updatefree-goldpass96.cf
65.52.121.135  Malicious Activity!

URL: https://updatefree-goldpass96.cf/
Submission: On September 24 via automatic, source certstream-suspicious

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 65.52.121.135, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is updatefree-goldpass96.cf.
TLS certificate: Issued by R3 on September 24th 2021. Valid for: 3 months.
This is the only time updatefree-goldpass96.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

IP Address AS Autonomous System
1 65.52.121.135 8075 (MICROSOFT...)
2 142.250.185.170 15169 (GOOGLE)
1 104.16.18.94 13335 (CLOUDFLAR...)
3 104.21.234.231 13335 (CLOUDFLAR...)
18 145.239.131.51 16276 (OVH)
1 69.16.175.10 33438 (HIGHWINDS2)
2 142.250.185.202 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
29 8
Domain Requested by
18 i.ibb.co updatefree-goldpass96.cf
rawcdn.githack.com
3 rawcdn.githack.com updatefree-goldpass96.cf
2 ajax.googleapis.com updatefree-goldpass96.cf
2 fonts.googleapis.com updatefree-goldpass96.cf
1 fonts.gstatic.com fonts.googleapis.com
1 code.jquery.com updatefree-goldpass96.cf
1 cdnjs.cloudflare.com updatefree-goldpass96.cf
1 updatefree-goldpass96.cf
29 8

This site contains no links.

Subject Issuer Validity Valid
updatefree-goldpass96.cf
R3
2021-09-24 -
2021-12-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
ibb.co
R3
2021-08-06 -
2021-11-04
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://updatefree-goldpass96.cf/
Frame ID: A9ACFFD79021D1168068EA8114DFF2DE
Requests: 29 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

8
IPs

3
Countries

2357 kB
Transfer

2506 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
updatefree-goldpass96.cf/
9 KB
2 KB
Document
General
Full URL
https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.52.121.135 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
LiteSpeed /
Resource Hash
ff9ac16eca9949722d8266504e20208f0f7827cf422fda7b675070b8511d3977

Request headers

:method
GET
:authority
updatefree-goldpass96.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
content-length
1559
content-encoding
br
vary
Accept-Encoding
date
Fri, 24 Sep 2021 09:23:15 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
css2?family=Bungee&display=swap
fonts.googleapis.com/
1 KB
499 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Bungee&display=swap
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
e07ae0ed44bf2f9db136bbf49c1d7efacf3e3de7aeb968e4175f6f62ed18b471
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Sep 2021 08:34:15 GMT
server
ESF
date
Fri, 24 Sep 2021 09:23:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Sep 2021 09:23:15 GMT
css2?family=Noto+Sans&display=swap
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans&display=swap
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f10.1e100.net
Software
ESF /
Resource Hash
61b218e6afb299850d57a9e48754d42c42a25e6bc32e83148c7977bd336a55b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 24 Sep 2021 08:02:41 GMT
server
ESF
date
Fri, 24 Sep 2021 09:23:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Sep 2021 09:23:15 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2706612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYsFcIhGRxHQAIgNvTaYhG4Zx%2BkgzHeBAQyRErFKmeMIP3z8YBQ7SZSuQc0f0sk5SREWNZUYkV5qV%2BbG4rbSQkDz%2FeqLskaX%2Fmgq8FN5Nz0fsb76HvqKFalT8dvzsXFujMNDIEw8"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
693af3f678206916-FRA
expires
Wed, 14 Sep 2022 09:23:15 GMT
cocstyleawal.css
rawcdn.githack.com/AlexHostX/all.asset/b4afc299d049078286499d94ee0a33c54e4222cb/
7 KB
2 KB
Stylesheet
General
Full URL
https://rawcdn.githack.com/AlexHostX/all.asset/b4afc299d049078286499d94ee0a33c54e4222cb/cocstyleawal.css
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da775e993432e2b2365bed7ceceeaec670f69a0a1b19921099ddec80a5ae9ac8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id
7543df8fb117d2ff58279d9d6a54268a5871ade6
date
Fri, 24 Sep 2021 09:23:15 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-bma1646-BMA
x-robots-tag
none
server
cloudflare
x-github-request-id
FF88:39B0:5B7BD1:628659:614CF05F
x-timer
S1632432224.742263,VS0,VE289
etag
W/"2815f1898f73e78e2a2128c5f2014bc0a538fdb1d70ab288935721e4b70331a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmTFpdcPdk65aW1iAERCOJEPzlxjZr8j8CLFtC6EJ2kMaGBIYdIBFckawPqb3QDquaP7uphZCOAjwAM6Twukug1rpSq80xh9%2Fb%2BTDj6tIVd486IwJOVso3aY9nscXwoB9cLispQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-githack-cache-status
HIT
cache-control
max-age=315360000, public, immutable
cf-ray
693af3f6adcc2794-PRG
x-cache-hits
0
jancuk.png
i.ibb.co/jH2mMXK/
104 KB
105 KB
Image
General
Full URL
https://i.ibb.co/jH2mMXK/jancuk.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
739f7171f9ed54bba17acdf36eec56fd0157f1e3f9af4b7142f6803fc59ec032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 18:53:45 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
106923
expires
Thu, 31 Dec 2037 23:55:55 GMT
Power-Potion.png
i.ibb.co/61Nc7z9/
61 KB
61 KB
Image
General
Full URL
https://i.ibb.co/61Nc7z9/Power-Potion.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
ba87e555c22504946dc83a4a9607270b8503089098357b1bfc11e8e682ccd367

