service-2862.something.gg Open in urlscan Pro
94.130.96.138  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response service-2862.something.gg/	3 KB 3 KB	72ms 36ms	Document text/html	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Express Resource Hash a5008e9b1660904726aba60368d42271215cfd4e1c2c9a5f724e497745322745 Request headers :method GET :authority service-2862.something.gg :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers accept-ranges bytes cache-control public, max-age=0 content-type text/html; charset=UTF-8 date Tue, 31 Aug 2021 08:39:42 GMT etag W/"b76-17b0dc8ebe2" last-modified Tue, 03 Aug 2021 20:51:16 GMT x-powered-by Express content-length 2934
GET H2	200	css fonts.googleapis.com/	4 KB 714 B	14ms 13ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,900 Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 94759955b4a0b904fc9a545e07e6820805e1dd5b9409c7669ad7435f00fe1a21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 31 Aug 2021 07:12:39 GMT server ESF date Tue, 31 Aug 2021 08:39:42 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 Aug 2021 08:39:42 GMT
GET H2	200	css fonts.googleapis.com/	4 KB 704 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,700 Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 31 Aug 2021 08:05:59 GMT server ESF date Tue, 31 Aug 2021 08:39:42 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 31 Aug 2021 08:39:42 GMT
GET H2	200	style.css service-2862.something.gg/	118 KB 119 KB	37ms 35ms	Stylesheet text/css	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://service-2862.something.gg/style.css Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Express Resource Hash 7250782a358e2b4a7d227ae585c4a170ca2b9cf6454fbbe083e2c7fdb85bc2d5 Request headers :path /style.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority service-2862.something.gg referer https://service-2862.something.gg/ :scheme https sec-fetch-site same-origin :method GET Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT last-modified Tue, 03 Aug 2021 20:29:34 GMT x-powered-by Express etag W/"1d98c-17b0db50bb0" content-type text/css; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 121228
GET H2	200	platform.js Show response apis.google.com/js/	54 KB 21 KB	31ms 29ms	Script application/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ccf992272ca07210a1730647f576070cb2f84d25fb83cda6841fc8149a9c75c2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-RkK3/9+Yazhb/+zr+rBziw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge, chrome=1 server ESF x-frame-options SAMEORIGIN etag "328ceb56a412d80ce2a0e35ff577142d" strict-transport-security max-age=31536000 content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 content-security-policy script-src 'report-sample' 'nonce-RkK3/9+Yazhb/+zr+rBziw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport timing-allow-origin * expires Tue, 31 Aug 2021 08:39:42 GMT
GET H2	404	noprof.jpg itchat.ausus.repl.co/	0 0	515ms 162ms	Image text/html	35.186.245.55 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://itchat.ausus.repl.co/noprof.jpg Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 55.245.186.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	200	socket.io.js Show response service-2862.something.gg/socket.io/	181 KB 36 KB	95ms 94ms	Script application/javascript	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://service-2862.something.gg/socket.io/socket.io.js Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Resource Hash df7b72cde32152b0b46d79515ae78fd75239b7e2b570e461c674b859388c4925 Request headers :path /socket.io/socket.io.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority service-2862.something.gg referer https://service-2862.something.gg/ :scheme https sec-fetch-site same-origin :method GET Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT content-encoding gzip cache-control public, max-age=0 etag "4.1.3" content-type application/javascript
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	9ms 8ms	Script application/javascript	2001:4de0:ac18::1:a:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT content-encoding gzip last-modified Sat, 20 Jan 2018 17:26:44 GMT server nginx etag W/"5a637bd4-1538f" vary Accept-Encoding x-hw 1630399182.dop109.fr8.t,1630399182.cds292.fr8.hn,1630399182.cds002.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30288
