clash0fgemsrewards.uphero.com Open in urlscan Pro
145.14.144.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://clash0fgemsrewards.uphero.com/confirmation.php
Submission: On May 24 via automatic, source phishtank (May 24th 2018, 12:09:47 pm UTC)

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 145.14.144.160, located in Netherlands and belongs to AWEX, US. The main domain is clash0fgemsrewards.uphero.com.

This is the only time clash0fgemsrewards.uphero.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	145.14.144.160 145.14.144.160	204915 (AWEX) (AWEX)
2 4	70.32.72.117 70.32.72.117	31815 (MEDIATEMPLE) (MEDIATEMPLE - Media Temple)
1 1	151.139.237.11 151.139.237.11	54104 (AS-STACKPATH) (AS-STACKPATH - netDNA)
1	151.101.12.133 151.101.12.133	54113 (FASTLY) (FASTLY - Fastly)
1	172.217.22.42 172.217.22.42	15169 (GOOGLE) (GOOGLE - Google LLC)
3	216.58.214.35 216.58.214.35	15169 (GOOGLE) (GOOGLE - Google LLC)
18	5

11 145.14.144.160 (Netherlands)

ASN204915 (AWEX, US)

clash0fgemsrewards.uphero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.32.72.117 (Culver City, United States) 2 redirects

ASN31815 (MEDIATEMPLE - Media Temple, Inc., US)
PTR: centos7-dv.kirupaforum.com

www.kirupa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.11 (Dallas, United States) 1 redirects

ASN54104 (AS-STACKPATH - netDNA, US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.42 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.214.35 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f35.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	uphero.com clash0fgemsrewards.uphero.com	1011 KB
4	kirupa.com 2 redirects www.kirupa.com	5 KB
3	gstatic.com fonts.gstatic.com	59 KB
1	googleapis.com fonts.googleapis.com	380 B
1	githubusercontent.com raw.githubusercontent.com	3 KB
1	rawgit.com 1 redirects cdn.rawgit.com	321 B
18	6

	Domain	Requested by
11	clash0fgemsrewards.uphero.com	clash0fgemsrewards.uphero.com
4	www.kirupa.com	2 redirects clash0fgemsrewards.uphero.com
3	fonts.gstatic.com	www.kirupa.com
1	fonts.googleapis.com	clash0fgemsrewards.uphero.com
1	raw.githubusercontent.com	clash0fgemsrewards.uphero.com
1	cdn.rawgit.com	1 redirects
18	6

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://clash0fgemsrewards.uphero.com/confirmation.php
Frame ID: 778DA4853642F42CECFA10825EFDD7AD
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Prefix-Free (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^PrefixFree$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i

Page Statistics

18
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

1078 kB
Transfer

1372 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_campaign=ss-footer_logo&utm_medium=000_logo&utm_content=website

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.kirupa.com/js/fallingsnow_v6.js HTTP 302
https://www.kirupa.com/js/fallingsnow_v6.js

Request Chain 1

http://www.kirupa.com/js/prefixfree.min.js HTTP 302
https://www.kirupa.com/js/prefixfree.min.js

Request Chain 2

https://cdn.rawgit.com/000webhost/logo/e9bd13f7/footer-powered-by-000webhost-white2.png HTTP 301
https://raw.githubusercontent.com/000webhost/logo/e9bd13f7/footer-powered-by-000webhost-white2.png

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request confirmation.php Show response
clash0fgemsrewards.uphero.com/ 11 KB
5 KB 223ms
112ms Document
text/html 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

d1c2749f31410879d6f06fe31a36d81a7dde568451135f6cdfaa1ad681429989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: clash0fgemsrewards.uphero.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 778DA4853642F42CECFA10825EFDD7AD

Response headers

Date: Thu, 24 May 2018 12:11:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: awex
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Request-ID: f670cc5efa67805a489699bb4afa93b5
Content-Encoding: gzip

GET
S

200

fallingsnow_v6.js Show response
www.kirupa.com/js/
Redirect Chain

http://www.kirupa.com/js/fallingsnow_v6.js
https://www.kirupa.com/js/fallingsnow_v6.js

5 KB
2 KB

281ms
94ms

Script
application/javascript

70.32.72.117
Media Temple

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kirupa.com/js/fallingsnow_v6.js
Requested by: Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php
Protocol: SPDY
Server: 70.32.72.117 Culver City, United States, ASN31815 (MEDIATEMPLE - Media Temple, Inc., US),
Reverse DNS: centos7-dv.kirupaforum.com
Software: nginx / PleskLin
Resource Hash: 483338d6787110023bb8ce536676d8204b695dd868e05ad51826215a01224bc4