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:32:28 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
62090
expires
Thu, 31 Dec 2037 23:55:55 GMT
11.jpg
i.ibb.co/f9s4njP/
29 KB
30 KB
Image
General
Full URL
https://i.ibb.co/f9s4njP/11.jpg
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
26356502390d4d1335a758cc86fbfd153c802db68a4fd7aca76e0b792ceeb2b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:32:04 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30191
expires
Thu, 31 Dec 2037 23:55:55 GMT
Bauarbeitertrank.png
i.ibb.co/XSqNL6D/
60 KB
60 KB
Image
General
Full URL
https://i.ibb.co/XSqNL6D/Bauarbeitertrank.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
493bfa752053fc32ae2c54da10eab8a15be434a39fe3babfd05ae9b1893ac613

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:35:48 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
60969
expires
Thu, 31 Dec 2037 23:55:55 GMT
Rune-of-Dark-Elixir.png
i.ibb.co/54jD44B/
44 KB
44 KB
Image
General
Full URL
https://i.ibb.co/54jD44B/Rune-of-Dark-Elixir.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
c16db12ff0ad066481a8444f7fcda567670d6d27ed81cedd4f16753449321838

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:35:20 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
44710
expires
Thu, 31 Dec 2037 23:55:55 GMT
Rune-des-Golds.png
i.ibb.co/J2t60cs/
48 KB
48 KB
Image
General
Full URL
https://i.ibb.co/J2t60cs/Rune-des-Golds.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
8b504f9aa69830f2566d20dbfcfd1bcb370c6711239ae523517bfd15ac627273

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:36:50 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
49172
expires
Thu, 31 Dec 2037 23:55:55 GMT
Rune-des-Elixiers.png
i.ibb.co/zfXLg4J/
45 KB
45 KB
Image
General
Full URL
https://i.ibb.co/zfXLg4J/Rune-des-Elixiers.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
184a0637f98385c7d079471dd6f30a78c8b884c0ccd58e9228f90f8f09c86588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:37:23 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
45966
expires
Thu, 31 Dec 2037 23:55:55 GMT
Book-of-Heroes.png
i.ibb.co/7Nv7JDc/
51 KB
52 KB
Image
General
Full URL
https://i.ibb.co/7Nv7JDc/Book-of-Heroes.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
c875073b893560583a8c13398109ceb11867a04f513b0ded220d46eda0e4ef8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:38:31 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
52714
expires
Thu, 31 Dec 2037 23:55:55 GMT
Book-of-Everything.png
i.ibb.co/xD92Fvg/
52 KB
52 KB
Image
General
Full URL
https://i.ibb.co/xD92Fvg/Book-of-Everything.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
f368878b120d0892775d704fc278b94f9c188abae04f0f5ce6df8801c853459e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:38:48 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
53209
expires
Thu, 31 Dec 2037 23:55:55 GMT
Book-of-Fighting.png
i.ibb.co/KGSCLPk/
51 KB
51 KB
Image
General
Full URL
https://i.ibb.co/KGSCLPk/Book-of-Fighting.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
cca1931e3ce153ca846461925dd9b704ef70d93fd32ff53cdce7a686f502b9e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:39:08 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
52315
expires
Thu, 31 Dec 2037 23:55:55 GMT
kandep.jpg
i.ibb.co/1bCXHbK/
40 KB
41 KB
Image
General
Full URL
https://i.ibb.co/1bCXHbK/kandep.jpg
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
d248409f6d82bb164266582b1c1dd2d59aa376983828c4eda08babab8a391353

