urlscan.io logo urlscan.io
SecurityTrails logo

app-669917.galleon.mobi Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app-669917.galleon.mobi/
Effective URL: https://app-669917.galleon.mobi/
Submission: On April 18 via api from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 28 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is app-669917.galleon.mobi.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 21st 2022. Valid for: a year.
This is the only time app-669917.galleon.mobi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 101.33.11.88 132203 (TENCENT-N...)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 9
15    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
app-669917.galleon.mobi
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    101.33.11.88 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ai.1122pro.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
05ad102600450ad3.galleon.mobi
3    2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
17 galleon.mobi
app-669917.galleon.mobi
05ad102600450ad3.galleon.mobi
1 MB
6 google.com
apis.google.com — Cisco Umbrella Rank: 102
accounts.google.com — Cisco Umbrella Rank: 80
114 KB
2 1122pro.com
ai.1122pro.com
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
84 KB
1 gstatic.com
www.gstatic.com
34 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
297 B
28 6
Domain Requested by
15 app-669917.galleon.mobi 1 redirects app-669917.galleon.mobi
3 accounts.google.com apis.google.com
app-669917.galleon.mobi
www.gstatic.com
3 apis.google.com app-669917.galleon.mobi
apis.google.com
2 05ad102600450ad3.galleon.mobi app-669917.galleon.mobi
2 ai.1122pro.com app-669917.galleon.mobi
ai.1122pro.com
2 connect.facebook.net app-669917.galleon.mobi
connect.facebook.net
1 www.gstatic.com accounts.google.com
1 www.facebook.com app-669917.galleon.mobi
28 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-21 -
2023-01-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-25 -
2022-04-25		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
ai.1122pro.com
TrustAsia TLS RSA CA		 2021-11-12 -
2022-11-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://app-669917.galleon.mobi/
Frame ID: 72C33F8BBB0E2B8B801D75F24FF89AA6
Requests: 29 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 3F1A25DBD2511B60B625668BE879A4E5
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GALLEON

Page URL History Show full URLs

  1. http://app-669917.galleon.mobi/ HTTP 301
    https://app-669917.galleon.mobi/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

28
Requests

100 %
HTTPS

88 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

1608 kB
Transfer

3696 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app-669917.galleon.mobi/ HTTP 301
    https://app-669917.galleon.mobi/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app-669917.galleon.mobi/
Redirect Chain
  • http://app-669917.galleon.mobi/
  • https://app-669917.galleon.mobi/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app-669917.galleon.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1224bbb7e9d2eeaf71044aca992ffbca9cfeb706a78012cae80dead8cd1dd8d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fda0b073be99125-FRA
content-encoding
br
content-type
text/html
date
Mon, 18 Apr 2022 02:41:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTBK579j7mcyLHV5sJRm0kTBi%2BJchglaV3jGMLrd5UzeOOOKYQmW4xqe1mSlQV4OUVNegnnULLWgB9y%2BMG4f2Fgz2%2Fq7TSzuAKB4tptzCOpNAIX%2BGvX0pF0xcEOF2XH6aHW11mvhJyI1CUfyQH6j7aP%2F4Lx%2FQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff

Redirect headers

CF-RAY
6fda0b06eb4b8fd4-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 18 Apr 2022 02:41:43 GMT
Expires
Mon, 18 Apr 2022 03:41:43 GMT
Location
https://app-669917.galleon.mobi/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7AaVFF25klg8ALzVLrE66cqnd5Mqw0ejpZTpUvgoK%2BCNVecGw%2BkhMsUBKLrtbtFh9WXoku7kq0Ce5dRzlZ4Iwn6Ei%2BqthxsrGZFtqLtJ4KbPN6Q%2FTWM5%2Be6HPnZ1Ug%2Fkv9BIJQYOjmSA7eVvpOFCgt0WHyE%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sdk.js
connect.facebook.net/zh_CN/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_CN/sdk.js
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
47f56fe2f93be5eb7bff7fff1798b83f6fb54c43f9db87638355775d7bdeabd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app-669917.galleon.mobi/
Origin
https://app-669917.galleon.mobi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VsvkNutE+Qh2FBOe4IxaRw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 18 Apr 2022 02:49:32 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
YA5zuol1+AwHioXb7A6VRxfuRVoP3dEaO+jUE/r9gH40TUIWLfmlt+GlgbeyskDmsL0DiVpvrOyv0SI/DxjEiQ==
x-fb-trip-id
2050670934
x-fb-content-md5
abc6f91378afc00c97b5d53f86ebdc6c
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 18 Apr 2022 02:41:43 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"615d0ed5b31d226cbace0c8149080f74"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
api:client.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api:client.js
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41ca1bfa82c913c380f7f4f2723de2db977dbaefdb1cc85ec96bffe80ea2576f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5716
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 18 Apr 2022 02:41:44 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"16f1660a8010a471"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Apr 2022 02:41:44 GMT
traceinstall.js
ai.1122pro.com/v2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ai.1122pro.com/v2/traceinstall.js?app_key=app001
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_Oversea_AP /
Resource Hash
32deeb2218d25ca73b466aed5ca7a945e0ee3dca44c4e84ac31b3d4971757c87
Security Headers
Name Value
Strict-Transport-Security max-age=36000;includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:44 GMT
content-encoding
gzip
vary
accept-encoding
x-cache-lookup
Hit From Disktank3 Gz
content-length
1702
last-modified
Sat, 16 Apr 2022 05:10:00 GMT
server
NWS_Oversea_AP
strict-transport-security
max-age=36000;includeSubDomains
access-control-allow-methods
*
content-type
javascript
access-control-allow-origin
*
cache-control
max-age=600
access-control-allow-credentials
*
x-nws-log-uuid
336b8eed-e99c-42ae-af89-7c2a97e8647f
access-control-allow-headers
*
expires
Mon, 18 Apr 2022 02:51:43 GMT
app.b72a261d.js
app-669917.galleon.mobi/js/ 		1 MB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-669917.galleon.mobi/js/app.b72a261d.js
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7dff45b3f203fa2066e99123c0264da5c4b1d6ce7acde3a079c03b831755d34
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3678
cf-polished
origSize=1198962
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
W/"625557d6-124b72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QQ8W66wEHgruKNrxrtn3f0tgjLgi%2B7tztvl%2Fjs%2FbKhw7WcjhXbnZFkqvGClq82DDS%2FSb7lvy29B5Z9mY8msf0gc4%2BEp9MRso7H44UXEs92rJYutSRdWDnIfLQuvCmUS6v7Oj%2BspfPwu7cTd9%2FDFIrykmYWqIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
6fda0b097e829125-FRA
cf-bgj
minify
sdk.js
connect.facebook.net/zh_CN/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_CN/sdk.js?hash=166f889f0b47e05b2742b670d1e2b085
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_CN/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
99600daf91d0c9553b7ab749eb0872246786261853d544dce87e8fd5850d755a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app-669917.galleon.mobi/
Origin
https://app-669917.galleon.mobi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2Ze3zzgza4vUDfDpStCgEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 18 Apr 2023 02:29:40 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82983
x-fb-rlafr
0
x-fb-debug
e/9GiA45QXRAMHIS3mNMMBq7VrSfwgzA/se2zVDNyARloIqUW2B7dvD3G1faXp31uoUYhIvFVlKVH3ZrmWRiQw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c928a2d1d35a1aa4aa0d4492991c9f9d
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 18 Apr 2022 02:41:44 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"02a4d1ec85a8ecc09b2287c59a2de75c"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 		311 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5de6587f20288172a4e499f34200a8bde3cb11c9c8678e35dffea539e8d51b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 05:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107939
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 22:59:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 05:33:19 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=314209393956081&ev=fb_page_view&dl=https%3A%2F%2Fapp-669917.galleon.mobi%2F&rl=&if=false&ts=1650249704088&sw=1600&sh=1200&at=
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 18 Apr 2022 02:41:44 GMT
chunk-470ce7f0.e27c5f5d.js
app-669917.galleon.mobi/js/ 		0
394 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app-669917.galleon.mobi/js/chunk-470ce7f0.e27c5f5d.js
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1615436
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
W/"625557d6-18a64c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIzhSiUeFAwV7EZXgNkAUVqA08FXfcT%2BoWwMK64FwqQ3pBA%2BKIvE3gOataqRr%2FE33mXCUuh1E8nBCSZiXwSQ1ts%2FZaXH0uBFl4ikzyseQKXJ2xxt%2Bo1%2Fha3UDj3Zi%2BOJDJve%2B1d9fM%2B7qqmb9T0rIa01qfZcWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