GET H2	200	nedry.gif service-2862.something.gg/	28 KB 28 KB	64ms 63ms	Image image/gif	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://service-2862.something.gg/nedry.gif Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Express Resource Hash 0c2697a41aac768f6c190ab0e4966619bd037d232036cff7650502c3f502df6c Request headers :path /nedry.gif pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority service-2862.something.gg referer https://service-2862.something.gg/ :scheme https sec-fetch-site same-origin :method GET Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT last-modified Tue, 03 Aug 2021 20:29:34 GMT x-powered-by Express etag W/"6f61-17b0db50bb0" content-type image/gif cache-control public, max-age=0 accept-ranges bytes content-length 28513
GET H2	200	main.js Show response service-2862.something.gg/	13 KB 13 KB	63ms 62ms	Script application/javascript	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://service-2862.something.gg/main.js Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Express Resource Hash 5113daafb11f6ff27bd13d5ab8ef63e31bfb604260d8e6e3ec79f8bf795c2ff4 Request headers :path /main.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority service-2862.something.gg referer https://service-2862.something.gg/ :scheme https sec-fetch-site same-origin :method GET Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT last-modified Mon, 23 Aug 2021 08:24:33 GMT x-powered-by Express etag W/"3398-17b721c78f7" content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 accept-ranges bytes content-length 13208
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://service-2862.something.gg Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 11:31:42 GMT x-content-type-options nosniff age 248880 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:35 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Aug 2022 11:31:42 GMT
GET H2	200	KFOlCnqEu92Fr1MmYUtfBBc4.woff2 fonts.gstatic.com/s/roboto/v27/	15 KB 15 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://service-2862.something.gg Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 22:32:35 GMT x-content-type-options nosniff age 554827 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15724 x-xss-protection 0 last-modified Mon, 05 Apr 2021 21:10:50 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 22:32:35 GMT
GET H3-29	200	mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 fonts.gstatic.com/s/opensans/v23/	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://service-2862.something.gg Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 24 Aug 2021 14:28:00 GMT x-content-type-options nosniff age 583902 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15112 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:23:34 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 24 Aug 2022 14:28:00 GMT
GET H2	200	/ Show response service-2862.something.gg/socket.io/	97 B 142 B	35ms 35ms	XHR text/plain	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://service-2862.something.gg/socket.io/?EIO=4&transport=polling&t=NkRNJNA Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/socket.io/socket.io.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Resource Hash 9b6efc5c6fb8c1c00789fdad146187eb187f8170fc6639839c77a71d39f7a5c8 Request headers :path /socket.io/?EIO=4&transport=polling&t=NkRNJNA pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority service-2862.something.gg referer https://service-2862.something.gg/ :scheme https sec-fetch-site same-origin :method GET Accept */* Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT content-length 97 content-type text/plain; charset=UTF-8
GET H3-29	200	cb=gapi.loaded_0 Show response apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UYHeVG_mX5s.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPDcESMLF74mIvk5CKxuCjzYIf5XA/	138 KB 46 KB	23ms 7ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UYHeVG_mX5s.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPDcESMLF74mIvk5CKxuCjzYIf5XA/cb=gapi.loaded_0 Requested by Host: apis.google.com URL: https://apis.google.com/js/platform.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 417a593ea7200afcd86cbb04b96a05793311a477c34c760f299f2186574d9975 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 28 Aug 2021 11:25:18 GMT content-encoding gzip x-content-type-options nosniff age 249264 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47448 x-xss-protection 0 last-modified Mon, 23 Aug 2021 18:17:31 GMT server sffe vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Sun, 28 Aug 2022 11:25:18 GMT
