c58b463de7bfaec97
a59d9a0a0398a087ef732e9cd96ed6c32f8f41d9b6931536d65727cf111f3ea3
ae0037e8a793bb1f889c1aae8054eae737218f63ba02f07df6866810d45064be
b86e88f17e32906be34551e80c5f946a923dfffef7e5702fb3f8c2efcbd89919
bb4659a656b1c9bedccde3abf8f3d38de83567495d9d4201535ac27c5c67eb08
d8f20379118c26cf2c86d333b214a018398d524d05aeffdc49a3298aa1d6b331
f51432350bf39b56f5c61acb7c6f5e724e408974ad4f63dbc813ae4eafaf4801