6fda0b0d4d7b90bb-FRA
cf-bgj
minify
chunk-470ce7f0.e27c5f5d.js
app-669917.galleon.mobi/js/ 		2 MB
394 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-669917.galleon.mobi/js/chunk-470ce7f0.e27c5f5d.js
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/js/app.b72a261d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43b7521ea585e87e91b18997ee5379ede78253c789634a41e6f313e34b410124
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1615436
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
W/"625557d6-18a64c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTA6B8Utyrbe%2BKCPGE74JXzVQZtM8%2FzTLvwdFiE6shvqY4ri%2BNvDMlkwaM5gsKAF2sfa1cYRjvtpfO4EVK5O9aNPVYfuoBrx5xMhWif5pJKWhNxRqkV6%2FpMykM1clyRKOSp3HM%2FFsATgfz%2B%2FztNlqPuBFiSuZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
6fda0b0dadaf90bb-FRA
cf-bgj
minify
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4644b71b73aaf556af87f4e00f7a5012ed0b422cd69b5b620dec8f661f1276ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
listCsConfig
05ad102600450ad3.galleon.mobi/hall/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://05ad102600450ad3.galleon.mobi/hall/listCsConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app-669917.galleon.mobi
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Token,Content-Type,Tz
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fda0b112b5f9bb2-FRA
date
Mon, 18 Apr 2022 02:41:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3nJZe%2F3EyfUUgtBhTK2%2BwFUY13uwaUxBAARlay9Lce6HFsCJeNFaHd5edSyy7%2BIDJNcKaBwzQZMQutq1WN6okaeg9juAI0ttomCvD6beRJcWNBXQeejo5Z97W175PMleRUtYFkZ5Gc0e7SsDcN4LbVl%2FwcoFwSCHOBlAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
x-content-type-options
nosniff
x-request-id
FubdXRlHmR422mUA9qmB
btn_huiyuan.0abe9d4a.png
app-669917.galleon.mobi/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/btn_huiyuan.0abe9d4a.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0979d7d62ff6c5d3d1226867f75d84446c01761e7d53f92667aed84b528028b5
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7065
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-1b99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHUqrKW4crZFIMTaCcUzQcTsDbxWvWlFLTTJEsMt0wicKkWayjr7KuIsFz2VUGKi8iFfJmZsJrY2vxfemMAFvXln2EmdfHSNFXouf%2FyoWcr1je%2BccdCSfqBdPyJ%2BthVRbJh5b2%2BkWYirDanZs2uKR65YEUxF6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b109f7a90bb-FRA
btn_yuebao.e945c8f8.png
app-669917.galleon.mobi/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/btn_yuebao.e945c8f8.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4472becf19e2ac6e7539327f00ac1e0cc849604ce7bfaaebecb0c4950d2278a7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4692
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-1254"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w94zgKDXfpWM54rScYfImNOmkpJUSiu%2Bu6vp2ol%2F%2FykaPdixpTdBx%2BFPM%2FcB9a%2BchpYdGtnmMA6kItKkspy3vwQyZ9KLHRuuvmuW48oDDYV9aT1j0PJsVH49gXKPoSX0HF%2Fi7AKVEc7wUQaMDHQvO%2BfhfKOrcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b109f7b90bb-FRA
yaoqing.d238f217.png
app-669917.galleon.mobi/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/yaoqing.d238f217.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419e94c3a3ddcf7c9129d0e680c161b8b2935f6bf3c638f9e4102f1e3768cd82
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6762
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-1a6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP1wQD%2FRoDs9IeFvUYc44qdKrv66I356IWp0c2kUihHg8A%2Fq7hXBDm72SR1dwmCVF%2BvTpNp0YlgAG%2FR%2BWTv6i%2BiI1EJ1tX6oZWdpGihWz1RfRVlHfcotfj9QhI%2FKJU3%2Bim0J9uFzJ3V6yZ7pNqE6E1u4iEL%2BGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b109f7e90bb-FRA
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bd46afd3ae85403858430fe4a6f7c14f5fc13c8809c517318e95bed1878abcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
btn_shouyi.5e0621d5.png
app-669917.galleon.mobi/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/btn_shouyi.5e0621d5.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72d69d00fd9f81c418796ae5e7696318b1d0b857ceb7c3b895128bcb64b86ecc
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6631
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-19e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwFjnXHyCr4SJGq5m0XvLpuW2axFBdL31SmT3cxDBADnGVBxsLGrgZZ3qEjO2%2BrF2ujfsykRV1rbvgaNxXBOtG2nksireAjt%2FFHnqJnqVdrfhy41EFIgPlexJTqOQlI4UWt9jKfDG89o411uTkYADUQeMK0lVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b109f7f90bb-FRA
btn_zhuanpan.2380e5f3.png
app-669917.galleon.mobi/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/btn_zhuanpan.2380e5f3.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/index
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a00c4bad0d86a7529a4c8dbbbdd30b1c196ce593a50a4cc586acba20ebbd251
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6052
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-17a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7YR4Mx6lqGLCnVp3483BoQfHrxj%2FTUr%2BBHrCW85pVF8YY9r9Qk3MnCA%2FxySxRZbrejy5nj1akziXJvmLTA%2BA3dHcvuE6%2BOQxvmf1e7TdTS%2FEhrwvXJvns%2Fvvd0sDz9KW%2B8fS2KGMWV11fhJ2bpD6ytEFUIkkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b109f8090bb-FRA
truncated
/ 		924 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b1adf65e9151921cddcceb48afcd9ee18048565ecd94932862dd8d424c45c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b17970b223d34963b7d8b3d1f1eaffbfdb4ea9c442d682d922617ad81fe4e6b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		977 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb5d61b118d85e4fa6f64d337323f82bbfbaadda4e1eaacd026d6cc57ed3c120

