gloomcraft.site Open in urlscan Pro
185.27.134.228 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html
Effective URL:
https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1
Submission Tags: falconsandbox
Submission: On June 11 via api (June 11th 2024, 1:29:32 pm UTC) from US — Scanned from GB

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 185.27.134.228, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is gloomcraft.site.
TLS certificate: Issued by R3 on May 19th 2024. Valid for: 3 months.

This is the only time gloomcraft.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	185.27.134.228 185.27.134.228	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
16	4

6 185.27.134.228 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

gloomcraft.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gloomcraft.site gloomcraft.site	92 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	3 KB
4	gstatic.com fonts.gstatic.com	94 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 95
16	4

	Domain	Requested by
6	gloomcraft.site	gloomcraft.site
5	fonts.googleapis.com	gloomcraft.site
4	fonts.gstatic.com	fonts.googleapis.com
1	www.youtube.com	gloomcraft.site
16	4

This site contains no links.

Subject Issuer	Validity	Valid
gloomcraft.site R3	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1
Frame ID: 70FF9C344A0C4EFEA6E78ADD6D284185
Requests: 15 HTTP requests in this frame

Frame: https://www.youtube.com/embed/e1V_SLyEGJk
Frame ID: B1E06FE5863B1862679F2405CB09996C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html Page URL
https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1 Page URL

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Page Statistics

16
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

189 kB
Transfer

219 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html Page URL
https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK HowToKCUEFN.html Show response
gloomcraft.site/ContentHolder/HowToKCUEFN/ 869 B
713 B 569ms
57ms Document
text/html 185.27.134.228
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.228 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7d2a910855003c8e9f2f50fc852c6ff404fe03f886b19e5c98d7f58b28159d96

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Tue, 11 Jun 2024 13:29:25 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK aes.js Show response
gloomcraft.site/ 13 KB
5 KB 57ms
57ms Script
application/javascript 185.27.134.228
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gloomcraft.site/aes.js
Requested by: Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.228 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 13:29:25 GMT
Content-Encoding: br
Last-Modified: Sun, 15 Oct 2023 17:08:27 GMT
Server: nginx
ETag: W/"652c1c8b-35a5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK Primary Request HowToKCUEFN.html Show response
gloomcraft.site/ContentHolder/HowToKCUEFN/ 7 KB
2 KB 63ms
63ms Document
text/html 185.27.134.228
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1
Requested by: Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.228 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: e9c44f4c78679040bdb5100246217d10f42a3543d7dc6137b7afa173fd607ae9

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Tue, 11 Jun 2024 13:29:25 GMT
ETag: W/"1c3f-60deac6c2caf8"
Expires: Thu, 11 Jul 2024 13:29:25 GMT
Last-Modified: Mon, 01 Jan 2024 23:31:08 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK HowToKCUEFN.css
gloomcraft.site/ContentHolder/HowToKCUEFN/ 5 KB
1 KB 61ms
61ms Stylesheet
text/css 185.27.134.228
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.css
Requested by: Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.228 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: dadd80a953213034e4333476acc343fe08f34cd4ee216a633212e5793d7befc2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 13:29:25 GMT
Content-Encoding: br
Last-Modified: Fri, 29 Dec 2023 20:03:47 GMT
Server: nginx
ETag: W/"1537-60dab87b9a820"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Thu, 11 Jul 2024 13:29:25 GMT

GET
H2 200 e1V_SLyEGJk
www.youtube.com/embed/ Frame B1E0 0
0 239ms
127ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/e1V_SLyEGJk

Requested by

Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://gloomcraft.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 13:29:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 178ms
62ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Balsamiq+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6074d959d42ec8d0c43b43e78c58515db8bd0f56da0ad2eddd13a114eec5e4fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 13:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 13:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 13:29:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
511 B 181ms
66ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Akaya+Telivigala:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b3e46d8e8c40c6e2983fd4969cb15f7631c68ff49d9f3b39e0308a2119842f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 13:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 13:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 13:29:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 819 B
455 B 179ms
64ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Archivo+Black:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

266e2b697b92e8ec25ed5778b6043deeae29b496051e455fb6150874a3e2911b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 13:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 13:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 13:29:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
640 B 189ms
74ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Baloo+Thambi+2:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aca55f43a2213cfce3a16568e5c5dd8be902c7eb204dd773124f73553f78f79c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 13:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 13:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 13:29:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
577 B 185ms
71ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1fb59a493c6ef06997fc23a1555b41c4e2563553f65826565e248986635fc26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 13:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 13:29:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 13:29:27 GMT

GET
H/1.1 200
OK MinecraftTen-VGORe.ttf
gloomcraft.site/ 7 KB
7 KB 61ms
61ms Font
application/x-font-ttf 185.27.134.228
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gloomcraft.site/MinecraftTen-VGORe.ttf
Requested by: Host: gloomcraft.site
URL: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.228 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 38b2597635531a26b0772a1dc6c460582be2f4df24ed467855702c60dc307426

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.css
Origin: https://gloomcraft.site
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 13:29:26 GMT
Last-Modified: Fri, 27 Oct 2023 22:53:49 GMT
Server: nginx
ETag: "1bcc-608ba8fc88b80"
Content-Type: application/x-font-ttf
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7116
Expires: Tue, 11 Jun 2024 13:29:26 GMT