GET H2	200	iframe Show response accounts.google.com/o/oauth2/ Frame C39A	513 B 925 B	61ms 41ms	Document text/html	2a00:1450:4001:82f::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframe Requested by Host: apis.google.com URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.UYHeVG_mX5s.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCPDcESMLF74mIvk5CKxuCjzYIf5XA/cb=gapi.loaded_0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b0e0c11d73715fefa8e8aa8619569160369782ee50784d525827bbcd8225f750 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Z2fZuMR5z4epY2hzqJP7dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority accounts.google.com :scheme https :path /o/oauth2/iframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://service-2862.something.gg/ accept-encoding gzip, deflate, br accept-language en-US cookie NID=222=DjMHW45fVaKDBTh-edrH1GeyqRx9mAPnuCo-Huewbw1vYM9885ZPhdoBx1wn5o30xzlLMFvqPYZ3Eo3J6S1yK4ZZLg0iZm8V-w7dknVZ7Vg_T8cugVW69Lpfq2vo8hXODc3GXpxEYmjPkzSq-8eaqJ7KwtSQNqLmBV4zZgzsjKo Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://service-2862.something.gg/ Response headers content-type text/html; charset=utf-8 cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 31 Aug 2021 08:39:42 GMT content-language en-US content-security-policy script-src 'report-sample' 'nonce-Z2fZuMR5z4epY2hzqJP7dQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport content-encoding gzip server ESF x-xss-protection 0 x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	/ Show response service-2862.something.gg/socket.io/	2 B 34 B	35ms 35ms	XHR text/html	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://service-2862.something.gg/socket.io/?EIO=4&transport=polling&t=NkRNJO2&sid=qFCPDlG7tcmPS0vxAAAC Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/socket.io/socket.io.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers sec-fetch-mode cors origin https://service-2862.something.gg accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty cookie G_ENABLED_IDPS=google content-length 2 :path /socket.io/?EIO=4&transport=polling&t=NkRNJO2&sid=qFCPDlG7tcmPS0vxAAAC pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 content-type text/plain;charset=UTF-8 accept */* cache-control no-cache :authority service-2862.something.gg referer https://service-2862.something.gg/ :scheme https sec-fetch-site same-origin :method POST Accept */* Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers date Tue, 31 Aug 2021 08:39:42 GMT content-length 2 content-type text/html
GET H2	200	/ Show response service-2862.something.gg/socket.io/	32 B 57 B	35ms 34ms	XHR text/plain	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://service-2862.something.gg/socket.io/?EIO=4&transport=polling&t=NkRNJO3&sid=qFCPDlG7tcmPS0vxAAAC Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/socket.io/socket.io.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Resource Hash 6c91e4a8bfd806823a75569b78a6e1514fb1290f19cc6a7cb7161a628948f5ed Request headers :path /socket.io/?EIO=4&transport=polling&t=NkRNJO3&sid=qFCPDlG7tcmPS0vxAAAC pragma no-cache cookie G_ENABLED_IDPS=google accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority service-2862.something.gg referer https://service-2862.something.gg/ :scheme https sec-fetch-site same-origin :method GET Accept */* Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT content-length 32 content-type text/plain; charset=UTF-8
GET H2	200	/ Show response service-2862.something.gg/socket.io/	1 B 25 B	178ms 177ms	XHR text/plain	94.130.96.138 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://service-2862.something.gg/socket.io/?EIO=4&transport=polling&t=NkRNJOe&sid=qFCPDlG7tcmPS0vxAAAC Requested by Host: service-2862.something.gg URL: https://service-2862.something.gg/socket.io/socket.io.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.96.138 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.138.96.130.94.clients.your-server.de Software / Resource Hash e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683 Request headers :path /socket.io/?EIO=4&transport=polling&t=NkRNJOe&sid=qFCPDlG7tcmPS0vxAAAC pragma no-cache cookie G_ENABLED_IDPS=google accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority service-2862.something.gg referer https://service-2862.something.gg/ :scheme https sec-fetch-site same-origin :method GET Accept */* Referer https://service-2862.something.gg/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 08:39:42 GMT content-length 1 content-type text/plain; charset=UTF-8