Request headers

Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Thu, 24 May 2018 12:09:35 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2016 21:50:54 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"56ba5f3e-144a"
vary: Accept-Encoding
content-type: application/javascript
status: 200

Redirect headers

Location: https://www.kirupa.com/js/fallingsnow_v6.js
Date: Thu, 24 May 2018 12:09:35 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PleskLin
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1

GET
S

200

prefixfree.min.js Show response
www.kirupa.com/js/
Redirect Chain

http://www.kirupa.com/js/prefixfree.min.js
https://www.kirupa.com/js/prefixfree.min.js

5 KB
3 KB

280ms
93ms

Script
application/javascript

70.32.72.117
Media Temple

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kirupa.com/js/prefixfree.min.js
Requested by: Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php
Protocol: SPDY
Server: 70.32.72.117 Culver City, United States, ASN31815 (MEDIATEMPLE - Media Temple, Inc., US),
Reverse DNS: centos7-dv.kirupaforum.com
Software: nginx / PleskLin
Resource Hash: 68f0a78879654a0f8d35227d61d3ea004498fda82fbc8ddc814e97d8b1f64daa

Request headers

Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Thu, 24 May 2018 12:09:35 GMT
content-encoding: gzip
last-modified: Fri, 08 Feb 2013 13:54:03 GMT
server: nginx
x-powered-by: PleskLin
etag: W/"5115037b-15f2"
vary: Accept-Encoding
content-type: application/javascript
status: 200

Redirect headers

Location: https://www.kirupa.com/js/prefixfree.min.js
Date: Thu, 24 May 2018 12:09:35 GMT
Server: nginx
Connection: keep-alive
X-Powered-By: PleskLin
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

footer-powered-by-000webhost-white2.png
raw.githubusercontent.com/000webhost/logo/e9bd13f7/
Redirect Chain

https://cdn.rawgit.com/000webhost/logo/e9bd13f7/footer-powered-by-000webhost-white2.png
https://raw.githubusercontent.com/000webhost/logo/e9bd13f7/footer-powered-by-000webhost-white2.png

2 KB
3 KB

21ms
6ms

Image
image/png

151.101.12.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/000webhost/logo/e9bd13f7/footer-powered-by-000webhost-white2.png

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

736480857134b27d22d1999eeb1cdd4eb9ace8d0e2c2d739d26e27627fe2f9b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

X-Fastly-Request-ID: 5dc8593537520f96bd287c98cf30ff5947df5291
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Geo-Block-List
X-Cache: HIT
X-Cache-Hits: 35
Connection: keep-alive
Content-Length: 2046
ETag: "0f5fd2ab2ec3d340d0a8e148adae48104735921b"
X-Served-By: cache-fra19136-FRA
X-GitHub-Request-Id: 64CE:7805:5AFBDD:5FCDEA:5B06AB1F
X-Timer: S1527163775.372023,VS0,VE0
X-Frame-Options: deny
Date: Thu, 24 May 2018 12:09:35 GMT
Source-Age: 95
Vary: Authorization,Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: *
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=300
Accept-Ranges: bytes
Expires: Thu, 24 May 2018 12:14:35 GMT

Redirect headers

date: Thu, 24 May 2018 12:09:35 GMT
x-content-type-options: nosniff
server: NetDNA-cache/2.2
status: 301
location: https://raw.githubusercontent.com/000webhost/logo/e9bd13f7/footer-powered-by-000webhost-white2.png
x-cache: HIT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
strict-transport-security: max-age=31536000; preload
x-robots-tag: none
vary: Accept
content-length: 132
rawgit-cache-status: BYPASS

GET
H/1.1 404
Not Found jquery.min.js
clash0fgemsrewards.uphero.com/ 0
0 113ms
112ms Script
text/html 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

http://clash0fgemsrewards.uphero.com/jquery.min.js

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:11:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: awex
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: 9aeb9c21bfa2bf059c9e95382c32cab8

GET
H/1.1 200
OK header2.jpg
clash0fgemsrewards.uphero.com/images/ 130 KB
130 KB 238ms
129ms Image
image/jpeg 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://clash0fgemsrewards.uphero.com/images/header2.jpg

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

bf8fbcfafb26c262d71e4ca715d7f87fb3f29c55c59957e76512668a82271448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:09:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 11 Jun 2017 23:53:57 GMT
Server: awex
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 132740
X-Xss-Protection: 1; mode=block
X-Request-ID: 6c6e9934c06e6dfde104709bb9170b63

GET
H/1.1 200
OK tournament.png
clash0fgemsrewards.uphero.com/images/ 154 KB
154 KB 234ms
124ms Image
image/png 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://clash0fgemsrewards.uphero.com/images/tournament.png