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:39:25 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
41224
expires
Thu, 31 Dec 2037 23:55:55 GMT
Book-of-Building.png
i.ibb.co/LPTDJ7g/
53 KB
53 KB
Image
General
Full URL
https://i.ibb.co/LPTDJ7g/Book-of-Building.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
0a1c42b73776cb2779231611a86a99ec964a028c8a867644e59aeeeac36c951d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:39:44 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
53787
expires
Thu, 31 Dec 2037 23:55:55 GMT
hdefault.jpg
i.ibb.co/6Zw7vH3/
41 KB
41 KB
Image
General
Full URL
https://i.ibb.co/6Zw7vH3/hdefault.jpg
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
fa6fd6c790bc4c817e89453b4973507db0a422c30c129355f216b0f92a768b05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:40:02 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
41550
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hammer-of-Heroes.png
i.ibb.co/583nRgZ/
22 KB
23 KB
Image
General
Full URL
https://i.ibb.co/583nRgZ/Hammer-of-Heroes.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
e07d434e9e72570e5093991fa88e95bb9414098792faa882191be8bf4bc8a3fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:40:22 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
22955
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hammer-of-Spells.png
i.ibb.co/5RJhb4t/
22 KB
22 KB
Image
General
Full URL
https://i.ibb.co/5RJhb4t/Hammer-of-Spells.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
faa79636dd743710c2c4bdb193337e8c24d6ec277341355f29d1dae553f7581b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:40:41 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
22525
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hammer-of-Building.png
i.ibb.co/Wx8VXsm/
23 KB
23 KB
Image
General
Full URL
https://i.ibb.co/Wx8VXsm/Hammer-of-Building.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
762f4a20bf6bedf2eaad0612b705ffb0f2f8a89fd804db3af5d74bf9b81db9c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:40:58 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23512
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hammer-of-Fighting.png
i.ibb.co/6gQ3ZQj/
23 KB
23 KB
Image
General
Full URL
https://i.ibb.co/6gQ3ZQj/Hammer-of-Fighting.png
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
adcb646051faaa43d169f87eaf7cdf22949393a86a245a656478e7325a96c0bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 21:41:14 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23420
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.10.2.min.js
code.jquery.com/
91 KB
32 KB
Script
General
Full URL
https://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
content-encoding
gzip
last-modified
Fri, 24 Oct 2014 00:16:07 GMT
server
nginx
etag
"54499a47-16bb3"
vary
Accept-Encoding
x-hw
1632475395.dop226.fr8.t,1632475395.cds272.fr8.hn,1632475395.cds283.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32788
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 13:30:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71554
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 23 Sep 2022 13:30:41 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/
82 KB
83 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 09:30:21 GMT
x-content-type-options
nosniff
age
258774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84320
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 21 Sep 2022 09:30:21 GMT
input-exception.js
rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/
9 KB
1 KB
Script
General
Full URL
https://rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/input-exception.js
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id
0a9d5075ac9fe882edb48dd354ba901af596cc8b
date
Fri, 24 Sep 2021 09:23:15 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-bma1677-BMA
x-robots-tag
none
server
cloudflare
x-github-request-id
E83A:1310F:13E40C5:14D4245:614C9DEE
x-timer
S1632411118.423047,VS0,VE190
etag
W/"7efc1fe69d2bae7cf5f7f6503e53cd6825675b937514a5660fadff678c23ad05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nd5S0aUX9isJnQcnI9NTk%2FIuvX8WIed2pH4R8I1uN3MuSNn345NoZzGBWtle9Yw7Qt4RAdmxm832Bs4LP%2Fb8lPqCNqXOMe%2FpnApcV1f0LIrUSGZD%2F72dmd8wWQGSrGo4Trw0jvA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-githack-cache-status
STALE
cache-control
max-age=315360000, public, immutable
cf-ray
693af3f6adce2794-PRG
x-cache-hits
0
watermark.css
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/
105 B
1 KB
Stylesheet
General
Full URL
https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css
Requested by
Host: updatefree-goldpass96.cf
URL: https://updatefree-goldpass96.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.231 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://updatefree-goldpass96.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id
2893699ce9b11c4ee2118eec827995dd80914000
date
Fri, 24 Sep 2021 09:23:15 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1070522
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-bma1670-BMA
x-robots-tag
none
server
cloudflare
x-github-request-id
E160:11F5F:155030:1A594A:613CCDE9
x-timer
S1631374825.193955,VS0,VE813
etag
W/"8cbc601be6a6a4a8de11e874a08f4635bb2103954e29be8f44a2287251cf89b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ou9tURGbvE4bQ0ClVXp%2B3vjgvlahbUpR5SsFypO2BgaUhAjd6k6p4hAJe2h09gn7n0NvhhxUBz50BVBjQ%2F2Hxr9jvbdpN0VzklGNmGUrPsqzZUwjqNI%2B%2FhyCykzPtDpnRa3sOyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-githack-cache-status
STALE
cache-control
max-age=315360000, public, immutable
cf-ray
693af3f6add02794-PRG
x-cache-hits
0
7de34544078f087a5830529f5840d446.png
i.ibb.co/SX1t0Zk/
1 MB
1 MB
Image
General
Full URL
https://i.ibb.co/SX1t0Zk/7de34544078f087a5830529f5840d446.png
Requested by
Host: rawcdn.githack.com
URL: https://rawcdn.githack.com/AlexHostX/all.asset/b4afc299d049078286499d94ee0a33c54e4222cb/cocstyleawal.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.51 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
a52f3fe5bbfd5c25027ebdf72c6dc5d8d386e1d11dfb76d8179913f8ce94d05e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://rawcdn.githack.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 09:23:15 GMT
last-modified
Mon, 06 Sep 2021 19:26:20 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1439894
expires
Thu, 31 Dec 2037 23:55:55 GMT
N0bU2SZBIuF2PU_0DXR1.woff2
fonts.gstatic.com/s/bungee/v6/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/bungee/v6/N0bU2SZBIuF2PU_0DXR1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bungee&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://updatefree-goldpass96.cf
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 07:45:55 GMT
x-content-type-options
nosniff
age
5840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17268
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 03:47:49 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Sep 2022 07:45:55 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| startTimer function| $ function| jQuery function| openapp function| openlogAlex object| _0x768a