GET
H2 200 P5sZzZiAbNrN8SB3lQQX7PncyWUyNYhsAg.woff2
fonts.gstatic.com/s/balsamiqsans/v14/ 28 KB
28 KB 185ms
72ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/balsamiqsans/v14/P5sZzZiAbNrN8SB3lQQX7PncyWUyNYhsAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Balsamiq+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adf831a4491b84bc989fa0e59e0df0d9ece8f6717d43c153b102925e9a78584f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gloomcraft.site
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 09:21:17 GMT
x-content-type-options: nosniff
age: 14891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28924
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:59:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 09:21:17 GMT

GET
H2 200 cY9cfjeOW0NHpmOQXranrbDyu7hADpI.woff2
fonts.gstatic.com/s/baloothambi2/v17/ 30 KB
30 KB 233ms
131ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloothambi2/v17/cY9cfjeOW0NHpmOQXranrbDyu7hADpI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Baloo+Thambi+2:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4c42466fb7763594af2d3fe4035eedd76d2c7645da31334140371a09ff44e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gloomcraft.site
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:48:44 GMT
x-content-type-options: nosniff
age: 6044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30452
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:45:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:48:44 GMT

GET
H2 200 9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2
fonts.gstatic.com/s/atkinsonhyperlegible/v11/ 17 KB
18 KB 155ms
54ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/atkinsonhyperlegible/v11/9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8e8b1e0e929651439e25e23ade4b9d6cac073f2444aadb8e8b85431726c2036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gloomcraft.site
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:28:42 GMT
x-content-type-options: nosniff
age: 7246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17616
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:56:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:28:42 GMT

GET
H2 200 HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2
fonts.gstatic.com/s/archivoblack/v21/ 18 KB
18 KB 266ms
164ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/archivoblack/v21/HTxqL289NzCGg4MzN6KJ7eW6CYyF_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo+Black:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gloomcraft.site
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:21:03 GMT
x-content-type-options: nosniff
age: 7705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18604
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:16:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:21:03 GMT

GET
H/1.1 200
OK favicon.ico
gloomcraft.site/ 75 KB
75 KB 60ms
59ms Other
image/x-icon 185.27.134.228
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gloomcraft.site/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.228 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7801b4741bd1148b53ecefa16eef2c64f1edc81b5dbb413f9b65e6136167cc7b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gloomcraft.site/ContentHolder/HowToKCUEFN/HowToKCUEFN.html?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 13:29:26 GMT
Last-Modified: Fri, 27 Oct 2023 22:53:16 GMT
Server: nginx
ETag: "12b82-608ba8dd34b30"
Content-Type: image/x-icon
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76674
Expires: Thu, 11 Jul 2024 13:29:26 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| downloadModel

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gloomcraft.site/	1970-01-21 06:51:12	Name: __test Value: 75a27ec8cbc127f7f07f54a83ecc314e
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 0ebSCCupL4w
.youtube.com/	1970-01-21 01:34:24	Name: VISITOR_INFO1_LIVE Value: B7Qry7ghyz8
.youtube.com/	1970-01-21 01:34:24	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgSw%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
gloomcraft.site
www.youtube.com
185.27.134.228
2a00:1450:4001:80b::2003
2a00:1450:4001:812::200e
2a00:1450:4001:81d::200a
1fb59a493c6ef06997fc23a1555b41c4e2563553f65826565e248986635fc26b
25f33e61cf995abd6be62931cf03bf427286259177b43618cc410ee0157cfd30
266e2b697b92e8ec25ed5778b6043deeae29b496051e455fb6150874a3e2911b
2b3e46d8e8c40c6e2983fd4969cb15f7631c68ff49d9f3b39e0308a2119842f0
38b2597635531a26b0772a1dc6c460582be2f4df24ed467855702c60dc307426
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
6074d959d42ec8d0c43b43e78c58515db8bd0f56da0ad2eddd13a114eec5e4fb
7801b4741bd1148b53ecefa16eef2c64f1edc81b5dbb413f9b65e6136167cc7b
7d2a910855003c8e9f2f50fc852c6ff404fe03f886b19e5c98d7f58b28159d96
aca55f43a2213cfce3a16568e5c5dd8be902c7eb204dd773124f73553f78f79c
adf831a4491b84bc989fa0e59e0df0d9ece8f6717d43c153b102925e9a78584f
d8e8b1e0e929651439e25e23ade4b9d6cac073f2444aadb8e8b85431726c2036
dadd80a953213034e4333476acc343fe08f34cd4ee216a633212e5793d7befc2
e4c42466fb7763594af2d3fe4035eedd76d2c7645da31334140371a09ff44e63
e9c44f4c78679040bdb5100246217d10f42a3543d7dc6137b7afa173fd607ae9

gloomcraft.site Open in urlscan Pro 185.27.134.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

189 kBTransfer

219 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

4 Cookies

Indicators

gloomcraft.site Open in urlscan Pro
185.27.134.228 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

189 kB
Transfer

219 kB
Size

4
Cookies

16 HTTP transactions
0 data transactions