GET H2	200	4172457829-idpiframe.js Show response ssl.gstatic.com/accounts/o/ Frame C39A	116 KB 40 KB	27ms 7ms	Script text/javascript	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.gstatic.com/accounts/o/4172457829-idpiframe.js Requested by Host: accounts.google.com URL: https://accounts.google.com/o/oauth2/iframe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b7e6f2bcc8414315f6758234e5c93075673eab353d4f50161a386cefb352704 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 21:47:13 GMT content-encoding gzip x-content-type-options nosniff age 39149 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40512 x-xss-protection 0 last-modified Fri, 27 Aug 2021 00:29:47 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 30 Aug 2022 21:47:13 GMT
GET H3-29	200	iframerpc Show response accounts.google.com/o/oauth2/ Frame C39A	14 B 58 B	69ms 54ms	XHR application/json	2a00:1450:4001:82f::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fservice-2862.something.gg&client_id=194622681051-0e0k6kc9vr4v4mln20v2bb3q06kg3ouq.apps.googleusercontent.com Requested by Host: ssl.gstatic.com URL: https://ssl.gstatic.com/accounts/o/4172457829-idpiframe.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://accounts.google.com/o/oauth2/iframe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 X-Requested-With XmlHttpRequest Response headers date Tue, 31 Aug 2021 08:39:42 GMT content-encoding gzip x-content-type-options nosniff server ESF content-type application/json; charset=utf-8 cache-control public, max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Tue, 31 Aug 2021 09:39:42 GMT

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| gapi object| ___jsl function| io function| $ function| jQuery string| selectedProfile function| signOut number| state undefined| time undefined| date undefined| mesTime undefined| email undefined| profile_image_url boolean| is_muted boolean| typing undefined| timeout function| rename object| socket function| requestUserProfile function| handleMediaUrl function| reply function| send function| isEmpty function| slideAnimation object| pattern number| current function| keyHandler function| readThenSendFile object| osapi

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 01:16:50	Name: NID Value: 222=DjMHW45fVaKDBTh-edrH1GeyqRx9mAPnuCo-Huewbw1vYM9885ZPhdoBx1wn5o30xzlLMFvqPYZ3Eo3J6S1yK4ZZLg0iZm8V-w7dknVZ7Vg_T8cugVW69Lpfq2vo8hXODc3GXpxEYmjPkzSq-8eaqJ7KwtSQNqLmBV4zZgzsjKo
			.service-2862.something.gg/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
itchat.ausus.repl.co
service-2862.something.gg
ssl.gstatic.com
2001:4de0:ac18::1:a:3b
2a00:1450:4001:80f::200e
2a00:1450:4001:813::200a
2a00:1450:4001:82f::200d
2a00:1450:4001:831::2003
35.186.245.55
94.130.96.138
0c2697a41aac768f6c190ab0e4966619bd037d232036cff7650502c3f502df6c
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
417a593ea7200afcd86cbb04b96a05793311a477c34c760f299f2186574d9975
5113daafb11f6ff27bd13d5ab8ef63e31bfb604260d8e6e3ec79f8bf795c2ff4
6c91e4a8bfd806823a75569b78a6e1514fb1290f19cc6a7cb7161a628948f5ed
7250782a358e2b4a7d227ae585c4a170ca2b9cf6454fbbe083e2c7fdb85bc2d5
7b7e6f2bcc8414315f6758234e5c93075673eab353d4f50161a386cefb352704
87e5e6d5eea4dd359d5653e1e448a52c6ea8405acf6c97fc44d50aa6ec48bfc3
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
94759955b4a0b904fc9a545e07e6820805e1dd5b9409c7669ad7435f00fe1a21
9b6efc5c6fb8c1c00789fdad146187eb187f8170fc6639839c77a71d39f7a5c8
a5008e9b1660904726aba60368d42271215cfd4e1c2c9a5f724e497745322745
b0e0c11d73715fefa8e8aa8619569160369782ee50784d525827bbcd8225f750
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccf992272ca07210a1730647f576070cb2f84d25fb83cda6841fc8149a9c75c2
df7b72cde32152b0b46d79515ae78fd75239b7e2b570e461c674b859388c4925
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683