URL: https://nebulas.lol/mrgoldtech/
Submission Tags: @phish_report
Submission: On August 04 via api from FI — Scanned from FI

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 27 HTTP transactions. The main IP is 172.67.135.114, located in United States and belongs to CLOUDFLARENET, US. The main domain is nebulas.lol.
TLS certificate: Issued by WE1 on July 19th 2024. Valid for: 3 months.
This is the only time nebulas.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 172.67.135.114 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 172.67.183.121 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 172.67.139.119 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 188.114.97.3 13335 (CLOUDFLAR...)
27 9
Apex Domain
Subdomains
Transfer
11 nebulas.lol
nebulas.lol
131 KB
5 fontawesome.com
kit.fontawesome.com Failed
ka-f.fontawesome.com — Cisco Umbrella Rank: 7493
146 KB
3 gstatic.com
fonts.gstatic.com
24 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
119 KB
1 userstat.net
userstat.net — Cisco Umbrella Rank: 232748
651 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 c99.nl
discord.c99.nl
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
0 snitch.lol Failed
snitch.lol Failed
27 9
Domain Requested by
11 nebulas.lol 1 redirects nebulas.lol
static.cloudflareinsights.com
5 ka-f.fontawesome.com nebulas.lol
3 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com nebulas.lol
cdnjs.cloudflare.com
1 userstat.net nebulas.lol
1 static.cloudflareinsights.com nebulas.lol
1 discord.c99.nl nebulas.lol
1 fonts.googleapis.com nebulas.lol
0 snitch.lol Failed nebulas.lol
0 kit.fontawesome.com Failed nebulas.lol
27 10

This site contains links to these domains. Also see Links.

Domain
x.com
www.reddit.com
www.tiktok.com
github.com
www.youtube.com
Subject Issuer Validity Valid
nebulas.lol
WE1
2024-07-19 -
2024-10-17
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-07-31 -
2024-10-29
3 months crt.sh
c99.nl
WE1
2024-07-02 -
2024-09-30
3 months crt.sh
cloudflareinsights.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
ka-f.fontawesome.com
WE1
2024-07-01 -
2024-09-29
3 months crt.sh
*.gstatic.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
userstat.net
WE1
2024-07-17 -
2024-10-15
3 months crt.sh

This page contains 2 frames:

Primary Page: https://nebulas.lol/mrgoldtech/
Frame ID: 900AEE660BCD2D8989A26DB92F8858DF
Requests: 25 HTTP requests in this frame

Frame: https://nebulas.lol/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: C2971E8109D21D7FF295F336554C6A61
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

nebulas.lol ⎮ MrGoldTech

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

85 %
HTTPS

38 %
IPv6

9
Domains

10
Subdomains

9
IPs

4
Countries

445 kB
Transfer

1479 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://nebulas.lol/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nebulas.lol/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nebulas.lol/mrgoldtech/
16 KB
5 KB
Document
General
Full URL
https://nebulas.lol/mrgoldtech/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acb8003dc34a04c7a1903ee1df834becf87f959eae2fb05f97d627e107705663
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8adbe7d3cf2d2de9-KBP
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 04 Aug 2024 04:46:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B2o%2Fh9SvvJNZsKZwmrPLwTe63gL4R1%2FNha%2BPwCuX8LaCMhJOT1NIXgR2C54IdA6vTY%2BL5o9sFSRjK3zRQxZvFRYCEhO6MEvqi0qng4IGOQqidOAjt3ze6RdFTcuOuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
css2
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
092c139fd6f725dbefc88610296bba6b36bc98795bd310963aca3124e94582d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nebulas.lol/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Aug 2024 04:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Sun, 04 Aug 2024 04:46:46 GMT
a076d05399.js
kit.fontawesome.com/
0
0

all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/
82 KB
15 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nebulas.lol/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
197895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14850
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-3a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMWF3CgpY6%2FYRddtbvnWA4sb5Mwb7ClD9QvgOWi7jeRgsXNTrma1wypYxI5jPOmMqLTdTceep%2FFnj3szC1R1urG7AdPcdc9grsxxfA%2Bk7ptrVKZvczjiPN%2FXchNpUo%2BLcF0iAQD9"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8adbe7d58ca370d5-ARN
expires
Fri, 25 Jul 2025 04:46:46 GMT
fcb5095760.js
nebulas.lol/mrgoldtech/js/
12 KB
5 KB
Script
General
Full URL
https://nebulas.lol/mrgoldtech/js/fcb5095760.js
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3108cb43e61e71089481af2cd7fca5d7c05091b229e4d665a0926c8e7e47f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nebulas.lol/mrgoldtech/
Origin
https://nebulas.lol
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2617dad7fdb4214e1c88c95c348685ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8eUKBUoQ0ewZr0RvDhMhiECspXBeM4gNCdwv2c7IJbk8VQMSTotF6IUOwpmQxoqahOs3GZVYOm%2FYolRVfCT15%2F58wejgYxtEHVA3rCRiPZHkqqHdgySzovdK9fO5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8adbe7d5595e2de9-KBP
priority
u=1,i=?0
asd.png
nebulas.lol/mrgoldtech/images/
97 KB
97 KB
Image
General
Full URL
https://nebulas.lol/mrgoldtech/images/asd.png
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48276b828f3dd99b3df9b020e7cbd75c3f3d5289f35b94479a879015e9bd667
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nebulas.lol/mrgoldtech/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:46 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
98953
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"774201fecf6e6e842de282963b375a90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0GuwZ6yia2i7gVJ4oN0YEAQ2WaRP18HVGnEm%2BQ7W4%2BRGfMeDkygwmJMfqjQ%2B1vWqrQKwukOTi9KQkM6zbyx9f5t1tKLVpyo2Bw7Hx6rK2VZQjfpLr674PuKsjaw6Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8adbe7d559612de9-KBP
priority
u=2,i
7sfs5d.jpg
nebulas.lol/mrgoldtech/images/
18 KB
18 KB
Image
General
Full URL
https://nebulas.lol/mrgoldtech/images/7sfs5d.jpg
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beee0e654458c47473c84cf563374f5002147db66ae167784e591c6b664abeeb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nebulas.lol/mrgoldtech/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:46 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
18012
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"50ca8db75828fb026d6ea0dadca6762f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctHjIthe5vZYe0QuNiCKaD%2FUXwUhyp%2BGtB3XE9AaRjL2lRYeiGtp6wd9zjWGq87uCSJ3SLDcZ7NNFEW%2Fq%2BajU0eLPbR8MNDF4tuzClpHgdnCNP0%2BfiPVSeZb4BharQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
8adbe7d559642de9-KBP
priority
u=2,i
1133402776290992158.png
discord.c99.nl/widget/theme-4/
16 KB
18 KB
Image
General
Full URL
https://discord.c99.nl/widget/theme-4/1133402776290992158.png
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a7cea0915ba39d1ea57ff5a232ad0cc12d8ae4b19d8c6b9cde94c4a60ec14f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nebulas.lol/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Sun, 04 Aug 2024 04:46:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MG6jO9bXdW29EADJgtIK6Itc6d%2F1q%2BrxVjFqbi2Y1eNwzAiIOWKhORbyeLMDiEUpkITbjH9sWf26%2FgqVS%2BHA9uADHwyzk6tuGhhpnOlxJlyMvdeI3rBm21CUJZvTql3Dyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
8adbe7d90c532da0-KBP
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
expires
Mon, 26 Jul 1997 05:00:00 GMT
tick.png
snitch.lol/assets/
0
0

vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://nebulas.lol/
Origin
https://nebulas.lol
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:46 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8adbe7d71a595efb-ARN
free.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/
101 KB
23 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=fcb5095760
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/js/fcb5095760.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

Referer
https://nebulas.lol/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:46 GMT
content-encoding
gzip
via
1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UqlaSiGqa86lzD4822Jzqfh51QUAnErwTxmnUVi%2F3Flty9ZTd5%2BFzZap5JHajS8QTkTijE7Xnm5A51WhhN0nRPO3qCMqEN2fg5iTilNhSSewdt8OmvzCFeDXkADelpqjEol5sbKmOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8adbe7d74bf3ca45-KBP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
_gK1UTdlFnLOhlsfZAqNYQUpk4JydW7vhoKW64m7N6cQf5ckDZqtgQ==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/
27 KB
5 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=fcb5095760
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/js/fcb5095760.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

Referer
https://nebulas.lol/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
content-encoding
gzip
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3prSAxsGIcuJ%2BUp%2B1H%2FYM%2FEPtsx0K6LfQOfnTu9iwYEF9fI6t0TnJG2nDrfaNqZOaDycLWgsOAtZlcWc5V%2Bj4s6S3YwPP1jFN2ZGDcZ6XXMmiX8C5VOWWY1XHdDQz9V46xqsdBxvkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8adbe7d74beeca45-KBP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
SPqt1-vhx4BOJrmWLKT-i2y_RH8ymsz1BG0Kokxx5j4ZjPTcVfjeXg==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/
823 B
976 B
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=fcb5095760
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/js/fcb5095760.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

Referer
https://nebulas.lol/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0mPZuLMbK2TeC2lohehQUVmZgfQX7Ymp1opwTf6vgYVYOYnGgJuRV9Sg73q8d9W5aESUhpv5qn1iD5uQIPzo4LJYcvBj%2Flr7jJ475dW22e8O10txX1j6JoZuNqbAlzXL0RsQ2oZM3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8adbe7d74bf2ca45-KBP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
pz3MyTx7T9KMsENC37cPrAukJASaSEbE5zfYwgA-9OcU_1eg7q6dDg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.5.2/css/
2 KB
1 KB
Fetch
General
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=fcb5095760
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/js/fcb5095760.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

Referer
https://nebulas.lol/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
content-encoding
gzip
via
1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 02 Apr 2024 15:26:25 GMT
server
cloudflare
etag
W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isgRjn%2F40ntvp5L3ERuStTj7QirgYJUuYvYdIc7JurjYHl4Fw0xnpyiBmB98k%2BABBCAo%2BCDck9QM5S4zzDu0i8BqRrdD7UxOCsAP2c1ofuZiB6AznIVhptEGHvL9haxZG8UDEVqF7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8adbe7d74beaca45-KBP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
KC1_pE0m1OC0mMv4ZktYh3f9Mqqym2JZc1pa2i0JY6gFesd6v88s3A==
mouse.cur
snitch.lol/assets/
0
0

pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nebulas.lol
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Jul 2024 11:47:32 GMT
x-content-type-options
nosniff
age
406754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7848
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 11:47:32 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nebulas.lol
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 30 Jul 2024 15:19:07 GMT
x-content-type-options
nosniff
age
394059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7740
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 15:19:07 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/
103 KB
103 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Origin
https://nebulas.lol
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:46 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
112793
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
105204
last-modified
Mon, 22 Nov 2021 21:02:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"619c057b-19af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nzg3dIX%2FBxas%2BPleQz2ApliLiFfFcP3HmiNj9oSFYX%2FFAUd67WsHBEjgvl8MIJfJQNld6P93tXRaeJOli0tAR1BFGfkxzGy5AzeI6rPJv3Wdn5nRSFEhdi%2B839vB23xqMhiGFxmq"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8adbe7d6f97b82a7-ARN
expires
Fri, 25 Jul 2025 04:46:46 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nebulas.lol
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 01 Aug 2024 09:47:27 GMT
x-content-type-options
nosniff
age
241159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7900
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 09:47:27 GMT
main.js
nebulas.lol/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame C297
Redirect Chain
  • https://nebulas.lol/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nebulas.lol/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
8 KB
4 KB
Script
General
Full URL
https://nebulas.lol/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H3
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59aec46090a9c3900e6ac3b538d19297dad72aefbb048fc0ef97e7a1ad420ad7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NqKHn4gREqKXB%2BLBy8q3GeaAUXOrOGci1sgNTqRxxeDJKHeXqfqs0Naxtkh5N9YUHEIx1Kfh5CDRr%2BpDEI%2BTFkF%2FiatBtzb61AFQ3BFPf%2BtTkshcTdVlzbRKNbrrrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8adbe7d83d6d2de9-KBP
alt-svc
h3=":443"; ma=86400
priority
u=3,i=?0

Redirect headers

date
Sun, 04 Aug 2024 04:46:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fWMDLNNGrBgOWtMMGJVA82yyKLiAnv2zvdGiecoNqFkuTMUkiW9WEz14ATVkaB3XEVB02rkfpCNqod1iOTZU0AR7%2BmG%2BfJd94zAxVzj0AMGPOkzG6%2FBr39s6VP3O8g%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8adbe7d7aca42de9-KBP
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i=?0
jssad5.mp3
nebulas.lol/mrgoldtech/
796 KB
0
Media
General
Full URL
https://nebulas.lol/mrgoldtech/jssad5.mp3
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nebulas.lol/mrgoldtech/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Range
bytes=0-

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-4378049/4378050
alt-svc
h3=":443"; ma=86400
Content-Length
4378050
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"69b9f4bc72a15ce3fa4e16f78b07e0d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmQDDc2Dqlj8%2FVpU2RdpYjQwkj%2B2ZC9eec3iiufkpoA3UTx6RD48MDsYvyAZgYGx5PomZX5T3A4Zfur%2FiNR%2FtH6M1eMPiSAd65%2FErVzegwef5zKVrmMPWP9m7ygv9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8adbe7d7acaa2de9-KBP
priority
u=3,i
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/
115 KB
116 KB
Font
General
Full URL
https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91

Request headers

Referer
https://nebulas.lol/
Origin
https://nebulas.lol
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
via
1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
117856
last-modified
Tue, 02 Apr 2024 15:51:14 GMT
server
cloudflare
etag
"5674af1ac41fe62c1b4568cbb6a031ff"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QuJyIGknEMRd0d1ezkFgp5%2BX4QvN5W1h2iU5wvI%2B%2BvOey9NUj2OIvErZ2%2BfXZHR3yGgMSAyfqBkf5tEC%2B7V3zsBZlfjULy%2F%2B1YCve8e4TV44kKsgATwI52LBcjYWaIDYqw7JKoTNvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8adbe7d88e3aca45-KBP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
QVoLYTMbQGp3SkfdkhiZP7M9os82mJdTj-ANlpuSWkvXu6E-Z5l4iA==
8adbe7d3cf2d2de9
nebulas.lol/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C297
0
686 B
XHR
General
Full URL
https://nebulas.lol/cdn-cgi/challenge-platform/h/b/jsd/r/8adbe7d3cf2d2de9
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDzDKL9EFCfHIN6uilmNtOElXEVWpvOdVxFuA3ABMyEa84z8Mg%2B7Q3zDME%2Bu9gtIGrAm8mWV5mJZoGGFud3MuPFAC1K4GthGmQwjEqILtT08TYVh864kIJvKatfvTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8adbe7d92f632de9-KBP
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=1,i
rum
nebulas.lol/cdn-cgi/
0
139 B
XHR
General
Full URL
https://nebulas.lol/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nebulas.lol/mrgoldtech/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
content-type
application/json

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://nebulas.lol
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8adbe7dc0b432de9-KBP
tick.png
nebulas.lol/mrgoldtech/images/
684 B
817 B
Other
General
Full URL
https://nebulas.lol/mrgoldtech/images/tick.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a88c6c60a62cde9d62ae601e7550e18441f73a4d3f530049682ee8d13df8cf2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nebulas.lol/mrgoldtech/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 04 Aug 2024 04:46:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sy%2Bh60P67yK%2B2a3vuPHftF8GdEh%2Fgw8xC8yOQALeu3g2Kjdx%2Fihv42e1jYmYjl%2FBpF3BY2OI53jis4Lw7dzu45Ti08kFifdiDrkzgAT%2B%2BRpPzA5Q7bXwYUD4vvGFxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8adbe7dc1b4f2de9-KBP
priority
u=1,i
script.js
userstat.net/get/
129 B
651 B
Script
General
Full URL
https://userstat.net/get/script.js?referrer=https://nebulas.lol/mrgoldtech/
Requested by
Host: nebulas.lol
URL: https://nebulas.lol/mrgoldtech/js/fcb5095760.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67

Request headers

Referer
https://nebulas.lol/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 04 Aug 2024 04:46:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.2.1
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://nebulas.lol
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5O7tlUnWTsGVCSXYRO3TvNxED%2Fx3l%2BVBx1A2nE2c%2B9RKxXUbLfwYacO5qbcKf%2F0YJl9NLcb7LB8FHxN%2Bo8V5HBosVDkg82UxzoVJY%2BwgbA65LYyH%2F1SkpLSZ7Tpu34%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8adbe7dd6f27ca4d-KBP
access-control-allow-headers
X-Requested-With,content-type
alt-svc
h3=":443"; ma=86400
jssad5.mp3
nebulas.lol/mrgoldtech/
30 KB
0
Media
General
Full URL
https://nebulas.lol/mrgoldtech/jssad5.mp3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.114 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nebulas.lol/mrgoldtech/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Range
bytes=814676-

Response headers

date
Sun, 04 Aug 2024 04:46:51 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 814676-4378049/4378050
alt-svc
h3=":443"; ma=86400
Content-Length
3563374
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"69b9f4bc72a15ce3fa4e16f78b07e0d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmQDDc2Dqlj8%2FVpU2RdpYjQwkj%2B2ZC9eec3iiufkpoA3UTx6RD48MDsYvyAZgYGx5PomZX5T3A4Zfur%2FiNR%2FtH6M1eMPiSAd65%2FErVzegwef5zKVrmMPWP9m7ygv9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
8adbe7f5c9e82de9-KBP
priority
u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kit.fontawesome.com
URL
https://kit.fontawesome.com/a076d05399.js
Domain
snitch.lol
URL
https://snitch.lol/assets/tick.png
Domain
snitch.lol
URL
https://snitch.lol/assets/mouse.cur

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FontAwesomeKitConfig object| __cfBeacon

2 Cookies

Domain/Path Name / Value
nebulas.lol/mrgoldtech Name: PHPREFS
Value: full
.nebulas.lol/ Name: cf_clearance
Value: NvOwxUEVmT1cXMEoqObTEnGHFNCl4vGd4qXac_PHbBE-1722746807-1.0.1.1-YL6JruHvz2Pxtpcm.tTA9MtzMhBG1tbQoTQ74olUmJ1vKVYpA01sBByFhInwJaC5XejTLae_fv11dSEbK6iDyw

2 Console Messages

Source Level URL
Text
javascript error URL: https://nebulas.lol/mrgoldtech/
Message:
Access to script at 'https://kit.fontawesome.com/a076d05399.js' from origin 'https://nebulas.lol' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kit.fontawesome.com/a076d05399.js
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
discord.c99.nl
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
nebulas.lol
snitch.lol
static.cloudflareinsights.com
userstat.net
kit.fontawesome.com
snitch.lol
104.17.25.14
172.67.135.114
172.67.139.119
172.67.183.121
188.114.97.3
2606:4700::6810:5049
2a00:1450:4001:80b::200a
2a00:1450:4001:80f::2003
092c139fd6f725dbefc88610296bba6b36bc98795bd310963aca3124e94582d0
0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91
15ce5c1c9ba32dcc6ad17bb12d61ead8aafba652147c3c51d0e200a16a992d67
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2
33a252d6393cbd6debe0ac517229c7aa258a0ee68fc0253f8be6a7cee8b65ee9
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
59a7cea0915ba39d1ea57ff5a232ad0cc12d8ae4b19d8c6b9cde94c4a60ec14f
59aec46090a9c3900e6ac3b538d19297dad72aefbb048fc0ef97e7a1ad420ad7
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a88c6c60a62cde9d62ae601e7550e18441f73a4d3f530049682ee8d13df8cf2
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
a48276b828f3dd99b3df9b020e7cbd75c3f3d5289f35b94479a879015e9bd667
acb8003dc34a04c7a1903ee1df834becf87f959eae2fb05f97d627e107705663
beee0e654458c47473c84cf563374f5002147db66ae167784e591c6b664abeeb
df3108cb43e61e71089481af2cd7fca5d7c05091b229e4d665a0926c8e7e47f3
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075