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

3a6e10cd29aee8e6ac23ae980a4365bd9eaf5ab22e91918a47c7c72c47c9c830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:09:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 30 Apr 2017 11:17:08 GMT
Server: awex
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157333
X-Xss-Protection: 1; mode=block
X-Request-ID: 98f0056a10a6aaffece9f32bddb884c4

GET
H/1.1 200
OK gems.png
clash0fgemsrewards.uphero.com/images/ 53 KB
53 KB 235ms
124ms Image
image/png 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://clash0fgemsrewards.uphero.com/images/gems.png

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

dfdf3b0ad1c9b6c24fe691f02b7aa8a308d6e9af90f7bca464c58010bb0d2a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:11:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 30 Apr 2017 11:17:08 GMT
Server: awex
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54279
X-Xss-Protection: 1; mode=block
X-Request-ID: 95ad501aaa7ae9990e01f9acae191a59

GET
H/1.1 200
OK clashofclans.png
clash0fgemsrewards.uphero.com/images/ 98 KB
98 KB 235ms
122ms Image
image/png 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://clash0fgemsrewards.uphero.com/images/clashofclans.png

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

8bfb553dfe111be4da50bf98570d438a0534ea96be8ffe3c8e1d9d27ce422fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:09:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 30 Apr 2017 11:17:08 GMT
Server: awex
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99960
X-Xss-Protection: 1; mode=block
X-Request-ID: 1acbecd0c8d5b49d7fc316ea03fb44cb

GET
H/1.1 200
OK supercell.png
clash0fgemsrewards.uphero.com/images/ 2 KB
2 KB 235ms
123ms Image
image/png 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://clash0fgemsrewards.uphero.com/images/supercell.png

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

4e4255d70a750c7849d793c1c74904f82df04307499426f3b3042eeaa5a779ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:09:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 30 Apr 2017 11:17:08 GMT
Server: awex
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1653
X-Xss-Protection: 1; mode=block
X-Request-ID: 1857ed1bb8b7a6f363b64734594b4e2a

GET
H/1.1 404
Not Found jquery.min.js
clash0fgemsrewards.uphero.com/ 0
0 120ms
119ms Script
text/html 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

http://clash0fgemsrewards.uphero.com/jquery.min.js

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:09:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: awex
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: c868fba5a9d3af6afbedc90877481e15

GET
H/1.1 200
OK bootstrap.min.css
clash0fgemsrewards.uphero.com/ 147 KB
28 KB 112ms
112ms Stylesheet
text/css 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

http://clash0fgemsrewards.uphero.com/bootstrap.min.css

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

6cbef26a73c9d65172ac0084d51892f25feceebc662063328338acc46f2d9ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:09:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Jan 2018 15:35:05 GMT
Server: awex
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-Xss-Protection: 1; mode=block
X-Request-ID: ed6d3086ca20cc087f4c2d4e60503eb5

GET
H/1.1 200
OK background.png
clash0fgemsrewards.uphero.com/images/ 542 KB
542 KB 110ms
110ms Image
image/png 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://clash0fgemsrewards.uphero.com/images/background.png

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

42749bb69066019bf8409ccb37303644bc3f0a1c42a273d6eff66fa4cfea357a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Thu, 24 May 2018 12:09:35 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 30 Apr 2017 11:17:08 GMT
Server: awex
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 554499
X-Xss-Protection: 1; mode=block
X-Request-ID: b3b03615ebfc49ec22e6a95dc4404a9a

GET
S 200 css
fonts.googleapis.com/ 814 B
380 B 15ms
14ms Stylesheet
text/css 172.217.22.42
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

SPDY

Server

172.217.22.42 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s16-in-f10.1e100.net

Software

ESF /

Resource Hash

6f07859718a65e912e6968d942982f65ab979a69287ff13c5e4f9d689526a0ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Thu, 24 May 2018 12:09:36 GMT
content-encoding: gzip
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Thu, 24 May 2018 12:09:36 GMT

GET
S 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v11/ 38 KB
20 KB 6ms
6ms Font
font/ttf 216.58.214.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdr.ttf

Requested by

Host: www.kirupa.com
URL: https://www.kirupa.com/js/fallingsnow_v6.js

Protocol

SPDY

Server

216.58.214.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f35.1e100.net

Software

sffe /

Resource Hash

91d5178b53a5e1c8c6a744f5044314d54bf91f37b038c7f35a958c8a1430a152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Origin: http://clash0fgemsrewards.uphero.com

Response headers

date: Mon, 14 May 2018 20:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 835340
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 19928
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 18:26:07 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 May 2019 20:07:16 GMT

GET
S 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v11/ 39 KB
20 KB 6ms
6ms Font
font/ttf 216.58.214.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7g.ttf