1 Cookies

Domain/Path Name / Value
.githack.com/ Name: __cf_bm
Value: 576f100a7a356748d98fc02fa12f40d84bb90080-1632475395-0-AZBezUDK7P9kpVWEwR6eE62wUJNlID6xzqO/MFUB2z6h+t30t6I6fMiLH2HFHOa1zwVruiCPLOGJZEB/orAwNn4=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
rawcdn.githack.com
updatefree-goldpass96.cf
104.16.18.94
104.21.234.231
142.250.184.195
142.250.185.170
142.250.185.202
145.239.131.51
65.52.121.135
69.16.175.10
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
0a1c42b73776cb2779231611a86a99ec964a028c8a867644e59aeeeac36c951d
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
184a0637f98385c7d079471dd6f30a78c8b884c0ccd58e9228f90f8f09c86588
26356502390d4d1335a758cc86fbfd153c802db68a4fd7aca76e0b792ceeb2b9
493bfa752053fc32ae2c54da10eab8a15be434a39fe3babfd05ae9b1893ac613
61b218e6afb299850d57a9e48754d42c42a25e6bc32e83148c7977bd336a55b5
739f7171f9ed54bba17acdf36eec56fd0157f1e3f9af4b7142f6803fc59ec032
762f4a20bf6bedf2eaad0612b705ffb0f2f8a89fd804db3af5d74bf9b81db9c7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b504f9aa69830f2566d20dbfcfd1bcb370c6711239ae523517bfd15ac627273
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
a52f3fe5bbfd5c25027ebdf72c6dc5d8d386e1d11dfb76d8179913f8ce94d05e
adcb646051faaa43d169f87eaf7cdf22949393a86a245a656478e7325a96c0bd
b00176dbbd9e4c77629b36fae58d076c8c3b55754e7c2dd3a6e4986e7ec9c37b
ba87e555c22504946dc83a4a9607270b8503089098357b1bfc11e8e682ccd367
c16db12ff0ad066481a8444f7fcda567670d6d27ed81cedd4f16753449321838
c875073b893560583a8c13398109ceb11867a04f513b0ded220d46eda0e4ef8f
cca1931e3ce153ca846461925dd9b704ef70d93fd32ff53cdce7a686f502b9e3
d248409f6d82bb164266582b1c1dd2d59aa376983828c4eda08babab8a391353
da775e993432e2b2365bed7ceceeaec670f69a0a1b19921099ddec80a5ae9ac8
e07ae0ed44bf2f9db136bbf49c1d7efacf3e3de7aeb968e4175f6f62ed18b471
e07d434e9e72570e5093991fa88e95bb9414098792faa882191be8bf4bc8a3fa
f368878b120d0892775d704fc278b94f9c188abae04f0f5ce6df8801c853459e
fa6fd6c790bc4c817e89453b4973507db0a422c30c129355f216b0f92a768b05
faa79636dd743710c2c4bdb193337e8c24d6ec277341355f29d1dae553f7581b
ff9ac16eca9949722d8266504e20208f0f7827cf422fda7b675070b8511d3977