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d1bb6654758d590913b32c46bd04fcb77190eddd1591dc73dd947f75c9f3bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/ 		62 B
85 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 19:54:27 GMT
x-content-type-options
nosniff
age
456438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 22:59:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Apr 2023 19:54:27 GMT
bj.549ec8f5.png
app-669917.galleon.mobi/img/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/bj.549ec8f5.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04093687936d52b9fcc2f48735a0749f045f20203f8b773a3715c51ebc6b96f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
151334
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-24f26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Za5pbkdDWfDuumRha8Jh6YnO76dFDR9I49MZgcZKIM5AzH0BM4guw2kjEsy7BVoOCuf9WDzjdLOfSF8hmw2Seu0D%2BD09tR1IS2AmkEZcG4EXdOdVr%2FICNRnSRT6BVIzqvUP1i2%2BX66xiY93NfjDaAViPD6z%2BgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b10cf9c90bb-FRA
fb_button.00be5155.png
app-669917.galleon.mobi/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/fb_button.00be5155.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2f0e4bfa6ce040a7c33bc67fb5ec4827e2114c7e5cf5c51b28a56cd5bde5b0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7786
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-1e6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWFMAJvSta00IYLdBpCdJdgW0293zjFvlw4oqVOpVAKFIrZ6tiiIhWDb6UpPbS27rRoxfjKvSMwPv9LFIu4qK0CeU1eTaQInQelRpFZRd00ylyHZoPJ5SwG38ztEasquW5PYunyF0tGk%2BnZTgXr7YpvFJSMRBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b10cf9f90bb-FRA
gg_button.50200a77.png
app-669917.galleon.mobi/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/gg_button.50200a77.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d02dd316fafe1941547c625259af215cdb977e4272fc2f4879f7f6f352d9bd
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8423
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-20e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXoHbfDva%2FOAf27Ku1xCLj9Wxa%2BwgV%2BejUCYseH%2FF6tWqviQ8Nx0keDp4o%2B14vcpmsyHCrRFYTWfbl87j0aXdG%2B%2FWMulsGkDE2wKEYBb3BEZCacpqlpscZVROblXBxNShPWwsRTT%2FROkpnALTKe2CdOiVP2PWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b10cfa090bb-FRA
btn_kefu.c1eb10cf.png
app-669917.galleon.mobi/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/btn_kefu.c1eb10cf.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e90567e4d399d0efef332bdd3f818f0778bd5f22fd79b2e9e0f2a6f33a4a9e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10070
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-2756"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbuoZBhvoSI5aW%2BLnfESVf%2FgVWzSCFnI5PZCjjW4sVdTpyNSzBWbziyeaEWfo09Xj%2B57PKOr4aTxaIBqT%2FygfFYDj%2FKTJVdMQ4n3rvOGAcIQXnr7rLESl9XGKR4TN%2Fj9ZVc4pIe3C9dX56jmVppehH8A4X1sKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b10cfa290bb-FRA
fingerprint
ai.1122pro.com/v1/ 		40 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ai.1122pro.com/v1/fingerprint?app_key=app001
Requested by
Host: ai.1122pro.com
URL: https://ai.1122pro.com/v2/traceinstall.js?app_key=app001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.11.88 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
47e952df48941af403a87d20e5b2645084fd13b5ed4923f9985ef4ed0b9e45cc
Security Headers
Name Value
Strict-Transport-Security max-age=36000;includeSubDomains

Request headers

Referer
https://app-669917.galleon.mobi/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
server
nginx/1.20.1
strict-transport-security
max-age=36000;includeSubDomains
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
*
x-daa-tunnel
hop_count=1
x-nws-log-uuid
cce1738e-5c0f-47e3-bc73-8d649f1394cb
access-control-allow-headers
*
content-length
40
login.6e73be56.png
app-669917.galleon.mobi/img/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-669917.galleon.mobi/img/login.6e73be56.png
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34abb67997758047d53815e3f7c476a73703e8d4273170a4a3e3fac9703cd18
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-669917.galleon.mobi/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19839
last-modified
Tue, 12 Apr 2022 10:43:34 GMT
server
cloudflare
etag
"625557d6-4d7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkMYiHj7x3CzY4TKUQufIUGjLqBc7a4zSdP5iY7tROYAhjYMR8zrrHGxNyl4%2F%2FBgL7N104gDQNh5yPCuNTFGh88fr1SZpONlgzs%2F6d80CSOmTdKud4%2FHibFVmz5myVE%2FmZXKSlV0jnYtkdSbLbvwBapVmoqniA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6fda0b10dfaf90bb-FRA
listCsConfig
05ad102600450ad3.galleon.mobi/hall/ 		245 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://05ad102600450ad3.galleon.mobi/hall/listCsConfig
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/js/app.b72a261d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18e338071314f120b386d90b78cfc8c721ee37ba9bb58ab9dd5c26f2ff878c1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://app-669917.galleon.mobi/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
FubdXS6v8ayNrhoA9qoB
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1mEQ4y%2F6YjJABhcocyy7Roq4sX1LUDOPGk9RUDmCixEJhZmewdoGJCoPup2DIxW2fFVHU8sAHIrFu7bRyzH%2BEy97V%2Ba4rDwqrJFa5zUdXPER1BYo8h6%2F3nHDrPOSL4a3ZjmUcTX12%2F%2FR9dXDMjVUUl9LQyw2zZOmIWMVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
6fda0b138e4c9bbe-FRA
iframe
accounts.google.com/o/oauth2/ Frame 3F1A 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I13-EL4NYtQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8kfO5_tzH3I_uDPUBAcVFwZfiR6w/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
266a197dc4bff0e4edbb3716ae95b501846efdaad05f5a20f1639c4cc594e2a6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1q3l1rxLB8tUG3x9huS4Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app-669917.galleon.mobi/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1q3l1rxLB8tUG3x9huS4Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 02:41:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 3F1A 		2 KB
848 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: app-669917.galleon.mobi
URL: https://app-669917.galleon.mobi/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
abc04c968c0de80e103be5a164338ca12a06aa24e98daf982fba00cd6fe4fcdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Mon, 18 Apr 2022 02:41:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.gXKQhrzT1to.es5.O/d=1/rs=AOaEmlHR-M-b4zk2xwvr1-DWiurgL6R8kw/ Frame 3F1A 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.gXKQhrzT1to.es5.O/d=1/rs=AOaEmlHR-M-b4zk2xwvr1-DWiurgL6R8kw/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be2e6dc7bda6016d686a7f3b558dc0236fa199d87ce1b1ab9ad7d925989d1539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 01:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
520988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33680
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 04:41:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Apr 2023 01:58:37 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 3F1A 		50 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fapp-669917.galleon.mobi&client_id=945044638947-5klgk1ubdpos381q4jvo31otqnqmfgo0.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.gXKQhrzT1to.es5.O/d=1/rs=AOaEmlHR-M-b4zk2xwvr1-DWiurgL6R8kw/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rjbHYJE6WwoeyKPLUdubEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 02:41:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-rjbHYJE6WwoeyKPLUdubEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires
Mon, 18 Apr 2022 02:41:45 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| FB object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| TraceInstall object| webpackJsonp number| _vueCountryIntl_count

2 Cookies

Domain/Path Name / Value
.app-669917.galleon.mobi/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=r3XirZG1LIMvOyQmUTaQ2_YGFAQ7h76XK3rz6bf5wbBjzaFpmKW8_66lXPGNioakrWT8yHm7mGIaMF8HROuSdBeWu9pB7D2msr7xVa7_17i0TV5XyN8pVbrz9__X6m3e44h_Ed1abbLZhWayGjglgbMShvNJI25zcJ7ODuniwbQ

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05ad102600450ad3.galleon.mobi
accounts.google.com
ai.1122pro.com
apis.google.com
app-669917.galleon.mobi
connect.facebook.net
www.facebook.com
www.gstatic.com
101.33.11.88
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3120::7
2a06:98c1:3121::7
0979d7d62ff6c5d3d1226867f75d84446c01761e7d53f92667aed84b528028b5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
266a197dc4bff0e4edbb3716ae95b501846efdaad05f5a20f1639c4cc594e2a6
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
2b1adf65e9151921cddcceb48afcd9ee18048565ecd94932862dd8d424c45c05
32deeb2218d25ca73b466aed5ca7a945e0ee3dca44c4e84ac31b3d4971757c87
419e94c3a3ddcf7c9129d0e680c161b8b2935f6bf3c638f9e4102f1e3768cd82
41ca1bfa82c913c380f7f4f2723de2db977dbaefdb1cc85ec96bffe80ea2576f
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
43b7521ea585e87e91b18997ee5379ede78253c789634a41e6f313e34b410124
4472becf19e2ac6e7539327f00ac1e0cc849604ce7bfaaebecb0c4950d2278a7
4644b71b73aaf556af87f4e00f7a5012ed0b422cd69b5b620dec8f661f1276ed
47e952df48941af403a87d20e5b2645084fd13b5ed4923f9985ef4ed0b9e45cc
47f56fe2f93be5eb7bff7fff1798b83f6fb54c43f9db87638355775d7bdeabd5
4a00c4bad0d86a7529a4c8dbbbdd30b1c196ce593a50a4cc586acba20ebbd251
4bd46afd3ae85403858430fe4a6f7c14f5fc13c8809c517318e95bed1878abcc
4d1bb6654758d590913b32c46bd04fcb77190eddd1591dc73dd947f75c9f3bd0
72d69d00fd9f81c418796ae5e7696318b1d0b857ceb7c3b895128bcb64b86ecc
8f2f0e4bfa6ce040a7c33bc67fb5ec4827e2114c7e5cf5c51b28a56cd5bde5b0
99600daf91d0c9553b7ab749eb0872246786261853d544dce87e8fd5850d755a
a5de6587f20288172a4e499f34200a8bde3cb11c9c8678e35dffea539e8d51b9
abc04c968c0de80e103be5a164338ca12a06aa24e98daf982fba00cd6fe4fcdb
b17970b223d34963b7d8b3d1f1eaffbfdb4ea9c442d682d922617ad81fe4e6b9
b34abb67997758047d53815e3f7c476a73703e8d4273170a4a3e3fac9703cd18
bb5d61b118d85e4fa6f64d337323f82bbfbaadda4e1eaacd026d6cc57ed3c120
be2e6dc7bda6016d686a7f3b558dc0236fa199d87ce1b1ab9ad7d925989d1539
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e90567e4d399d0efef332bdd3f818f0778bd5f22fd79b2e9e0f2a6f33a4a9e
f04093687936d52b9fcc2f48735a0749f045f20203f8b773a3715c51ebc6b96f
f1224bbb7e9d2eeaf71044aca992ffbca9cfeb706a78012cae80dead8cd1dd8d
f18e338071314f120b386d90b78cfc8c721ee37ba9bb58ab9dd5c26f2ff878c1
f1d02dd316fafe1941547c625259af215cdb977e4272fc2f4879f7f6f352d9bd
f7dff45b3f203fa2066e99123c0264da5c4b1d6ce7acde3a079c03b831755d34