Requested by

Host: www.kirupa.com
URL: https://www.kirupa.com/js/fallingsnow_v6.js

Protocol

SPDY

Server

216.58.214.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f35.1e100.net

Software

sffe /

Resource Hash

898ab48e439e72de77598748c641141700a2e924949b58b264a79acb9ef2dd4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Origin: http://clash0fgemsrewards.uphero.com

Response headers

date: Wed, 09 May 2018 13:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1289569
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 20225
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 18:26:06 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 May 2019 13:56:47 GMT

GET
S 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v11/ 39 KB
20 KB 9ms
9ms Font
font/ttf 216.58.214.35
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v11/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf

Requested by

Host: www.kirupa.com
URL: https://www.kirupa.com/js/fallingsnow_v6.js

Protocol

SPDY

Server

216.58.214.35 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s09-in-f35.1e100.net

Software

sffe /

Resource Hash

8a927acc033e29e44a856a4c4b90761f033ef287ddb8309e26481acb80f07f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700
Origin: http://clash0fgemsrewards.uphero.com

Response headers

date: Thu, 08 Feb 2018 21:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9037807
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 20239
x-xss-protection: 1; mode=block
last-modified: Wed, 11 Oct 2017 18:25:35 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Feb 2019 21:39:29 GMT

GET
H/1.1 206
Partial Content confirmation.mp3
clash0fgemsrewards.uphero.com/mp3/ 108 KB
0 113ms
112ms Media
audio/mpeg 145.14.144.160
AWEX

General

Check archive.org

Show headers Download Go to

Full URL

http://clash0fgemsrewards.uphero.com/mp3/confirmation.mp3

Requested by

Host: clash0fgemsrewards.uphero.com
URL: http://clash0fgemsrewards.uphero.com/confirmation.php

Protocol

HTTP/1.1

Server

145.14.144.160 , Netherlands, ASN204915 (AWEX, US),

Reverse DNS

Software

awex /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: identity;q=1, *;q=0
Host: clash0fgemsrewards.uphero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
chrome-proxy: frfr
Accept: */*
Cache-Control: no-cache
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Connection: keep-alive
Range: bytes=0-
Referer: http://clash0fgemsrewards.uphero.com/confirmation.php
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

Date: Thu, 24 May 2018 12:09:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 30 Apr 2017 11:17:48 GMT
Server: awex
Content-Type: audio/mpeg
Content-Range: bytes 0-843757/843758
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 843758
X-Xss-Protection: 1; mode=block
X-Request-ID: 0410dce4a60e754021c1b01ddb13497e

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rawgit.com
clash0fgemsrewards.uphero.com
fonts.googleapis.com
fonts.gstatic.com
raw.githubusercontent.com
www.kirupa.com
145.14.144.160
151.101.12.133
151.139.237.11
172.217.22.42
216.58.214.35
70.32.72.117
3a6e10cd29aee8e6ac23ae980a4365bd9eaf5ab22e91918a47c7c72c47c9c830
42749bb69066019bf8409ccb37303644bc3f0a1c42a273d6eff66fa4cfea357a
483338d6787110023bb8ce536676d8204b695dd868e05ad51826215a01224bc4
4e4255d70a750c7849d793c1c74904f82df04307499426f3b3042eeaa5a779ef
68f0a78879654a0f8d35227d61d3ea004498fda82fbc8ddc814e97d8b1f64daa
6cbef26a73c9d65172ac0084d51892f25feceebc662063328338acc46f2d9ab6
6f07859718a65e912e6968d942982f65ab979a69287ff13c5e4f9d689526a0ef
736480857134b27d22d1999eeb1cdd4eb9ace8d0e2c2d739d26e27627fe2f9b1
898ab48e439e72de77598748c641141700a2e924949b58b264a79acb9ef2dd4f
8a927acc033e29e44a856a4c4b90761f033ef287ddb8309e26481acb80f07f88
8bfb553dfe111be4da50bf98570d438a0534ea96be8ffe3c8e1d9d27ce422fd7
91d5178b53a5e1c8c6a744f5044314d54bf91f37b038c7f35a958c8a1430a152
bf8fbcfafb26c262d71e4ca715d7f87fb3f29c55c59957e76512668a82271448
d1c2749f31410879d6f06fe31a36d81a7dde568451135f6cdfaa1ad681429989
dfdf3b0ad1c9b6c24fe691f02b7aa8a308d6e9af90f7bca464c58010bb0d2a36

clash0fgemsrewards.uphero.com Open in urlscan Pro 145.14.144.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

0 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

1078 kBTransfer

1372 kBSize

0 Cookies

1 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

clash0fgemsrewards.uphero.com Open in urlscan Pro
145.14.144.160 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

1078 kB
Transfer

1372 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions