Report - 8.210.125.140/

Report Overview

Submitted URL
8.210.125.140/
IP
8.210.125.140
ASN
#45102 Alibaba US Technology Co., Ltd.
Submitted
2024-05-07 17:33:03
Access
public
Website Title
Discord | Your Place to Talk and Hang Out
Final URL
8.210.125.140/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
8.210.125.140	unknown	unknown	No data	No data	4.7 kB	6.8 MB	8.210.125.140
global.localizecdn.com	29924	2016-04-14	2016-10-11	2024-05-03	406 B	29 kB	104.18.4.175
d3e54v103j8qbb.cloudfront.net	unknown	2008-04-25	2016-03-11	2024-05-06	493 B	32 kB	143.204.42.231
discord.com	1053	2000-11-06	2013-06-04	2024-05-06	7.8 kB	103 kB	162.159.135.232
assets.website-files.com	13552	2019-01-23	2020-11-01	2024-05-06	3.4 kB	239 kB	143.204.55.62
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	486 B	92 kB	142.250.74.168
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-05-06	512 B	1.2 kB	35.244.181.201
www.youtube.com	90	2005-02-15	2013-04-13	2024-05-06	400 B	2.7 kB	216.58.207.206
assets-global.website-files.com	14027	2019-01-23	2020-11-01	2024-05-07	7.5 kB	1.3 MB	143.204.55.47
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-07	855 B	38 kB	216.58.207.202

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	8.210.125.140/	Discord
2024-05-07	medium	8.210.125.140/	Discord
2024-05-07	medium	8.210.125.140/	Discord
2024-05-07	medium	8.210.125.140/	Discord
2024-05-07	medium	8.210.125.140/	Discord
2024-05-07	medium	8.210.125.140/	Discord
2024-05-07	medium	8.210.125.140/	Discord
2024-05-07	medium	8.210.125.140/	Discord

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	8.210.125.140	Sinkholed
2024-05-07	medium	8.210.125.140	Sinkholed
2024-05-07	medium	8.210.125.140	Sinkholed
2024-05-07	medium	8.210.125.140	Sinkholed
2024-05-07	medium	8.210.125.140	Sinkholed
2024-05-07	medium	8.210.125.140	Sinkholed
2024-05-07	medium	8.210.125.140	Sinkholed
2024-05-07	medium	8.210.125.140	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	90 kB	2023-03-07	2024-05-29
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-05-29 00:25:46 Times Seen278086 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.googletagmanager.com/gtm.js?id=GTM-N7BVC2W&gtm_auth=GI0g9O-54_SitcgmxQKxlA&gtm_preview=env-2&gtm_cookies_win=x	256 kB	2024-05-07	2024-05-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-N7BVC2W&gtm_auth=GI0g9O-54_SitcgmxQKxlA&gtm_preview=env-2&gtm_cookies_win=x IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:33:11 Last Seen2024-05-07 19:33:12 Times Seen2 Hash ecf4fbcee2b752e4971d0ab2f6c7e2ab 9d29dbc99a93d47c475d322745dfce66bc6f483d b41182884709aa004a0fa3222fe0c14d0a6811676b8b2fc2e3f054afb5060eff Loading...

	8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/index-react.js	6.6 MB	2024-04-17	2024-05-28
Pretty URL 8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/index-react.js IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 15:51:16 Last Seen2024-05-28 19:54:47 Times Seen150 Hash 1e15f3981cb1741b8654b8621a0d3e17 b6175cd114e82a912267ab813d7013b24782c41d ad923645e4aa76db10f2864ad6b156699d2550cc4571f18daf58a2ba7ca563e6 Loading...

	global.localizecdn.com/localize.js	63 kB	2024-04-30	2024-05-28
Pretty URL global.localizecdn.com/localize.js IP 104.18.4.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 07:43:03 Last Seen2024-05-28 19:54:47 Times Seen160 Hash ba06239578773f2fe5bb64a045ce5500 1aa52661d072acaea06ac04e624dce61196fa1a0 f563bf268a89718a4ba182f5ab05d5913ccc772b3223083cd52c396c26ea1a4c Loading...

	8.210.125.140/w/loader/loader.js	1.3 kB	2024-04-17	2024-05-28
Pretty URL 8.210.125.140/w/loader/loader.js IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 15:51:17 Last Seen2024-05-28 19:54:47 Times Seen124 Hash 7bfbf306372092ffb9a8f3701b9d885e 1a964fb16e4e607f3f6d59e2c4d7cf7e9ace60ec af6a7f727c98753323bbe0462b2de440c86ec427698b5d185c6fd6bbfa8ab9de Loading...

	8.210.125.140/	132 B	2024-02-16	2024-05-28
Pretty URL 8.210.125.140/ IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-16 12:37:45 Last Seen2024-05-28 19:54:47 Times Seen203 Hash 826d3afe636b1906b61f9a8debcad652 1032f03b6e3933a9ed66e99a958564de76a12109 378f38d14703c00da0ab6271dbeb0853fd9f9e5906d89032cc20c599c3ac9575 Loading...

	discord.com/webflow-scripts/landing.js	1.7 kB	2024-03-22	2024-05-28
Pretty URL discord.com/webflow-scripts/landing.js IP 162.159.135.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 17:26:10 Last Seen2024-05-28 19:54:47 Times Seen202 Hash 6873ba0d8e966bfe2f6428009c1f4255 4db49fba2d81920a64192997c693e94b857886ea 17184c99c6227c46e9e0550667946e3f55ad4bdd1999c05f4e3201083e9a5940 Loading...

	8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/styles.js	2.8 kB	2023-12-18	2024-05-28
Pretty URL 8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/styles.js IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-18 05:57:30 Last Seen2024-05-28 19:54:47 Times Seen251 Hash 8118665f482e569895664807fa264a30 074fd5cf6227c92b1075e02c0865abb48dc07243 dc3dbb901bf0f7d425718edd58c7d8a9131d4dc9ee06405ae67cac96477bdff3 Loading...

	8.210.125.140/	181 B	2023-03-07	2024-05-29
Pretty URL 8.210.125.140/ IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:43 Last Seen2024-05-29 00:19:35 Times Seen4169 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	discord.com/webflow-scripts/bodyEnd.js	12 kB	2024-03-22	2024-05-28
Pretty URL discord.com/webflow-scripts/bodyEnd.js IP 162.159.135.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 17:26:10 Last Seen2024-05-28 19:54:47 Times Seen203 Hash cf1fcdb5511493e70497b458944e1358 16edf79361fb9f6232e78fe790e05afc8c0f22c3 565361427f87e795807c3fdcf5debe1dc807c6edbf5f5e57a10d9c9d593c9a1d Loading...

	unknown	283 B	2024-05-07	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:33:11 Last Seen2024-05-07 19:33:11 Times Seen1 Hash 670276a8d8cc8587ec3666c72b106613 11a265e938c65f8ac9e6e94e8b461e553a860d4e 884d6aba83363278451ba186510b3cab1340a49a90fca4be9c611ca8adfe887b Loading...

	8.210.125.140/	26 B	2024-01-26	2024-05-28
Pretty URL 8.210.125.140/ IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 11:16:50 Last Seen2024-05-28 19:54:47 Times Seen196 Hash 04169f0d55ccf701d1f023d9e5bc29d3 417e9b0c0d3c96f8c6686c11460a61c394c352ff 54e3df18163e5e04c3330846e354b9799c8c2a5bb780deb4b2ec023c3599f0c6 Loading...

	d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6257adef93867e50d84d30e2	90 kB	2023-03-07	2024-05-29
Pretty URL d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6257adef93867e50d84d30e2 IP 143.204.42.231 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-29 00:19:35 Times Seen149327 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	8.210.125.140/	87 B	2023-03-08	2024-05-28
Pretty URL 8.210.125.140/ IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 09:18:41 Last Seen2024-05-28 19:54:47 Times Seen221 Hash 4660c99ff509402822c528d30bb5a29f 692a4b8873ee74b4a9ee69e10d35280cd367748e 8d8ffb8d6add76d3546fe638085296687f91da5aea826fcb017ef613c48ba8ac Loading...

	8.210.125.140/	4.8 kB	2024-01-26	2024-05-28
Pretty URL 8.210.125.140/ IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 11:16:51 Last Seen2024-05-28 19:54:47 Times Seen204 Hash 9b874ef9584a272c4f2ba7cef116cd4b 5f1fd8a78c0f362b180a632460e4aea1b48f91d4 c639020f104e3364e5227e43a4640ce1a26575be0088730a9518df5b8ea5fb1d Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	13 kB	2023-03-07	2024-05-29
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-05-29 00:19:35 Times Seen23739 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	assets-global.website-files.com/6257adef93867e50d84d30e2/js/discord-2022.b67035984.js	3.1 MB	2024-05-07	2024-05-07
Pretty URL assets-global.website-files.com/6257adef93867e50d84d30e2/js/discord-2022.b67035984.js IP 143.204.55.47 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:20:54 Last Seen2024-05-07 19:42:27 Times Seen6 Hash b670359848d9c808d47ecdf80e1e10aa 27492feb7ee32a480933b0bdb72e66507898d69f 3f3adc819fffd3acdf10df87af0d515d796c26eb25749fbfce0114d43241940f Loading...

	8.210.125.140/	23 B	2023-03-08	2024-05-28
Pretty URL 8.210.125.140/ IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 09:18:41 Last Seen2024-05-28 19:54:47 Times Seen223 Hash a106c6b63912566571a0b020acec86ac 28deb75636623e968c1dfc2929fbb832e4dbb067 4eb63702a97229f65db08dcb62ccbabbc18085c90b1177b22dc14ada039ed7c5 Loading...

	www.youtube.com/iframe_api	1.1 kB	2024-05-02	2024-05-07
Pretty URL www.youtube.com/iframe_api IP 216.58.207.206 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 20:17:03 Last Seen2024-05-07 23:28:04 Times Seen59 Hash 54a5ac62b1fb423f35f3a1a7cd7eadc2 013da6301c455970e863030b5496b54fc17030cc b0a1a9d37e7e802c15f72c107bd1e565455c049209bfbeb48c733a9a71573cef Loading...

	8.210.125.140/	126 B	2023-03-08	2024-05-28
Pretty URL 8.210.125.140/ IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 09:18:41 Last Seen2024-05-28 19:54:47 Times Seen221 Hash 9b6f31f0b2a5f1d7382584a8f877c62d 6864ba993fd3fc3773b68039fce3704a9d08dcd2 95538bfa01f8ed7d0b8b942b896359ebd1dcafeef50ec5c5bc6990c4df53a41c Loading...

	8.210.125.140/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-05-07	2024-05-07
Pretty URL 8.210.125.140/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:33:12 Last Seen2024-05-07 19:33:12 Times Seen2 Hash ed3e93a6435a9e8ff12647c0fd94ee07 b129154b700d5eb241dc18479dd3ecb3bd5fb6f2 3a2d6593b9913d10252b3230cf93c38571a6e05511ed5aba8ea4c2dae6ed691d Loading...

	discord.com/webflow-scripts/head.js	8.5 kB	2024-03-22	2024-05-28
Pretty URL discord.com/webflow-scripts/head.js IP 162.159.135.232 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 17:26:10 Last Seen2024-05-28 19:54:47 Times Seen202 Hash 5f85c48349fcc177a601c0d2910e2b5b 58804d25e4cb6bc4a77506c6d36db87788ff6966 dd53642818deded757546d764295563addb95b0713b4f2352e7209d9f72942e0 Loading...

	8.210.125.140/	521 B	2024-01-26	2024-05-28
Pretty URL 8.210.125.140/ IP 8.210.125.140 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 11:16:52 Last Seen2024-05-28 19:54:47 Times Seen205 Hash fecb1979673fcc384241f64fe3327048 129cf7177947ac56d7d434213ca08dde5d7b85f3 b55793318927446fc801d08744694377d4b66d7dbfad7d1ee07a5a3fd9602966 Loading...

HTTP Transactions (46)

URL IP Response Size

8.210.125.140/

8.210.125.140

200 OK

162 B

URL User Request GET HTTP/2
8.210.125.140/
IP
8.210.125.140:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectdiscord.objl.net
Fingerprint1F:B8:98:2A:A6:DB:17:4E:70:06:B7:E1:AF:4F:CD:96:80:53:5C:5B
ValidityTue, 07 May 2024 06:01:34 GMT - Mon, 05 Aug 2024 06:01:33 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Discord
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 8.210.125.140
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 07 May 2024 17:32:33 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://8.210.125.140/
Strict-Transport-Security: max-age=31536000

assets-global.website-files.com/6257adef93867e50d84d30e2/css/discord-2022.a5cf695ac.min.css

143.204.55.47

200 OK

200 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/css/discord-2022.a5cf695ac.min.css
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size
200 kB (200467 bytes)
Hash
a5cf695acc7f1227f2be66033a3f0698
1cd5f383d156767820367344eac4954145402088
4f1cade98c249c5cf9dd3a0e0227b6217f6612b940a218c51bf91bf4d7a25f27

HTTP Headers

GET /6257adef93867e50d84d30e2/css/discord-2022.a5cf695ac.min.css HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 200467
date: Tue, 07 May 2024 10:54:24 GMT
last-modified: Tue, 07 May 2024 10:54:11 GMT
etag: "2c0f70e4fffdfbb3c2b3f29d4bf8de7b"
x-amz-server-side-encryption: AES256
cache-control: max-age=84600, must-revalidate
content-encoding: gzip
x-amz-version-id: 2kmhm6usD9HaJ595GO1BNWn6IqBSWilv
accept-ranges: bytes
server: AmazonS3
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 23895
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Jdq9Py5dNrUCTHczFuBySaA_Capl2b31A4EcuBybbGL9TYNUh37bbw==
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/js/discord-2022.b67035984.js

143.204.55.47

200 OK

318 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/js/discord-2022.b67035984.js
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42312)
Size
318 kB (317778 bytes)
Hash
b670359848d9c808d47ecdf80e1e10aa
27492feb7ee32a480933b0bdb72e66507898d69f
3f3adc819fffd3acdf10df87af0d515d796c26eb25749fbfce0114d43241940f

HTTP Headers

GET /6257adef93867e50d84d30e2/js/discord-2022.b67035984.js HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/javascript
content-length: 317778
date: Tue, 07 May 2024 09:59:57 GMT
last-modified: Tue, 07 May 2024 09:59:41 GMT
etag: "224756aa52ba41b2ab2140d5b676feea"
x-amz-server-side-encryption: AES256
cache-control: max-age=84600, must-revalidate
content-encoding: gzip
x-amz-version-id: PqFQGEYLKMM21Jibu1Jxv7oYLn_e4Dx6
accept-ranges: bytes
server: AmazonS3
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 27162
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZHpFeoAKGY2z6_7h8mEiyitCmEjK0zeZxS78cAhtaX15YWtv34NBpQ==
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

216.58.207.202

200 OK

5.4 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://8.210.125.140/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 20:42:48 GMT
expires: Fri, 02 May 2025 20:42:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 420590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

216.58.207.202

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
https://8.210.125.140/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 15:45:31 GMT
expires: Fri, 02 May 2025 15:45:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 438427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6257adef93867e50d84d30e2

143.204.42.231

200 OK

31 kB

URL GET HTTP/2
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6257adef93867e50d84d30e2
IP
143.204.42.231:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31195 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=6257adef93867e50d84d30e2 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: br
date: Tue, 07 May 2024 04:24:34 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
age: 47306
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WuwwyKYcV6PIZZ9zehODAfLaIN0gWU02GhPC79M0-Rne2mz76awe6Q==
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/6257bf8b5ba300233705a542_en.png

143.204.55.47

200 OK

288 B

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/6257bf8b5ba300233705a542_en.png
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
PNG image data, 70 x 47, 8-bit/color RGBA, non-interlaced
Size
288 B (288 bytes)
Hash
e6d6b255259ac878d00819a9555072ad
6beb12d36acbad79743495aef581891a1ff4f5f5
21d34772ed80c8be7ab9e7338498bdfe2f66c77b61542cc48e103fd77ecd7f60

HTTP Headers

GET /6257adef93867e50d84d30e2/6257bf8b5ba300233705a542_en.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 288
date: Fri, 19 Jan 2024 14:55:25 GMT
last-modified: Thu, 14 Apr 2022 06:30:37 GMT
etag: "e6d6b255259ac878d00819a9555072ad"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: PZH8cHkflELFvoWAWDsIAZ.EvOoTJUd0
accept-ranges: bytes
server: AmazonS3
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 9427034
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zExBfvtL5GX9a6vrwSmHd46QZEqg9csD7BLH-hbMAoyE-6JwTSp80A==
X-Firefox-Spdy: h2

discord.com/webflow-scripts/bodyEnd.js

162.159.135.232

200 OK

46 kB

URL GET HTTP/3
discord.com/webflow-scripts/bodyEnd.js
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (11426)
Size
46 kB (45789 bytes)
Hash
cf1fcdb5511493e70497b458944e1358
16edf79361fb9f6232e78fe790e05afc8c0f22c3
565361427f87e795807c3fdcf5debe1dc807c6edbf5f5e57a10d9c9d593c9a1d

HTTP Headers

GET /webflow-scripts/bodyEnd.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Cookie: __cfruid=a1c51c3f4e7d2a40343890770a2e51a08592f313-1715103158; _cfuvid=B0y_vmOJ33swA0cqGdX9H7LYKiN4xIxYYziIwHJ9GF0-1715103158042-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:32:38 GMT
content-type: application/javascript
cf-ray: 8802f3528d3db523-OSL
cf-cache-status: HIT
access-control-allow-origin: https://discord.com
cache-control: public, max-age=30
etag: W/"cf1fcdb5511493e70497b458944e1358"
last-modified: Thu, 21 Mar 2024 18:09:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTpHgHYALafnD3hbBmj6X0u6U1tg6TYooue5Fm3qPIyaGqs%2BAjmb9Hp5oo5vduiscyiwlY2PJD9t9UjSpS%2Bn9aXxZIhWDItmvqLAT1TaONzrcVmQRUsLY6jnfH9u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

assets.website-files.com/6257adef93867e50d84d30e2/652736292cbf8363b43d077a_ggsans-Normal.woff2

143.204.55.62

200 OK

32 kB

URL GET HTTP/2
assets.website-files.com/6257adef93867e50d84d30e2/652736292cbf8363b43d077a_ggsans-Normal.woff2
IP
143.204.55.62:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 31736, version 1.0
Size
32 kB (31736 bytes)
Hash
ef78ef4e179e7e1766882d2f044cb39d
ff3734cda8426368beb9deee703344815817e987
88fba47546b0201525b02b5f65c8af1b09367d470fff48aca932e7b43e3fd67d

HTTP Headers

GET /6257adef93867e50d84d30e2/652736292cbf8363b43d077a_ggsans-Normal.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 31736
date: Tue, 16 Jan 2024 01:28:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 12 Oct 2023 00:03:17 GMT
etag: "ef78ef4e179e7e1766882d2f044cb39d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: agtU.RiHNiUEYCZ7XSMt8TbraKajaRFo
accept-ranges: bytes
server: AmazonS3
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
age: 9734625
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pUSRhpSdLIF6EKsb4ujXxE_YCgBrF56NX9v0_utcZdWlSuZb3nkOsA==
X-Firefox-Spdy: h2

assets.website-files.com/6257adef93867e50d84d30e2/652737c319ba7da75394c4cb_ggsans-Medium.woff2

143.204.55.62

200 OK

33 kB

URL GET HTTP/2
assets.website-files.com/6257adef93867e50d84d30e2/652737c319ba7da75394c4cb_ggsans-Medium.woff2
IP
143.204.55.62:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32592, version 1.0
Size
33 kB (32592 bytes)
Hash
6db712e9212169e71d90c9999b5d98f6
dac145a44f8530b801f8fa525742ebc93efce6ba
d68a183592ac8ad34c6a0649690b01946cfd17762dc317e0ca31791e707a2d84

HTTP Headers

GET /6257adef93867e50d84d30e2/652737c319ba7da75394c4cb_ggsans-Medium.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 32592
date: Tue, 16 Jan 2024 00:16:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 12 Oct 2023 00:03:17 GMT
etag: "6db712e9212169e71d90c9999b5d98f6"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: O.MN014CaJ7rpd0EYtYKL1gJt0CuPry8
accept-ranges: bytes
server: AmazonS3
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
age: 9738986
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aDZLQxLcDPtsMM0pO2lg9k1-Vg6VM0t-SdZwPI6S1c6seKTBfdgvRw==
X-Firefox-Spdy: h2

discord.com/assets/oneTrust/v4/scripttemplates/otSDKStub.js

162.159.135.232

403 Forbidden

36 kB

URL GET HTTP/3
discord.com/assets/oneTrust/v4/scripttemplates/otSDKStub.js
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (4536)
Size
36 kB (35478 bytes)
Hash
bad796babdb95c6874108f483a17b6a5
05c95792419169ea4fdf9096a5bb94942a20fb74
6e6a306479467fe00299e25da34e2cbde3431cd2079a8947be8739ceded61ff7

HTTP Headers

GET /assets/oneTrust/v4/scripttemplates/otSDKStub.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Cookie: __cfruid=a1c51c3f4e7d2a40343890770a2e51a08592f313-1715103158; _cfuvid=B0y_vmOJ33swA0cqGdX9H7LYKiN4xIxYYziIwHJ9GF0-1715103158042-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 403 Forbidden
date: Tue, 07 May 2024 17:32:38 GMT
content-type: text/html
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Tue, 07 May 2024 17:32:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bv4M%2F%2BjtZWsWoQyozh3qi4NmMsI0syEHewSQFZqYC6%2FpMpI0uNjd5YEXoXxYJsPzrH3%2F9c73pvrGj7WsKzpCc4AaicFCALKSRlP%2BdElprjB9jPxhJxYjQ0LfMzhy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8802f3528d46b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

assets-global.website-files.com/plugins/Basic/assets/placeholder.60f9b1840c.svg

143.204.55.47

403 Forbidden

63 kB

URL GET HTTP/2
assets-global.website-files.com/plugins/Basic/assets/placeholder.60f9b1840c.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
data
Size
63 kB (63011 bytes)
Hash
a683c3cc36b7b732cc5ea53dd46555b5
d7f933ca07149d11d08974437b3031e8ad632f9b
2febf17ec9aebf94d1bffb3ff63b7861ec20ce48c7bdfee0fb737e4f8b5dccf4

HTTP Headers

GET /plugins/Basic/assets/placeholder.60f9b1840c.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 403 Forbidden
content-type: application/xml
date: Tue, 07 May 2024 17:32:38 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y2RNVe7o_aE73z7Ub_-2J_1ejXZwI_0Uxtt63jgIdmcoEuV-NuFYgA==
X-Firefox-Spdy: h2

assets.website-files.com/6257adef93867e50d84d30e2/652737c319ba7da75394c4dc_ggsans-Semibold.woff2

143.204.55.62

200 OK

33 kB

URL GET HTTP/2
assets.website-files.com/6257adef93867e50d84d30e2/652737c319ba7da75394c4dc_ggsans-Semibold.woff2
IP
143.204.55.62:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32952, version 1.0
Size
33 kB (32952 bytes)
Hash
890a9ab504c3657183ff118b1aff212b
127609df5d04fc779da4a9e90d8d09bdbb390149
d472a71a0f92855881ce2c2334df77a333461f6936f1f0388f952fedb056fb3e

HTTP Headers

GET /6257adef93867e50d84d30e2/652737c319ba7da75394c4dc_ggsans-Semibold.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 32952
date: Sun, 07 Apr 2024 23:06:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 12 Oct 2023 00:03:17 GMT
etag: "890a9ab504c3657183ff118b1aff212b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: WIOu3nzmwbn9so0iCvFU.l8wZizfTi6I
accept-ranges: bytes
server: AmazonS3
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
age: 2571961
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qh8yx-iloh2LAegN23jAF-EtXoFYS8odoUKgXGPZiKjsdp0nn7lniQ==
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/6257d23c5fb25be7e0b6e220_Open%20Source%20Projects%20_%20Discord-7.svg

143.204.55.47

200 OK

3.2 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/6257d23c5fb25be7e0b6e220_Open%20Source%20Projects%20_%20Discord-7.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
3.2 kB (3151 bytes)
Hash
5db6f49f2465fd841c6c8170dd1f1c77
e664deabd1559c58cfce2872ff416859d9d04adf
dababb4ad9e4e38f4f962c986549f7eab882aae6bbcee437ef96e17cd16bdf1a

HTTP Headers

GET /6257adef93867e50d84d30e2/6257d23c5fb25be7e0b6e220_Open%20Source%20Projects%20_%20Discord-7.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Sun, 05 Nov 2023 12:52:27 GMT
last-modified: Thu, 14 Apr 2022 07:50:22 GMT
etag: W/"af172fc4474c781e2dd37c0bf905e86a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: L3xb6VYoQ.AotyKi_Z9N2_J5hV1m9MOY
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 15914412
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ct5qdUhhKMlDx4zDJ0it4IwlZEeuW8EoMs-c8qoj8HzEGuQcVO96ZQ==
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/644fab4db9ca0a124b73d4b7_c40c84ca18d84633a9d86b4046a91437.svg

143.204.55.47

200 OK

22 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/644fab4db9ca0a124b73d4b7_c40c84ca18d84633a9d86b4046a91437.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
22 kB (21748 bytes)
Hash
d876ea11c751fac76588bdbd21e7a66f
38df4974e27cc2a1bc298d1c2526117ddbf46fb2
29a6bb9fc6e210c8a80b810ca12288bcfe93d9aff1e580f6e91c189e01e53a61

HTTP Headers

GET /6257adef93867e50d84d30e2/644fab4db9ca0a124b73d4b7_c40c84ca18d84633a9d86b4046a91437.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/6257adef93867e50d84d30e2/css/discord-2022.a5cf695ac.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 25 Jan 2024 19:29:53 GMT
last-modified: Mon, 01 May 2023 12:06:39 GMT
etag: W/"c40c84ca18d84633a9d86b4046a91437"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: eVnh2jd6TOCLgbmA6vfynI_kV88A6GyZ
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 8892166
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: A-75iNZyQW55-XASzMN0S6HmxN_e9GdZcW-Lp52_S0OkQldUbFNi9A==
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-N7BVC2W&gtm_auth=GI0g9O-54_SitcgmxQKxlA&gtm_preview=env-2&gtm_cookies_win=x

142.250.74.168

200 OK

91 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-N7BVC2W&gtm_auth=GI0g9O-54_SitcgmxQKxlA&gtm_preview=env-2&gtm_cookies_win=x
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://8.210.125.140/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (2355)
Size
91 kB (91290 bytes)
Hash
ecf4fbcee2b752e4971d0ab2f6c7e2ab
9d29dbc99a93d47c475d322745dfce66bc6f483d
b41182884709aa004a0fa3222fe0c14d0a6811676b8b2fc2e3f054afb5060eff

HTTP Headers

GET /gtm.js?id=GTM-N7BVC2W&gtm_auth=GI0g9O-54_SitcgmxQKxlA&gtm_preview=env-2&gtm_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: *
date: Tue, 07 May 2024 17:32:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

discord.com/webflow-scripts/head.js

162.159.135.232

200 OK

3.0 kB

URL GET HTTP/2
discord.com/webflow-scripts/head.js
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8260)
Size
3.0 kB (3015 bytes)
Hash
5f85c48349fcc177a601c0d2910e2b5b
58804d25e4cb6bc4a77506c6d36db87788ff6966
dd53642818deded757546d764295563addb95b0713b4f2352e7209d9f72942e0

HTTP Headers

GET /webflow-scripts/head.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:32:38 GMT
content-type: application/javascript
cf-ray: 8802f3517dee712e-OSL
cf-cache-status: HIT
access-control-allow-origin: https://discord.com
cache-control: public, max-age=30
etag: W/"5f85c48349fcc177a601c0d2910e2b5b"
last-modified: Thu, 21 Mar 2024 18:09:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKv2OkeryLYa4UmfNQkQqX80xqvuQS%2FsDj86KtHg87arcgVnBxmqjGz%2Bg%2BDf7DQUDCcr6KkuNvMxr4TZXW%2FkGtwqIiwi5%2B6eoU%2FcjoXZgvEslUwq0y6S66UGsHIM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=a1c51c3f4e7d2a40343890770a2e51a08592f313-1715103158; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=B0y_vmOJ33swA0cqGdX9H7LYKiN4xIxYYziIwHJ9GF0-1715103158042-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/62fddf0fde45a8baedcc7ee5_847541504914fd33810e70a0ea73177e%20(2)-1.png

143.204.55.47

200 OK

557 B

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/62fddf0fde45a8baedcc7ee5_847541504914fd33810e70a0ea73177e%20(2)-1.png
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
557 B (557 bytes)
Hash
c309ae41848547064c2ddb7dc66b6215
6d9801822541e4be3ed25137c4e53a249c85ba2a
11848b5f1c8a7f294c6211c2f0d0dc83a8a28bfe1ef0829a8dacfdf475c5e5a2

HTTP Headers

GET /6257adef93867e50d84d30e2/62fddf0fde45a8baedcc7ee5_847541504914fd33810e70a0ea73177e%20(2)-1.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 557
date: Fri, 19 Jan 2024 14:49:50 GMT
last-modified: Thu, 18 Aug 2022 06:41:20 GMT
etag: "c309ae41848547064c2ddb7dc66b6215"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: n3jtG2p1G.rx09TUNkUzzkpqc1_KeQPx
accept-ranges: bytes
server: AmazonS3
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 9427370
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Xz23FOs6BgUKaB0_03b8QHnvJZ7-NmqQDU8dYMM7tCUtzyRDiHnI3Q==
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/6266bc493fb42d4e27bb8393_847541504914fd33810e70a0ea73177e.ico

143.204.55.47

200 OK

286 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/6266bc493fb42d4e27bb8393_847541504914fd33810e70a0ea73177e.ico
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
286 kB (285478 bytes)
Hash
847541504914fd33810e70a0ea73177e
84b82d07b293907113d9d4dafd29bfa170bbf9b6
0ff2884845f93cd730470ad755f5c38d334e6976ad59c8016b1353b8e30e64f8

HTTP Headers

GET /6257adef93867e50d84d30e2/6266bc493fb42d4e27bb8393_847541504914fd33810e70a0ea73177e.ico HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 285478
date: Tue, 03 Oct 2023 16:30:54 GMT
last-modified: Thu, 18 Aug 2022 06:39:10 GMT
etag: "847541504914fd33810e70a0ea73177e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: mW2.2AZmx60AbtKEbat_fy6.zokRl1ju
accept-ranges: bytes
server: AmazonS3
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 18752506
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ViAJ06w_W2bVdf-epi4nqVQGXyQqXJynzeSIulfyI1CWdVZZ8n0t8g==
X-Firefox-Spdy: h2

8.210.125.140/cdn-cgi/challenge-platform/h/b/jsd/r/8802f34e0daa0500

8.210.125.140

200 OK

0 B

URL POST HTTP/2
8.210.125.140/cdn-cgi/challenge-platform/h/b/jsd/r/8802f34e0daa0500
IP
8.210.125.140:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://8.210.125.140/
Certificate
IssuerLet's Encrypt
Subjectdiscord.objl.net
Fingerprint1F:B8:98:2A:A6:DB:17:4E:70:06:B7:E1:AF:4F:CD:96:80:53:5C:5B
ValidityTue, 07 May 2024 06:01:34 GMT - Mon, 05 Aug 2024 06:01:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Discord
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/8802f34e0daa0500 HTTP/1.1
Host: 8.210.125.140
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12155
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Cookie: __dcfduid=cc0b91c00c9711ef91ddc3c6d5a2ba9f; __sdcfduid=cc0b91c10c9711ef91ddc3c6d5a2ba9f1bdbfe1df93fecc93d1d0d10ed778ade172d9f68543c8be0d82e86b35a36c042; locale=en-US
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:32:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=JHpc8krpa2ddkVsN_fLeykgmYBtv2H3PdS9.Q4rltOE-1715103160-1.0.1.1-kFiL5Qu5oaP_dvSGEwe7RIJ37hIpTrWaxf.7tAhXCikwWx5vsuNi3FxeLwuPGtR53xjdHEqxFT7sVQ.0yWmWKQ; path=/; expires=Wed, 07-May-25 17:32:40 GMT; domain=.discord.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5q1w0StnFr%2FSo6320sTz9EwuSruYUXx322v3b5YQ6bD%2BMgnbn6Ws0Dtaw%2F94TtXWkwi4wRIm20pTWTOToh4wBjJ1zapW%2FE8OY69KOsP6EGWYyJQUxTdEjCOKveN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-ray: 8802f3636f1385fe-HKG
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/styles.js

8.210.125.140

200 OK

1.3 kB

URL GET HTTP/2
8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/styles.js
IP
8.210.125.140:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://8.210.125.140/
Certificate
IssuerLet's Encrypt
Subjectdiscord.objl.net
Fingerprint1F:B8:98:2A:A6:DB:17:4E:70:06:B7:E1:AF:4F:CD:96:80:53:5C:5B
ValidityTue, 07 May 2024 06:01:34 GMT - Mon, 05 Aug 2024 06:01:33 GMT

File type
ASCII text, with very long lines (998)
Size
1.3 kB (1292 bytes)
Hash
8118665f482e569895664807fa264a30
074fd5cf6227c92b1075e02c0865abb48dc07243
dc3dbb901bf0f7d425718edd58c7d8a9131d4dc9ee06405ae67cac96477bdff3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Discord
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/styles.js HTTP/1.1
Host: 8.210.125.140
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Cookie: __dcfduid=cc0b91c00c9711ef91ddc3c6d5a2ba9f; __sdcfduid=cc0b91c10c9711ef91ddc3c6d5a2ba9f1bdbfe1df93fecc93d1d0d10ed778ade172d9f68543c8be0d82e86b35a36c042; locale=en-US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:32:39 GMT
content-type: application/javascript
cf-ray: 8802f357ceaf8564-HKG
cf-cache-status: HIT
access-control-allow-origin: https://discord.com
cache-control: max-age=60
etag: W/"8118665f482e569895664807fa264a30"
last-modified: Tue, 16 Apr 2024 17:52:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
permissions-policy: interest-cohort=()
x-build-id: b960ac7f559c3a04d18e7cce9de42c4b94a33dd4
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdxtHZ3OQsl5qHOfIyaC0PDzoaVYFNtxfIZr1Nw2Dzw73LIlE2IHpVMSTD2TyBPAUh5wLy2nQ14fkrPiN12d9ajxJlIZ3PzSU7ZY5sTZVSvduokEIHIo%2BcuRi8mJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1fd08a37d693fa638fee40dd1eb5076608e9d2b2-1715103159; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=z1uYl36SupmxfD4ug.XRicWJz3XqVErGmN2yOI2_NWk-1715103159024-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
content-encoding: br
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 17:33:39 GMT
x-cache: EXPIRED
X-Firefox-Spdy: h2

discord.com/api/v9/experiments

162.159.135.232

200 OK

562 B

URL OPTIONS HTTP/3
discord.com/api/v9/experiments
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
data
Size
562 B (562 bytes)
Hash
b94976e5b45697c7f7c597189fe2a60c
95becbcd79a9a130be08e7ff47a70b35d9df7fa1
420d996195bbb7d30204226b3c2a5481734a6ea891960e7125d427f0eb36a851

HTTP Headers

OPTIONS /api/v9/experiments HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-track
Referer: https://8.210.125.140/
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 07 May 2024 17:32:41 GMT
content-type: text/html; charset=utf-8
allow: HEAD, GET, OPTIONS
access-control-allow-origin: https://8.210.125.140
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38w3NDUUccJxwb354vJgENIDPpsZu7l2HHHplTMc5pDCMkfIKeW7aGmP9V%2FzCs92voLpwHQGRhYpHouAWFxXWU0SkwVepcZ0GqVwlQTj7xbiZoEUBgr2RrXWO9yg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
set-cookie: __dcfduid=ce92b3420c9711ef8d75329b47e75fbf; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__sdcfduid=ce92b3420c9711ef8d75329b47e75fbf98d0aa0767af5dd4053043eabeb0c804e086607bea9581b1adc58a6158458836; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__cfruid=b431b30ba2dbf38f39a1ffab21e3d3507ca47400-1715103161; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=JRFyt1TWJxcoGlHw8q_KiDE2UqcrJli6QoUwXev0hHA-1715103161779-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8802f3682c96b523-OSL
content-encoding: br

global.localizecdn.com/localize.js

104.18.4.175

200 OK

28 kB

URL GET HTTP/2
global.localizecdn.com/localize.js
IP
104.18.4.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerLet's Encrypt
Subjectglobal.localizecdn.com
Fingerprint0E:E8:07:11:41:11:37:A7:94:9C:B4:AF:9A:F4:50:87:FA:14:B8:CA
ValidityFri, 15 Mar 2024 17:06:03 GMT - Thu, 13 Jun 2024 17:06:02 GMT

File type
JavaScript source, ASCII text, with very long lines (63151), with no line terminators
Size
28 kB (27897 bytes)
Hash
ba06239578773f2fe5bb64a045ce5500
1aa52661d072acaea06ac04e624dce61196fa1a0
f563bf268a89718a4ba182f5ab05d5913ccc772b3223083cd52c396c26ea1a4c

HTTP Headers

GET /localize.js HTTP/1.1
Host: global.localizecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 07 May 2024 17:32:38 GMT
content-type: application/javascript
age: 76837
cache-control: public, max-age=259200
cf-bgj: minify
etag: W/"ba06239578773f2fe5bb64a045ce5500"
last-modified: Mon, 29 Apr 2024 17:25:41 GMT
vary: Accept-Encoding
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-id: EblMMMrdt-bo_A0pRH5LVw_4jUDZgezK1npWAsuWcoFQoZB2GRac6Q==
x-amz-cf-pop: OSL50-P1
x-amz-meta-x-amz-meta-v: 484
x-amz-server-side-encryption: AES256
x-amz-version-id: MXlob10kQe2A6.qTfVxcmCk1QZ9lfkMC
x-cache: Hit from cloudfront
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8802f3516ddc712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

discord.com/api/v9/science

162.159.135.232

204 No Content

0 B

URL POST HTTP/3
discord.com/api/v9/science
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v9/science HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Track: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjM3NTAyLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ==
X-Fingerprint: 1237457093259300964.9_kO-Gl7yANg5TVvLOZeXQZy5EQ
Content-Length: 230
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 07 May 2024 17:32:42 GMT
access-control-allow-origin: https://8.210.125.140
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmMjNCfIApyu52P7Y8Pv5i7LzRByf%2Bbj3eDsD6RYCnCx3YOp90Md8NxVwqs0tTc9Y0VXtomWKWigJYIRNCIpqYkg%2FD5BO3M9aph1w%2BB5qVSQF8giGF3pu8CRnEA4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
set-cookie: __cfruid=c6621b7ec9e6979458ecbfb54079812d6e6e6eb9-1715103162; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=aoSHcaON0nEI_R.FVEPkTtKwGuYaeYyfITMmD6GmLS8-1715103162314-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8802f36b8c31b523-OSL

discord.com/api/v9/track/ott

162.159.135.232

204 No Content

0 B

URL POST HTTP/3
discord.com/api/v9/track/ott
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v9/track/ott HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Track: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjM3NTAyLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ==
X-Fingerprint: 1237457093259300964.9_kO-Gl7yANg5TVvLOZeXQZy5EQ
Content-Length: 18
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Tue, 07 May 2024 17:32:42 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://8.210.125.140
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mNygI%2B6g9eYqGvbql5YchQikAVZYOuyPe1COo7liOnBUOYvezymFrM5pm%2FPAfdhfbXEOshdEelSEueX0oehH3h2dZm9wC2X4YQFi27OlYtqYmKoXt4ERZTVRbA%2Fs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
set-cookie: __dcfduid=cee8f1b20c9711efb10c329b47e75fbf; Expires=Sun, 06-May-2029 17:32:42 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__sdcfduid=cee8f1b20c9711efb10c329b47e75fbfa75090ae9d73030d9b9141bb8010631c582c6cc57a482994c50803153535b13e; Expires=Sun, 06-May-2029 17:32:42 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__cfruid=c6621b7ec9e6979458ecbfb54079812d6e6e6eb9-1715103162; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=AHZUm8wPKhUsehNVTQVVC3ImZGkvOETTvjBfGJ4oA8A-1715103162341-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8802f36b8c26b523-OSL

8.210.125.140/w/loader/loader.js

8.210.125.140

200 OK

1.1 kB

URL GET HTTP/2
8.210.125.140/w/loader/loader.js
IP
8.210.125.140:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://8.210.125.140/
Certificate
IssuerLet's Encrypt
Subjectdiscord.objl.net
Fingerprint1F:B8:98:2A:A6:DB:17:4E:70:06:B7:E1:AF:4F:CD:96:80:53:5C:5B
ValidityTue, 07 May 2024 06:01:34 GMT - Mon, 05 Aug 2024 06:01:33 GMT

File type
JavaScript source, ASCII text, with very long lines (714)
Size
1.1 kB (1061 bytes)
Hash
7bfbf306372092ffb9a8f3701b9d885e
1a964fb16e4e607f3f6d59e2c4d7cf7e9ace60ec
af6a7f727c98753323bbe0462b2de440c86ec427698b5d185c6fd6bbfa8ab9de

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Discord
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /w/loader/loader.js HTTP/1.1
Host: 8.210.125.140
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Cookie: __dcfduid=cc0b91c00c9711ef91ddc3c6d5a2ba9f; __sdcfduid=cc0b91c10c9711ef91ddc3c6d5a2ba9f1bdbfe1df93fecc93d1d0d10ed778ade172d9f68543c8be0d82e86b35a36c042
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:32:38 GMT
content-type: application/javascript
cf-ray: 8802f353bd4d1fa6-HKG
cf-cache-status: HIT
cache-control: max-age=60
etag: W/"2b6567c4839ffce11de931762cdc87fe"
last-modified: Tue, 16 Apr 2024 17:52:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'nonce-MjM1LDIxOCw5NywyMDUsMjAxLDkwLDU1LDExNQ==' https://discord.com https://www.googletagmanager.com https://connect.facebook.net https://www.google-analytics.com https://ssl.google-analytics.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/ https://hcaptcha.com https://*.hcaptcha.com https://s.ytimg.com/yts/jsbin/ https://www.youtube.com/iframe_api https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hcaptcha.com https://hcaptcha.com; img-src 'self' https://www.google-analytics.com https://www.googletagmanager.com https://www.facebook.com https://cdn.discordapp.com https://hackerone-api.discord.workers.dev/user-avatars/ https://safety.discord.com https://discordmoderatoracademy.zendesk.com https://assets-global.website-files.com data:; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://discordapp.com https://discord.com https://connect.facebook.net https://api.greenhouse.io https://api.github.com https://sentry.io https://www.google-analytics.com https://hackerone-api.discord.workers.dev https://*.hcaptcha.com https://hcaptcha.com https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location ws://127.0.0.1:* http://127.0.0.1:*; media-src 'self' https://cdn.discordapp.com/assets/; frame-src https://discordapp.com/domain-migration https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/ https://*.hcaptcha.com https://hcaptcha.com https://www.youtube.com/embed/ https://hackerone.com/631fba12-9388-43c3-8b48-348f11a883c0/ https://10851314.fls.doubleclick.net/;
permissions-policy: interest-cohort=()
x-build-id: b960ac7f559c3a04d18e7cce9de42c4b94a33dd4
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xr5V5F%2FZ3ehr8QVBwWP4eKxKk62aSSh9H79pBVhhliWLgXJ7FLlZklUWYVWTlM%2FlzdKykYnnXdmhe9DbF2l4Q4OP8BMLY9RnctbREOfZGDaTTM3V24%2Fr1znic6d0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __cfruid=b10a93eb91cf4992b0646101d448f68b7a122e99-1715103158; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=TZsyVFLnYdzkYzEhA__1BukYKQWpmBu49kmGgiOwLMg-1715103158376-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
content-encoding: br
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 17:33:38 GMT
x-cache: MISS
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=vCENnHBsRDZwkN_st7iTw_N7BnuOCauxccQGA-JxTflcRFc-rxgc6oITL6uNpILk39rVXdIt-r9n1mBKi42kxpI4w7d-48Puk3r7b6H3pGtQo6GU26w3Rvl3Z43AclSJ
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 07 May 2024 17:31:09 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 101
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/6582c1b717efff2306ef179e_Where%20hanging%20out%20is%20easy.svg

143.204.55.47

200 OK

172 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/6582c1b717efff2306ef179e_Where%20hanging%20out%20is%20easy.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
172 kB (171453 bytes)
Hash
a22034070de371342ad1044d66386e10
0d559d7adf675cd33295d7d03361959bfaf3d73e
ec214111a51a29fd7df667ea1f9b6998e84621873672671d030e88dd92372d60

HTTP Headers

GET /6257adef93867e50d84d30e2/6582c1b717efff2306ef179e_Where%20hanging%20out%20is%20easy.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 18 Jan 2024 17:54:26 GMT
last-modified: Wed, 20 Dec 2023 10:28:08 GMT
etag: W/"a22034070de371342ad1044d66386e10"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: efh4guWbNZVkbXrUU6H8DcePzFm1l6cb
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 9502693
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZVe5Wqsv-wcRk3e6HT8hlz-WbVx-fujwSR8gRB-iZzgBruofNjv9ZQ==
X-Firefox-Spdy: h2

discord.com/api/v9/auth/location-metadata

162.159.135.232

200 OK

0 B

URL OPTIONS HTTP/3
discord.com/api/v9/auth/location-metadata
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v9/auth/location-metadata HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-track
Referer: https://8.210.125.140/
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:32:41 GMT
content-type: text/html; charset=utf-8
allow: OPTIONS, HEAD, GET
access-control-allow-origin: https://8.210.125.140
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uaPb7x3Adqj6WQrUJ8BqWlGKACEusakbNMJKaI33V0udSxxdQwI7ATlpw7BHWlLAtNkkt%2Ff1s%2FYzadvmhVSaxfjnJUvGlKsWdqwe160wir2BLGt%2BRjSYk10CF97K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
set-cookie: __dcfduid=ce940abc0c9711ef83d2d2ed778b19cd; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__sdcfduid=ce940abc0c9711ef83d2d2ed778b19cd470289d884ef8c3e96668d76ffd440196500b52c97cda3419e1f2be3571a5a2a; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__cfruid=b431b30ba2dbf38f39a1ffab21e3d3507ca47400-1715103161; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=P3.pb_MO2cqGM_tgi9FRFbZ1zI7VoXxN5kTYged09tE-1715103161780-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8802f3683cc2b523-OSL
content-encoding: br

discord.com/api/v9/auth/location-metadata

162.159.135.232

200 OK

111 B

URL GET HTTP/3
discord.com/api/v9/auth/location-metadata
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
e2dacdafd177c98000ab1f0c55d89344
a854048bd6609dda2506ff8593cb83b01143bbb1
a0aa60af8b7b82512f58b649f36b84e820b89f5e61f2b8f3e650830730d85577

HTTP Headers

GET /api/v9/auth/location-metadata HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Track: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjM3NTAyLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ==
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:32:41 GMT
content-type: application/json
access-control-allow-origin: https://8.210.125.140
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q1XqCEbr8p%2BPn8ACOcfDT4n9asMjw0ezd%2FgicO%2BO%2BwAz396F71mjHEiyAYmfSmHa2adqdK%2FvfCIP8hNB114eNUHpWTt9rSlWMxoe7QGV3F0zv%2F4Eqs6tE1NhOENc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
set-cookie: __dcfduid=ceb01b1c0c9711efbc6592f8891a5455; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__sdcfduid=ceb01b1c0c9711efbc6592f8891a5455267dbe1f9e0aeb822a113de6f83c68ef33d1f7f263102c0d77b272b8446e09b8; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__cfruid=b431b30ba2dbf38f39a1ffab21e3d3507ca47400-1715103161; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=KDsKEAZwRsUwAydldODsuBaK5LmuesA9IrN2GwHTZ3I-1715103161962-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8802f3692ee3b523-OSL
content-encoding: br

assets-global.website-files.com/6257adef93867e50d84d30e2/644fab4da9dbd93a7dfae97b_e6d57714479874c665b36c7adee76b1d.svg

143.204.55.47

200 OK

13 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/644fab4da9dbd93a7dfae97b_e6d57714479874c665b36c7adee76b1d.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
13 kB (12871 bytes)
Hash
e6d57714479874c665b36c7adee76b1d
7d548455122292f8272c5672303fc786d2d3000f
8a22b3884eb5d0750875b97c8192cba5465ec2c8a438c92378a9650804607c76

HTTP Headers

GET /6257adef93867e50d84d30e2/644fab4da9dbd93a7dfae97b_e6d57714479874c665b36c7adee76b1d.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/6257adef93867e50d84d30e2/css/discord-2022.a5cf695ac.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 13 Feb 2024 07:55:07 GMT
last-modified: Mon, 01 May 2023 12:06:39 GMT
etag: W/"e6d57714479874c665b36c7adee76b1d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 4azmGLkHqXDQcQhsKUX3YgfaRjryrV9s
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 7292252
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DJ-6JUz9NtC0-6Zz0QIR3ltu85UaWQHj6f7K4_-pqLRPD_XvXSJdZA==
X-Firefox-Spdy: h2

8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/index-react.js

8.210.125.140

200 OK

6.6 MB

URL GET HTTP/2
8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/index-react.js
IP
8.210.125.140:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://8.210.125.140/
Certificate
IssuerLet's Encrypt
Subjectdiscord.objl.net
Fingerprint1F:B8:98:2A:A6:DB:17:4E:70:06:B7:E1:AF:4F:CD:96:80:53:5C:5B
ValidityTue, 07 May 2024 06:01:34 GMT - Mon, 05 Aug 2024 06:01:33 GMT

File type

Size
6.6 MB (6590513 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Discord
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/index-react.js HTTP/1.1
Host: 8.210.125.140
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Cookie: __dcfduid=cc0b91c00c9711ef91ddc3c6d5a2ba9f; __sdcfduid=cc0b91c10c9711ef91ddc3c6d5a2ba9f1bdbfe1df93fecc93d1d0d10ed778ade172d9f68543c8be0d82e86b35a36c042; locale=en-US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:32:39 GMT
content-type: application/javascript
cf-ray: 8802f357c813238c-HKG
cf-cache-status: HIT
access-control-allow-origin: https://discord.com
cache-control: max-age=60
etag: W/"1e15f3981cb1741b8654b8621a0d3e17"
last-modified: Tue, 16 Apr 2024 17:52:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
permissions-policy: interest-cohort=()
x-build-id: b960ac7f559c3a04d18e7cce9de42c4b94a33dd4
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9sC9XygGxa3%2FPF1s%2FrnUvDAN6zc3GtECuXhlX%2BpvuI4ZffWqlaTvsIBucp%2F%2F81H%2B0WG5NJxwOgntLLXQHaZ7slVA6aqDkFGzCLRzxCO9bRVKhH8q%2FJC%2FsLJW%2F6%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1fd08a37d693fa638fee40dd1eb5076608e9d2b2-1715103159; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=hPgca_s_J.rHg6RTzhp469eLuFaKOPlYou5vlPt0zpc-1715103159174-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
content-encoding: br
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 17:33:39 GMT
x-cache: EXPIRED
X-Firefox-Spdy: h2

assets.website-files.com/6257adef93867e50d84d30e2/652737c30510e4ad4333a424_ggsans-Bold.woff2

143.204.55.62

200 OK

32 kB

URL GET HTTP/2
assets.website-files.com/6257adef93867e50d84d30e2/652737c30510e4ad4333a424_ggsans-Bold.woff2
IP
143.204.55.62:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32540, version 1.0
Size
32 kB (32540 bytes)
Hash
db6b320298071092b190ca887d06e95c
8016461ca1131ea676cff368c4405d79f52c7867
9f97ff47d66b2f3cdd1aa40988382749ef90ac9051d1a548b12a1260d10c1e6e

HTTP Headers

GET /6257adef93867e50d84d30e2/652737c30510e4ad4333a424_ggsans-Bold.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 32540
date: Tue, 16 Jan 2024 00:44:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 12 Oct 2023 00:03:16 GMT
etag: "db6b320298071092b190ca887d06e95c"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: ZA.NEdTV8MFcZm5wwoKrA5eTikBcQl_s
accept-ranges: bytes
server: AmazonS3
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
age: 9737271
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t11iOtwKzQ0x90-k-WPQjXc1h7SiNk508JuNTLSQm0RmU35DWVMgNg==
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/644fab4df2dc8d7a9a081ebd_8a8375ab7908384e1fd6efe408284203.svg

143.204.55.47

200 OK

62 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/644fab4df2dc8d7a9a081ebd_8a8375ab7908384e1fd6efe408284203.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
62 kB (61585 bytes)
Hash
8a8375ab7908384e1fd6efe408284203
c860bf9ebb02c0110e452b0d27b21d50083dd165
0863f0e2352e91b8f69c16eb1896aa0cc802ad66efca43f07ad6810da239025a

HTTP Headers

GET /6257adef93867e50d84d30e2/644fab4df2dc8d7a9a081ebd_8a8375ab7908384e1fd6efe408284203.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/6257adef93867e50d84d30e2/css/discord-2022.a5cf695ac.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 25 Jan 2024 19:29:53 GMT
last-modified: Mon, 01 May 2023 12:06:39 GMT
etag: W/"8a8375ab7908384e1fd6efe408284203"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: YNA2LFAIbq2g4FOlDDqfRHFxqlA2SfR_
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 8892166
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MuS-uAjBfJyKV6vdPQ66fme_KzBr4fAm9p5isOcY_pRT8Tin-I_1dg==
X-Firefox-Spdy: h2

discord.com/api/v9/users/@me?with_analytics_token=true

162.159.135.232

401 Unauthorized

43 B

URL GET HTTP/3
discord.com/api/v9/users/@me?with_analytics_token=true
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
43 B (43 bytes)
Hash
32d9dbe4d2ebf84acade19f4fe050bbb
bc1a4a51eb362df195e0fba685b44fed06367b74
426ed5bca92b7b4e94553b2c90bf094178c78bcad1f36e7b8a8db5527ef3a7a0

HTTP Headers

GET /api/v9/users/@me?with_analytics_token=true HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Track: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjM3NTAyLCJjbGllbnRfZXZlbnRfc291cmNlIjpudWxsfQ==
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 401 Unauthorized
date: Tue, 07 May 2024 17:32:41 GMT
content-type: application/json
content-length: 43
access-control-allow-origin: https://8.210.125.140
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1MV3v%2Fk89YjZJPfnvUKTS0POcR22QEofsQ71pNlrZ8bNyZjQmRZlaACknNqXOU%2BiX7f7ydr9Lg8ZFfOnkAj7ZRo%2FYcQV4xWFgx6zsFUw6RNqsi0VXgVWwSJ60Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
set-cookie: __dcfduid=ceab51040c9711ef9291329b47e75fbf; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__sdcfduid=ceab51040c9711ef9291329b47e75fbffc69e49aca44b767ee54b36da3fd661dc8958188727f0fbdc3d33cafdca66d56; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__cfruid=b431b30ba2dbf38f39a1ffab21e3d3507ca47400-1715103161; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=8ejr4ZU9tfV2msSFudFqB7SZDIKN8b2n3Dq4WgIXp2Y-1715103161944-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8802f3692eb8b523-OSL

assets.website-files.com/6257adef93867e50d84d30e2/65273da62cbf8363b445b021_abcgintonord-800-extrabold.woff2

143.204.55.62

200 OK

42 kB

URL GET HTTP/2
assets.website-files.com/6257adef93867e50d84d30e2/65273da62cbf8363b445b021_abcgintonord-800-extrabold.woff2
IP
143.204.55.62:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 41872, version 1.6553
Size
42 kB (41872 bytes)
Hash
3d07f5abf272fbb5670d02ed687453d0
5ba49c861917331a4d29d2a81ed4f93e94f62212
3afc8b61c01534f04c628962b34e53104e0487b010f197a54d2e9ce357bf9733

HTTP Headers

GET /6257adef93867e50d84d30e2/65273da62cbf8363b445b021_abcgintonord-800-extrabold.woff2 HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 41872
date: Tue, 16 Jan 2024 00:16:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 12 Oct 2023 00:28:23 GMT
etag: "3d07f5abf272fbb5670d02ed687453d0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Ntbz1viACAtTV6OeKRAGMck.yUrF3AVv
accept-ranges: bytes
server: AmazonS3
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
age: 9738986
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dTBlQLrP5EL7EMOxC7sbtR_i0Z66Dh_6QZoXQiydU54XDNI50umxMw==
X-Firefox-Spdy: h2

8.210.125.140/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

8.210.125.140

200 OK

7.9 kB

URL GET HTTP/2
8.210.125.140/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
IP
8.210.125.140:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://8.210.125.140/
Certificate
IssuerLet's Encrypt
Subjectdiscord.objl.net
Fingerprint1F:B8:98:2A:A6:DB:17:4E:70:06:B7:E1:AF:4F:CD:96:80:53:5C:5B
ValidityTue, 07 May 2024 06:01:34 GMT - Mon, 05 Aug 2024 06:01:33 GMT

File type
JavaScript source, ASCII text, with very long lines (7860), with no line terminators
Size
7.9 kB (7860 bytes)
Hash
ed3e93a6435a9e8ff12647c0fd94ee07
b129154b700d5eb241dc18479dd3ecb3bd5fb6f2
3a2d6593b9913d10252b3230cf93c38571a6e05511ed5aba8ea4c2dae6ed691d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Discord
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: 8.210.125.140
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __dcfduid=cc0b91c00c9711ef91ddc3c6d5a2ba9f; __sdcfduid=cc0b91c10c9711ef91ddc3c6d5a2ba9f1bdbfe1df93fecc93d1d0d10ed778ade172d9f68543c8be0d82e86b35a36c042; locale=en-US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:32:39 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=60
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22Z0xX8KIKbbqwXLWeKQOamEScvZuIBIpARuYVW6UNrWHnxV2Ff5I1foM6r9oT2qzQkr37T%2FgdTL2TKcFMS5a7%2FArLQFJOUFU8UxJqqBJuv%2FhFOQ1rCc7YwuXn%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 8802f35ab9dd8554-HKG
content-encoding: br
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 17:33:39 GMT
x-cache: EXPIRED
X-Firefox-Spdy: h2

8.210.125.140/cdn-cgi/challenge-platform/scripts/jsd/main.js

8.210.125.140

302 Found

7.9 kB

URL GET HTTP/2
8.210.125.140/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
8.210.125.140:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://8.210.125.140/
Certificate
IssuerLet's Encrypt
Subjectdiscord.objl.net
Fingerprint1F:B8:98:2A:A6:DB:17:4E:70:06:B7:E1:AF:4F:CD:96:80:53:5C:5B
ValidityTue, 07 May 2024 06:01:34 GMT - Mon, 05 Aug 2024 06:01:33 GMT

File type

Size
7.9 kB (7860 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Discord
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: 8.210.125.140
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __dcfduid=cc0b91c00c9711ef91ddc3c6d5a2ba9f; __sdcfduid=cc0b91c10c9711ef91ddc3c6d5a2ba9f1bdbfe1df93fecc93d1d0d10ed778ade172d9f68543c8be0d82e86b35a36c042; locale=en-US
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 07 May 2024 17:32:39 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
cache-control: max-age=60
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ItfAiCp8TIsZydEEKBGv5pCW%2FFMWbQ583dyfi%2BHrmou5TEIHj4wCFzCZ6NP8C06QLouoz3HuDTTCDJcGkTyhfM0aKrJXCrgewK2bQFwG6efaYM006z6g%2FKRN6jlp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-ray: 8802f35868f0853c-HKG
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 17:33:39 GMT
x-cache: EXPIRED
X-Firefox-Spdy: h2

assets.website-files.com/6257adef93867e50d84d30e2/65274471f1a58fe9565b9ca9_60ae8e384c11e54fd6986f3b_ABCGintoNormal-Bold.woff

143.204.55.62

200 OK

63 kB

URL GET HTTP/2
assets.website-files.com/6257adef93867e50d84d30e2/65274471f1a58fe9565b9ca9_60ae8e384c11e54fd6986f3b_ABCGintoNormal-Bold.woff
IP
143.204.55.62:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 62768, version 0.0
Size
63 kB (62768 bytes)
Hash
746a4f241e03deffc59b08c5650cf458
16569eaca9910e7538f31bc3c1460c2761eb5ca3
12954218db16e3a3c86a6ee84e41be8bb35cee983ffd5233b37c7e094f9dcf11

HTTP Headers

GET /6257adef93867e50d84d30e2/65274471f1a58fe9565b9ca9_60ae8e384c11e54fd6986f3b_ABCGintoNormal-Bold.woff HTTP/1.1
Host: assets.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 62768
date: Thu, 30 Nov 2023 20:07:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Thu, 12 Oct 2023 00:57:22 GMT
etag: "746a4f241e03deffc59b08c5650cf458"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: jA5XmHZ6LxEy4IR9.UBRjDzTvaXkKSaO
accept-ranges: bytes
server: AmazonS3
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
age: 13728314
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9dgjwlHpWyaJzre9CETJVUoH6ajKo5aIB0kMJpikexRB8Cl5hcKt-Q==
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/6582c18a9cff186bd3731704_Create%20an%20invite-only%20place%20where%20you%20belong.svg

143.204.55.47

200 OK

135 kB

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/6582c18a9cff186bd3731704_Create%20an%20invite-only%20place%20where%20you%20belong.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
135 kB (135153 bytes)
Hash
6663c28b499d1b41349dd9ece236019d
255c673856a356b69a5fb350be10d820060e1daa
2ece3e7e6e793db094c668291381d080f313a263c7cd6a548511f6b75a57f1e5

HTTP Headers

GET /6257adef93867e50d84d30e2/6582c18a9cff186bd3731704_Create%20an%20invite-only%20place%20where%20you%20belong.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 25 Jan 2024 19:29:45 GMT
last-modified: Wed, 20 Dec 2023 10:27:23 GMT
etag: W/"6663c28b499d1b41349dd9ece236019d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 0Qdvngn3KrPl.t2A3gTQcgVBYrxsy1wD
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 8892174
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xtBkCkxYvHmXZ0ZReU2aBzb4NCno_LnuibZN0fgfRp_dmeHjWCVnoA==
X-Firefox-Spdy: h2

8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/styles.css

8.210.125.140

200 OK

151 kB

URL GET HTTP/2
8.210.125.140/w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/styles.css
IP
8.210.125.140:443
ASN
#45102 Alibaba US Technology Co., Ltd.

Requested by
https://8.210.125.140/
Certificate
IssuerLet's Encrypt
Subjectdiscord.objl.net
Fingerprint1F:B8:98:2A:A6:DB:17:4E:70:06:B7:E1:AF:4F:CD:96:80:53:5C:5B
ValidityTue, 07 May 2024 06:01:34 GMT - Mon, 05 Aug 2024 06:01:33 GMT

File type

Size
151 kB (150777 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Discord
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /w/assets/b960ac7f559c3a04d18e7cce9de42c4b94a33dd4/styles.css HTTP/1.1
Host: 8.210.125.140
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Cookie: __dcfduid=cc0b91c00c9711ef91ddc3c6d5a2ba9f; __sdcfduid=cc0b91c10c9711ef91ddc3c6d5a2ba9f1bdbfe1df93fecc93d1d0d10ed778ade172d9f68543c8be0d82e86b35a36c042; locale=en-US
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 17:32:39 GMT
content-type: text/css
cf-ray: 8802f357bdec5096-HKG
cf-cache-status: HIT
access-control-allow-origin: https://discord.com
cache-control: max-age=60
etag: W/"37c018fd94824ad0fb006a69b8441796"
last-modified: Tue, 16 Apr 2024 17:52:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
permissions-policy: interest-cohort=()
x-build-id: b960ac7f559c3a04d18e7cce9de42c4b94a33dd4
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTo8osht%2F9KlmSiYQAgZhKSIJvCt6RZI3qLQuJLsAaTcX8EMjgcQZyAU1eu1S%2F5Z4EIRjjpJcQ39%2Fr0Fvj2QLxi7Qb7MYAsxTr2R3Uk%2BQvNye6qk7XG4PGZBbl8e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=1fd08a37d693fa638fee40dd1eb5076608e9d2b2-1715103159; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=OzAi4bnTB0VNRv33wWVkK7M59HlC736eKJ5LDdKq6YY-1715103159023-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
content-encoding: br
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 May 2024 17:33:39 GMT
x-cache: EXPIRED
X-Firefox-Spdy: h2

www.youtube.com/iframe_api

216.58.207.206

200 OK

1.1 kB

URL GET HTTP/2
www.youtube.com/iframe_api
IP
216.58.207.206:443
ASN
#15169 GOOGLE

Requested by
https://8.210.125.140/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint7C:B7:E1:97:03:6E:82:B6:52:F8:EC:C6:C6:50:D9:DD:80:47:E6:A0
ValidityTue, 16 Apr 2024 03:18:53 GMT - Tue, 09 Jul 2024 03:18:52 GMT

File type
JavaScript source, ASCII text, with very long lines (1087), with no line terminators
Size
1.1 kB (1055 bytes)
Hash
08c1cc0abcd9fb73c38ed50f0c1def83
607bb6fdedadf904a38dcb5e0683bb93a62a1e6b
3c6ddbdb3b2eea5cfbc16a5a6b3192e9f33ca1e4fe6ebf0b628516b572d28a8e

HTTP Headers

GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 07 May 2024 17:32:42 GMT
date: Tue, 07 May 2024 17:32:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=8KfcOIxJ9Zk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Uqt8Ex6udTg; Domain=.youtube.com; Expires=Sun, 03-Nov-2024 17:32:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIFI%3D; Domain=.youtube.com; Expires=Sun, 03-Nov-2024 17:32:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

discord.com/webflow-scripts/landing.js

162.159.135.232

200 OK

1.7 kB

URL GET HTTP/3
discord.com/webflow-scripts/landing.js
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1798), with no line terminators
Size
1.7 kB (1712 bytes)
Hash
7f4ec64bf2a7aa3380131153447754c5
cc1d42bde351e8480f8a7aa33ce71212e75ede96
620f2e8df770c6e9f4f26c3c5421e35d546dd1c551872add95fe0492b677c0c3

HTTP Headers

GET /webflow-scripts/landing.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://8.210.125.140/
Cookie: __cfruid=a1c51c3f4e7d2a40343890770a2e51a08592f313-1715103158; _cfuvid=B0y_vmOJ33swA0cqGdX9H7LYKiN4xIxYYziIwHJ9GF0-1715103158042-0.0.1.1-604800000
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:32:38 GMT
content-type: application/javascript
cf-ray: 8802f3528d4fb523-OSL
cf-cache-status: HIT
access-control-allow-origin: https://discord.com
cache-control: public, max-age=30
etag: W/"6873ba0d8e966bfe2f6428009c1f4255"
last-modified: Thu, 21 Mar 2024 18:09:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UIx944Sda8Pzz8ShzD1Cvl%2Be2DVKX0Sm9nFTCDtNX9OBSXWioQK11nSgYX1vgrzCt9GzKAccW1bMtXEk%2BA1r94dgLNwt4u4R%2FymMuw4YUDJ6L4fbnVbfdh6g5ChH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400

assets-global.website-files.com/6257adef93867e50d84d30e2/6582b262413a0600bad70006_download.svg

143.204.55.47

200 OK

814 B

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/6582b262413a0600bad70006_download.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
814 B (814 bytes)
Hash
ebd21d6d09a2796b5c6dffb3b8b7f79c
3e8109624f0271e4732004e8b2a00eef303aa245
5c7c360e2666ed30843681651954e2da84662e4be3ac7f5e51808f3480fc6cb7

HTTP Headers

GET /6257adef93867e50d84d30e2/6582b262413a0600bad70006_download.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/6257adef93867e50d84d30e2/css/discord-2022.a5cf695ac.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 814
date: Wed, 24 Jan 2024 06:03:22 GMT
last-modified: Wed, 20 Dec 2023 09:22:43 GMT
etag: "8b196637ae590a18d9cf2f5bb692ae73"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Qzr6LIeIFRKthbSvTy9usKiqu1qEgDXI
accept-ranges: bytes
server: AmazonS3
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 9026957
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qmr7BkJQjN4Nyn03HaWyZE6ZpJFENHdboVFrXZvSJYispk_ssJgnTw==
X-Firefox-Spdy: h2

assets-global.website-files.com/6257adef93867e50d84d30e2/632d9b371770507a4c801977_Icon%20-%20Download.svg

143.204.55.47

200 OK

399 B

URL GET HTTP/2
assets-global.website-files.com/6257adef93867e50d84d30e2/632d9b371770507a4c801977_Icon%20-%20Download.svg
IP
143.204.55.47:443
ASN
#16509 AMAZON-02

Requested by
https://8.210.125.140/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
399 B (399 bytes)
Hash
39c86078dc5b3a2d37e0a3777c21aeef
c45eb802f8bb2b5ae07f508323b8ec2bd1a91d5d
4416a963bcc2286544e63929f393a57036d4778ef02f2ec4e7e2b903e431be9d

HTTP Headers

GET /6257adef93867e50d84d30e2/632d9b371770507a4c801977_Icon%20-%20Download.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/6257adef93867e50d84d30e2/css/discord-2022.a5cf695ac.min.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 399
date: Tue, 26 Mar 2024 16:33:37 GMT
last-modified: Fri, 23 Sep 2022 11:40:41 GMT
etag: "a5b531f679e3aaeeef5195f1c653ff0b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: MUirW0ivsS_DC1LoG2DsWiw0x633eOnt
accept-ranges: bytes
server: AmazonS3
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
age: 3632342
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LTCOtB4WZO08pwjYtuWDHpfXjiic7LcNYdvx3gNamfAd3KXEak_g_w==
X-Firefox-Spdy: h2

discord.com/api/v9/users/@me?with_analytics_token=true

162.159.135.232

200 OK

0 B

URL OPTIONS HTTP/3
discord.com/api/v9/users/@me?with_analytics_token=true
IP
162.159.135.232:443
ASN
#13335 CLOUDFLARENET

Requested by
https://8.210.125.140/
Certificate
IssuerCloudflare, Inc.
Subjectdiscord.com
FingerprintA8:AB:66:57:DC:35:70:C3:39:4A:3E:36:5C:AB:B3:0C:B1:E0:61:D3
ValidityFri, 20 Oct 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /api/v9/users/@me?with_analytics_token=true HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-track
Referer: https://8.210.125.140/
Origin: https://8.210.125.140
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 07 May 2024 17:32:41 GMT
content-type: text/html; charset=utf-8
allow: HEAD, PATCH, OPTIONS, GET
access-control-allow-origin: https://8.210.125.140
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=win4hvzamwf3XDm7CiL%2B8Z%2Fi1kXtC9gOz3a3T9z%2BjcAsIqIfxh0hJcrEH6k9byMjwhtQItrRJW1YSNLNcuDR%2FmFQkYkEoR4UJlW6BWELiXpEmRG7ZbJ%2Fz05QjnfP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'; default-src 'none'
set-cookie: __dcfduid=ce93a45a0c9711ef9bdac6d85597c2bb; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__sdcfduid=ce93a45a0c9711ef9bdac6d85597c2bb2c3385144a53da99b81c45382512826927cd3a04b7549bbdeeb81adf0acd4b2e; Expires=Sun, 06-May-2029 17:32:41 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax
__cfruid=b431b30ba2dbf38f39a1ffab21e3d3507ca47400-1715103161; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
_cfuvid=Vo5imVKMvYHj8aB0GvfzX.STiTVC5H5Y94nTLrvj6vY-1715103161775-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8802f3683cc6b523-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML