| login.restore-cord-bot.online/assets/43870.0bfb9a80f88725fba82a.js | 104.21.56.114 | 200 OK | 4.4 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/43870.0bfb9a80f88725fba82a.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (12536) Hash4a5dbaaa2de36a47b31cfed187c7010d 2dc2fe96364b7908203d990daadb8a927b3ad490 fbcde0bc982ed39ff1a8f01ed530ec98f3dc846c75b6323dcae398779766af74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/43870.0bfb9a80f88725fba82a.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"312f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TA9NB2iYte9316Vu%2F54qi3UgZKyuFAA5p726EMTrp%2FxReDizPIGTFop9HuQthF2Vxtganp%2F2k33%2FVe5gjFOF%2BVtECtT2SpTjY%2BQHAR6wHNO8JgPIi%2BwULuqEcQN1q%2BuG1ois68xJ4hdN5WftBSRY%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c0c39b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/47146.d5c177e816a2cf054d31.js | 104.21.56.114 | 200 OK | 13 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/47146.d5c177e816a2cf054d31.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (43856) Hash2dd911fe6af5b351702811c2d2dbdb35 6d22418ce848dafc32e9e0f8224fc6ce13a8efaf 40e9ecd17a864fde103d7ac450a265ed91814c0dbf4ab22f26df913e1f724969
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47146.d5c177e816a2cf054d31.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"ab87-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y00z489V02wfDdE1TpU6no8i4GNknssXK%2Be%2F7SvgJQthx%2B%2Flrnpl4u2lT8DOvY5rFW3fR9XD65bCA%2FMqmO0JCxSMy44t2GxRxxfneVz5HQH4BDQDZMlrKDnXkHzz7EENuC2lbWPWUdF3CddY%2FVgVJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c55b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/47387.b94323b63bcf5c32ba76.js | 104.21.56.114 | 200 OK | 29 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/47387.b94323b63bcf5c32ba76.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb235b236312169e0db519e60c0d7eea1 6d34c175ce387b8bd435ce463d44706f08e9137d 03c0d5a0ff0b821c4ceff908a8fd7e62ea9b881711023244449f71455215d00e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47387.b94323b63bcf5c32ba76.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"13927-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bguE5RhSAlFeSsV71vxJsW5stNFSUoZz3AqDQMw7mw2K8dNDT%2BTh6c4ukz%2BfVAgopaJyBRG%2FGFe%2Fbv3hhbZwdhekwJq9ahamey4oGLAEH8snyOkMgsfugl2HdNYFH%2B68OiyjnaKPyTGMpDmWWt9Kxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c0c2fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/48590.9d5fbcc5aac137b478e1.js | 104.21.56.114 | 200 OK | 18 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/48590.9d5fbcc5aac137b478e1.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (38172) Hash43c0247c5fd0d2aca49282b1f2e8b884 9c3d283f016f69a880edb60ebc384c9f39002a56 998a4388e4821fd233dad8d1faf2700c0c47741c4843925dd9252b1bd3dc0c50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/48590.9d5fbcc5aac137b478e1.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"9553-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaAUaX3hdm9q3%2FsBzWMP1mOJTS%2BFJk%2BkynXdeVUhLCXHie%2BvoMM6Fjv2VJkUu5nF11EFn7Li%2FNX%2Fp956LiJtizOS5RqhFhFxROnh30Y43suaI6Y%2BaL9EhOCxvrcNEshllyyBqc%2FGK1J%2BDX967hKQ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c3db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/41831.ad048c0163425aea4d2e.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/41831.ad048c0163425aea4d2e.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (15734) Hashaa0f56ed2b08f1029037fc3d27925069 87365d2e6e51333ebd33cdc51cad33fa7aa5fc44 84267bc281052f153133ac0dacddd98dfbf3edaa99aa2b60f0ed645e90d1c0d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/41831.ad048c0163425aea4d2e.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3dad-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J61g5dwwQHjXIU7h%2Fky8q8QwlmpzVpLe2LqCi3KE%2BnRK%2Fo6d7c%2FTT6Wbli2yKRwxgqjzbngmnw%2FG5RJKnSE3whTg%2FN3hsq46dTMgTC2wE8WA1p5ht2ltKkLXTOzeu6Qq%2F1SiCjJpFCxcLHTLb2kU8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c0c36b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/18407.d0257553d76c1da19de7.js | 104.21.56.114 | 200 OK | 20 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/18407.d0257553d76c1da19de7.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (62630) Hashc6070a74fc7828610536a88f4ef0ac00 58ff20e6b81343ce9fb04c9a3b98e96eeaced06b 5a52fadd5efd62ecee80f803d600055810fb7765497d80e95e8f61aa27286cc5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/18407.d0257553d76c1da19de7.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"f4dd-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iiUWjD%2FEPvQQ2MfDEAEm2ynKIpXEhepB349CmKkHPOxR3ZRDzOww%2BFwir3Q5qyC4ZAC3c3uGKVPBFr%2FZ9uzVwrLOPRSPqZ5HZ%2BKyn2nKIsPxWvmsjYA9Jc4sNAbeAlUJZlxzZg0Sv0PGxYIaqAf9TA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c42b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/30982.a6d605c291ff090be83b.js | 104.21.56.114 | 200 OK | 12 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/30982.a6d605c291ff090be83b.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (11446) Hashd06e1097bc0b493b61ec8ccb6a3c1338 d69f77887e7611c330cff1fa7aaea9dafbc57ed5 1587658b44a41e7384ad7bd8d2e747e98ff01403347075b0205c68463b87dac8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/30982.a6d605c291ff090be83b.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2ced-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpUjQhMZ62LMhH23AiCvo8BGmxGnntjaxHhnZSKc7yUgmgzy3kceXBJ0v5ih8vrRhtoguHKABF9YvU1KYNjx%2B0iZ8qPtuwoIvuNiUrG3a5COcJ83nVH8gJnpz5LdgJg96lFm1exllN%2F9T%2FJtHF3B8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c0c32b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/75676.8481ee3ef6c0d7c670c6.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/75676.8481ee3ef6c0d7c670c6.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (13527) Hash502ff8e5505ed7ca0324277b0bc89a44 d72fbdd0644c128b92e705195be59364fe41d03a da6f72756a57cf6b4ee7fe8d1ffa539976246470d740b0434e62ce7bb3d4a60f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/75676.8481ee3ef6c0d7c670c6.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"350e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXXXcL2ojNA4QNglhwyw3TUeUHLKT22q7mjylpmg8vFYSB54SV%2B5F5kK1pWSzMMD%2FSsM%2B%2B2Y5nsBdLDM0N%2F0cLKSv3TROQ2K2xeZqWS1WBF8zXY4V1h6xJNxYkcHpq5k%2B%2B95aLTtoQiriShz6o%2BDZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c52b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/21251.87af35fe00e980d9651d.js | 104.21.56.114 | 200 OK | 4.7 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/21251.87af35fe00e980d9651d.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (22100) Hash87ae3712843239cfd30ac976bd99940d f94f35e5ba76aa102c14972c75cd67728f6efeae e4f129ecb25b26e3644847541c531e34f3e0848bfdbb9f0f00fe97347bbd9db9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/21251.87af35fe00e980d9651d.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"568b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tG%2BM49HpOuX6GmD1PGGKHnoq1WK%2FpJTKE8tm%2FxTs3%2B7110fp3ATDgZrLRXcZL54T1FQ8%2FKFcmG3knLmAF9T6GRPZEkub%2F56MyxytNVteAc8w%2Fimru5ak4Zey20r4JVtY0qMjCJ4opx1k8tH%2F0guCMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c3bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.56.114 | 302 Found | 0 B |
URL GET HTTP/3login.restore-cord-bot.online/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 07 May 2024 07:05:28 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UnA3mfOJz2LXHl3hdFdCVcULl9kkwobT89q5UgankQM8Z1FLqoD5i%2F%2Fr%2BG2rrlZzMubH2XY2cwt7Ic%2FkzIO6eUnC8q6mW5%2FikUa9JqIVdVl9Ayffsqe8GFF2qnp0m4vgS9RYzco7WcRkCq9O6u3U1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca07a5ab505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/api/v9/science | 104.21.56.114 | 204 No Content | 0 B |
URL POST HTTP/3login.restore-cord-bot.online/api/v9/science IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1237299246508802048.2W3XwqVFKEDgvx7hHyw4S24KoA0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 1026
Origin: https://login.restore-cord-bot.online
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 07:05:28 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BUNEw0ntFL3QRIwHCS86Q0gFIGSUuDJFSBUcLyNotZlzL7v%2FSJ3UU5yrJ4kR04w3aOgpEG9FTurPRujOh0OQ6IwkJJGGZEuhYiU9SJ5F4VZbsLKWn4sAHsaWa3m7"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=a2b4b1d5a112bf55bbbbf8379ab6cfc77999fc20-1715065528; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=vKXM4E2gg1kBwumIJgXQpcGeNKGwRxhHpdlzu2F5uFk-1715065528886-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 87ff5ca1cc5cb505-OSL
|
|
| login.restore-cord-bot.online/api/v9/science | 104.21.56.114 | 204 No Content | 0 B |
URL POST HTTP/3login.restore-cord-bot.online/api/v9/science IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1237299246508802048.2W3XwqVFKEDgvx7hHyw4S24KoA0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 630
Origin: https://login.restore-cord-bot.online
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 07:05:29 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2F6HPGkdy2SP9DVnMlrUzQz2KQl0fmKbtVC7iBp5C%2Fr5ox8Yn5bOy%2F02NLJlJLrCJZJ%2FLFsxMCsMbpqErFKZaMoqRLlquD9aJ0g3wG4ITsz172%2Bs3oS1cFnYoZ7u"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=ef0fbbf44b7d7006a8b66d867e7496361cd5b483-1715065529; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=3GYAfRimKESqweSDmlJcLpcpXBoVtSMv4quh4so9mBo-1715065529155-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 87ff5ca44835b505-OSL
|
|
| login.restore-cord-bot.online/assets/25f1e66664a140ac84c9.woff2 | 104.21.56.114 | 200 OK | 182 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/25f1e66664a140ac84c9.woff2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 181532, version 2.459 Size182 kB (181532 bytes) Hash980082c4328266be3342a03dcb37c432 4179f54fd61655067a20a2b37224fde3d8e5024e 1b03dae61d613604b3d41d61cc4bc2e05f19bd27c7ff2638242f9036f2b8794e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/25f1e66664a140ac84c9.woff2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: font/woff2
content-length: 181532
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:09 GMT
etag: W/"2c51c-18d28d95808"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YDmv2YzriDTHbmS6%2B2xM8rY4ie1pXpcE%2B4a91miPH0JAoJbOjgtYEws%2BNKKRwy%2FuBiek2SB9bTDJyX6lfsM%2F0yvbU2rdqytAJD5Utqc9O6xGl2WyeEWvTizugV9NbZdTYRoGmsqjy9%2BHicvfP7f%2BHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca16bbdb505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/321a07cbc6f5919dbce9.svg | 104.21.56.114 | 200 OK | 178 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/321a07cbc6f5919dbce9.svg IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeSVG Scalable Vector Graphics image Hash72a8b168ad2c7eea7b2559b5690c7695 85e4f43154ea713c832ba27128a33eb7b2a7cf7a 1f988d1ad4ab163d61a584254c07d75f3241eb6380bf48bf7d8f981e13c092cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/321a07cbc6f5919dbce9.svg HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"8b-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mda2Jjvh1DWsYX5gQYywbkJ2UguTBTmDhXDFBHFGD%2FbQ%2BJinGTQ86BwwPMuzxGDkV1hlBCR2kHmPQ32kDSUgat7GqOrnfjmAKKtUEoLC6eOnre9ODW5Q9kClNmUALWLNpgTqMilATjG4Ol9ui%2FKK6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca11b52b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/adf75861421c2a6a6269.png | 104.21.56.114 | 200 OK | 1.5 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/adf75861421c2a6a6269.png IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash092b071c3b3141a58787415450c27857 d7002b9404799e18bab34e931a6f2e23ab1ba3a4 f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/adf75861421c2a6a6269.png HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: image/png
content-length: 1532
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"5fc-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=19VQZ0vcLNIdD64FMtftaC0Sc5Fk5BiSnilu3Cs2FDzZH4slVU0NMfXN3RGUvRkjbANXv8Qy7XX95%2FeaVBXAK0zvpzwIlGHvdi5gegxRmHT5Ji7f7jkIpNZ9tjSjfTK3XnJeVRzdXxIuVuchsbCKyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca5ba25b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/20ac37ed2576dd48d7dc.woff2 | 104.21.56.114 | 200 OK | 65 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/20ac37ed2576dd48d7dc.woff2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with no line terminators Hash84b7416cff14fd88e25c7a5e808f96e7 141dc0f5c13044dad660a2add445baf5c472dffb d8c6f38967f6cf2d568e34abe3e04c2c2c195becd596c1cee7b9b83822dd768c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/20ac37ed2576dd48d7dc.woff2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTtGXMji5NUS0H0RMNSFq2wyp9cK4d1Z5UYvRg%2Fq2Swx5bkSGsjqYt2l2fhKGVvuBCC6%2BZYhChnI%2Fu%2FENhxK2XZtSne9G6iXjAEczNljQ3cSyJJoWRjKzEqb1xdPQIywUKli1kw6l8esnjk3dWxigg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca589dcb505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/f84e3e81b8d0718cd917.woff2 | 104.21.56.114 | 200 OK | 65 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/f84e3e81b8d0718cd917.woff2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with no line terminators Hashc0caa8227e2754f8440029c42df9f7e9 cc2f0e3655002fdff933711fabb53d63c23cbfbd 89a8e6fe1c595fb5fe77edd74ee8990458ecbf2941bb44e60ce8d96b6fde660f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/f84e3e81b8d0718cd917.woff2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BFtnQYY6zllhnLEW6bnc%2BA8t5kckdFXe5GoOKEBanYhvDTaEsRgBNddWDaJdXDdcIoP8Q86rNsg37R7p09zRdm3QtC4xar9QcUHHwTcSNRRvt17h92iHP9M6pM3wBXfi6WUoB327aeWvk%2FOxZjbI7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca589eab505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/api/v9/experiments?with_guild_experiments=true | 104.21.56.114 | 200 OK | 10 kB |
URL GET HTTP/3login.restore-cord-bot.online/api/v9/experiments?with_guild_experiments=true IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashfcf617ef2a47f1480fdd443a3bfdacdf e8de989ec92509a15e79539d4f33bc6bf20f38e9 1db960b9ba7fac053ed539047787580fe7e7c5842747eee63ece2526baeafa1a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/v9/experiments?with_guild_experiments=true HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Context-Properties: eyJsb2NhdGlvbiI6IkxvZ2luIn0=
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txh1vBktiXFnys%2FTNachTR5UxiKK1GCuAvMADsF6htOLKXJaR1mgEb%2BYy1%2BJrab5dI7C%2FL0h9kdhCPu8JoOs8RBJTPJSFRyPMcMIwF%2BO1D6ENGdBa44sd7z%2BsoPo"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=2f51921e0c4011efb705822c8bc189f2; Expires=Sun, 06-May-2029 07:05:28 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=2f51921e0c4011efb705822c8bc189f28b778614d4467ef9d9d924b072b2dc3ffc92b0b6ce10a9ba8b4d43cd9736ad89; Expires=Sun, 06-May-2029 07:05:28 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=47cbbf48aded426acde4b79d7b808d5d55253afa-1715065528; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=rAq5Nr9iZUR_A7OPUbAqJaN1PWUl3M0386RQ2z_KhYs-1715065528322-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"9140-6N6YnsklCaFeeVOdTzO8a/IPOOk"
server: cloudflare
cf-ray: 87ff5c9e0ebbb505-OSL
content-encoding: br
|
|
| login.restore-cord-bot.online/assets/4650ae2583f4cebb91ab.js | 104.21.56.114 | 200 OK | 4.1 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/4650ae2583f4cebb91ab.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (10990) Hashaefacf14a0528576a759837b74b8054b c3769250863d85360b36096f544b1e9c9904c9bc c0ea7413413b3ee925b173f94f67a7753ff6a77c00759b004e417b865ad9b727
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/4650ae2583f4cebb91ab.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2b1f-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAvvwr7eh%2FLyxUy8i7W%2BwHZduJr1myTyW3OkCdchfIMkP81tTqOFIQ8FjqFqa54%2FW2GdZVNC0GPtlBTvtvykL06Rj406le53mJ8sjxZIfQqggEgRJfew7gH4fzI6D2EUjrxo0H%2F2QJ9JMAdxiwz%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0cadeb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/api/v9/science | 104.21.56.114 | 204 No Content | 0 B |
URL POST HTTP/3login.restore-cord-bot.online/api/v9/science IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1237299246508802048.2W3XwqVFKEDgvx7hHyw4S24KoA0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 751
Origin: https://login.restore-cord-bot.online
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 07 May 2024 07:05:29 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0L5KlvSbAXbYcmpZG6OYKfF8LfwZJ%2BehM%2FVe1WPvF48AIS%2FQixAItp3kMJOgeGmbRU%2FCtaC1jyDbQY6LAz5MtqKAhWjxUHaWFb0Z%2BtpupBKmL2KDRIORj2fyFc0V"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=45c2e0334956f582c32ba5b85bb24b08cb9b51ba-1715065529; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=YjWLqU_VA9vx92lgOj_ioRSrFz7.XxGnkmQhORhsDTI-1715065529753-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 87ff5ca7bd43b505-OSL
|
|
| login.restore-cord-bot.online/assets/8240.59954d342c818ac8b70f.js | 104.21.56.114 | 200 OK | 200 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/8240.59954d342c818ac8b70f.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size200 kB (200503 bytes) Hash18dcf8fa835cfc1860e0869ae9711d8a 372560e730d7725d0d486544b57f7ca5a1e740a1 3bc562cf2f8191b1220d710ccb7cfba8dd0eca628055f0fc4bf98b0f8e7289dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/8240.59954d342c818ac8b70f.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"13b4b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFYhCkdD6ejZzS222yAV9hN4zcmOUYqtFI%2F5PKMgePA92KvMO%2BstRTiGRBJ1IRT0aWOn7Lss67V%2B5HFUEEyH4EGcJfJZIgey7RvUYIIQqgWWknMENXWjvxYw8HwCU7I%2B4GBO3sY28%2B%2BncMY6Zd%2FDWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c56b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/74970.ad098636400bd7dcbe6c.js | 104.21.56.114 | 200 OK | 203 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/74970.ad098636400bd7dcbe6c.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (28091) Size203 kB (202856 bytes) Hash3c3526a5242b8edbf4465c32aaf8fa93 577aabb70319ddb82ff368904993a42b33867d13 56d5c52d9d7ee3aa25c7670d3a69b9d711c20ed56e61f26f21cb459640fbf3d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/74970.ad098636400bd7dcbe6c.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"6df2-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lLNmFq%2BUx9RrwCLEF94%2Bt6dJO2k5ti0tQ0SfH04%2FhgRiArGryEpEi53TL15EhKuATcADhOD6EPmf%2Fu%2BbQ3kdj5uA0dOmwUe%2FpvPPGCTBnOCQbVeVp%2F6QfmqfLi5gbPNHcO48H%2FR7jb2nNdkw5wZuXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c57b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/9a02726c2f8410020238.woff2 | 104.21.56.114 | 200 OK | 188 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/9a02726c2f8410020238.woff2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 187596, version 2.459 Size188 kB (187596 bytes) Hashe55012627a8f6e7203b72a8de730c483 4c43b88403ec9c3053d74b4c502bcaf99f594c57 8390503760c8f26556001a28e7d95e4a237a4780e7ceeebf0853ce252fde4ba8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/9a02726c2f8410020238.woff2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: font/woff2
content-length: 187596
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:24 GMT
etag: W/"2dccc-18d28d992a0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fj4nwrFs3SEU6CaW6opzWq%2BiC6FML0IDASrF6v6Lb2f%2BCMTIzxLLtWb7n14ycGrm67LjIJKX7vd4TooI4zNQMlvV9wTgDcyZT9LhBHXriKNSwt49nmMfFH4D1zdLcHYX5S7yswoQMOj7Gmz40xmU1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca75cc2b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js | 104.21.56.114 | 200 OK | 6.8 kB |
URL GET HTTP/3login.restore-cord-bot.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (7821), with no line terminators Hash7802465544ef4a0cf86b3cd95f68d603 903a3d6c24253ccf6d3119fe06a0026995464d48 741bf3b09f32b3205381ff533500a1c2e9e6a5f301149d8f2dd94494ce9a1e20
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SB2zHueLG5gh8f7BXOswClkeF6lwH%2Fy9tYjSQ1J08w6YbgGY74yhzUbXHpW5316vbuyUkw6cZgk45PggaVK1WFiQ1wVgLWo%2BHehbjmfRg8q63hRQNg0b7mt5rAv64Pfw%2B%2FB7OhyAY8VwtRbVMn3njA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca16bc0b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/3205da2e8f78633583d0.svg | 104.21.56.114 | 200 OK | 8.1 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/3205da2e8f78633583d0.svg IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeSVG Scalable Vector Graphics image Hashc6ce0010471b65c0faeda6c53ab297bd 8735052de92d694b4ea91ceccab0e7e8f75a3cc7 862046fee1b4f3744f000347cc0b337871967b2bd9471bcb6dded2a49a61c527
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3205da2e8f78633583d0.svg HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"2b0-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7J1E1XPQBzC7b2D6%2FEU7OZoeyziIVho9Cm5mEJvfZk25IF97D4i%2FBg73cg1nf4wNBhD8Z8KMVsDw5ZCfbXMf%2FRcCCpbs0qFsXekQ03OSfUmjfxd2DR6tIwRm%2BugX1IWgBT2CuuG%2FVN7DQoBcqZgOcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca12b5db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/a826e445dff97cf15335.svg | 104.21.56.114 | 200 OK | 3.7 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/a826e445dff97cf15335.svg IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeSVG Scalable Vector Graphics image Hashe1349377226366f95f85ab9eac4586d3 9a3a00b6e6ab0a240363f4e4db2f5288227ff76b 2ca673a9914a35a230469a8a0fd6b4db293b236dea391633b53339afe577a92e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/a826e445dff97cf15335.svg HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"80a-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9Js7b2qOraxfxWdIsaIbnczvalEUdYnPopgXma4GRG9hvKiVC1Id3hZmrlAoUJCA1lxcZTM%2BrWVaQvEEkNOtLB7WCOFiWrA3hK5z4Bi3gC%2BIcM2xWbeReVZ4qtAMbAudjzafXW6r%2B3ojacYBeb%2Fuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca11b54b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/7442b576347c1d02886f.svg | 104.21.56.114 | 200 OK | 92 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/7442b576347c1d02886f.svg IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeSVG Scalable Vector Graphics image Hashe843c51c0eec3801b70cae5c45ad343f ad735360ecfa829db9d6c48f1a671a99bfce1d2a f860149a77a53d43396f3aec9377b9a0dd6c5d84459079c5d393f6343ec253fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/7442b576347c1d02886f.svg HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"18b-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TS8TMsK1BZtuvIxyZQCulwnFAf5acemiyL180fMPuH%2FtVw3zWdsqAOu3AxtLszns3hgxbf7J82bhpQ3udglwyr35p7ZWOqKavMvFVZqdmU8R9RAwYenI9mv%2B3usq6I%2BW5bjlYa5woLG4I310%2B0WbDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca12b5bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/55695.a2abd2a754a025899810.js | 104.21.56.114 | 200 OK | 959 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/55695.a2abd2a754a025899810.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size959 kB (959311 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/55695.a2abd2a754a025899810.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"ea34f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=He%2FfKkIGRgGfSCOxkNoPXRAiakm%2F4TxI2ZDANn2tmyZPHRlM3ZN6oROJmPerZj8Puax7GV3fnsAy%2Fj8o3wPbGSo5q9PqyQBuxGoAq3d1apEUg3UFQ4yrT8AeKns2C5t9aYKD4J9S1WltJe9xc7U4sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebf8b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/40876.477d9a39902b14c7bd0a.js | 104.21.56.114 | 200 OK | 39 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/40876.477d9a39902b14c7bd0a.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (38897) Hash167366b2e3d129cc3dced1a4e7dbd82b 62a0800ba5389dfb92136e31c08cfabacdccb8fe e943c9ed5fd4c16dc88029340b62dccd9afb900ed4501c7bd14e6264a34df983
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/40876.477d9a39902b14c7bd0a.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"9828-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tu3EdQIvN1paKJhZov%2FBXZHb1WZjf1QDI1Rki%2BuiHblSdEhIrHqH0z0r9iNqrzh1jL2qX4S5%2Bh3ZYjpE97Sa6n1un9QpZHDEzbeW8%2FG0Yj0VDvqQHaSIiv4q2uniZRkeoc2JNpM7blR8YqArhqoyVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c7d1cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/7273.654bf842a369e2d3de94.js | 104.21.56.114 | 200 OK | 484 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/7273.654bf842a369e2d3de94.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size484 kB (483947 bytes) Hash8da1faca35a6cf1029dfc42e48b9c810 45f463dd73d51dabbb399d6ae6a4c1f16019e50a 14acf9e94dd9a0cb4dc91e43f797654258398f2c91ce40aff16960d049111125
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/7273.654bf842a369e2d3de94.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"7626b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qq8LEBIOxx%2B6D2KiZlIeU4xUmvI0YTkGTMK2oiuHdocLJuiE%2Fwz54OUNXw6OSzkgqVRCgS0JhuHkwXuWjzDIcuWml5V0IFi5PXesHjAzuUJ%2BJQlUld%2FpCs2dhGSC5stHbc8%2Fxgp%2BQcxtMILYnmbcWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8d6e73b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/8e64227ebe6f34850334.js | 104.21.56.114 | 200 OK | 2.2 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/8e64227ebe6f34850334.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with very long lines (2248), with no line terminators Hash4000d28d0f8e4feefa8883aec22cf353 f8f67e124e53daf7414e941168e01d2a9c812e85 817abe560796ce849f16ac01eaf0f4ba1ce40ccda95682cf3433dbdfc80db071
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/8e64227ebe6f34850334.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"88b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cdjqexfy4BK7L00H6GigvVq4nSajWMpD%2BsdOfmuLMf5%2FafcXcG%2FMHIb7rHHJl%2FCRAizEX1gonAVUs5ln1y9P7rrFNT1KnvpfYW9FbJxiftr6KwkOKku1gqU3SlqZz3c68qlEAO2rdIFuNuP0QZYolw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c9f0816b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/20117.7c4ea5cd4685b0442b9f.js | 104.21.56.114 | 200 OK | 56 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/20117.7c4ea5cd4685b0442b9f.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (55750) Hash3a328a58679dc7c65aede3025f694875 2b46354311cf752e3c734ac9e5f803bada1eea8c f6cee9961dcde12c0dbd889adb3579ab836fcaa34c99828f36856b5f1de9bb90
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/20117.7c4ea5cd4685b0442b9f.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"d9fd-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6kdTpwX3DAENgqf1Fw%2Bo0LwFYjjAbSYWXoF5qxMI1D%2Bgi%2Fj0IOHi2h5ANyTmXZaDlw%2Fbfa19NVOAAszjH%2BsFAGyzhZezSIBO5msnIXmbNoRMDlP8Mlx9SyqZV%2BdiFK9Pn%2FLh5TewMBWWpAgUtOHTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebefb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/14875.31e886d6d1db8a56b5df.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/14875.31e886d6d1db8a56b5df.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (14036) Hashb73ea7c5ff12b5ac922cf837484b41d4 ecb0e464f4dc99dc4c2a88a0af3a5e80c8cbb0a2 558da14d878234c5150f3875e25a8049954a5ac6446595d3f58ac828620a6389
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/14875.31e886d6d1db8a56b5df.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"370b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cu82l1yOTGGWfJNA1qgy8x%2FvmLgTE8QizlYotS083o7TQSI73ZwM6H%2FWRkiAMFzFeHUpySGOHlIvZxOvyK4cf8UHAWlWkbVt1QmudNf17cNaC1ym51BQkt3qZpnfosTXChINCYY9MsZodp3irIfzzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc15b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/31421.ced40b898074b2c19b15.js | 104.21.56.114 | 200 OK | 12 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/31421.ced40b898074b2c19b15.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (12060) Hashce1c4ffbc40c7e9bf65f4228013a5819 5032e464391b595927baf62c1e4bf0034ef66d26 131db5cf2b0741365470de35e02d94da3de2b223b8c18e3ca3dd7c26af23d6e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/31421.ced40b898074b2c19b15.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2f53-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6Fr6SDxG06BsA6vgS8PZM19e8tUiQ1k35G5NEn%2BqxC4t8IYqiMusqigbi51XfGRJ5PYgGmWqVMS3qRMpcvF%2FxQS0AY5gu6D%2BuLDhM1U5IDx7IrY1wtAFYTs8AKkMYFtddE%2BkVep2yGN5wkzfIAzTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c6cffb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/23992.0430129d8ed977cac0d4.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/23992.0430129d8ed977cac0d4.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/23992.0430129d8ed977cac0d4.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"37fe-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuosK4%2FhUaPSpa%2FhwZs8ilH7juxjRuR%2BBlAVTht35t6ZNA8x%2BleKL%2BDdVQ1IFZztJaKDWpr9bsLz9bhAqaG2s0%2BJDSjx9sft8uvj8Uq6zec6nXIDt32nijxM54a02kwtg3u%2F%2BWm%2FpCliTfGgWKRFJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0eb07b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css | 104.21.56.114 | 200 OK | 2.0 MB |
URL GET HTTP/3login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size2.0 MB (1982257 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/app.efcb8c8bc767b60fbdd8.css HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"1e3f31-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=027qWjdsNqwabzjRwTlF0qj0QiCDKHwzUXIY8k0dHJrYrSrlwPq51zmFn3H5HZeaV7cOTrZTgU47EqvPJk1HWoAnnDbyiXxwqd5hHdcIbP9Yfeup3Lby3sA%2BBt2P3SpqeMi9ko%2B%2BTwaGi%2Fx9YBCARA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbcab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/13798.6a2a5ac1a86675c94b6c.js | 104.21.56.114 | 200 OK | 7.9 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/13798.6a2a5ac1a86675c94b6c.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (8182), with no line terminators Hash81548497b4c074d04063c9f226154ade 3548f8053d9df0534168b499bf42407d8e573e2e 13ac083b959b6c894e5118fd5a686a4985575125a984190c1f7454264cfedeed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/13798.6a2a5ac1a86675c94b6c.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1eb0-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0bv9itU8YsSJ9OUvRBa%2B%2BLbRUVrgubrTWqC4LPq5GGhJ3A7h59l4cu5r7SX2IFHaXSHW5Mo0TBN4ms8aX4q7MUmbuNoIf38xmQ2SSKM3nDsnLpQ%2FCcqb9gcIVUUEO8XtFh0rwM221sWKnaLIqCuXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbd7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/78891.2eacf9854660d1cbcc66.js | 104.21.56.114 | 200 OK | 8.4 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/78891.2eacf9854660d1cbcc66.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (8513), with no line terminators Hash4864c337a44bd2d3badf7670471a790d f64d984f97d5a1acce5a839417b7aa0f61a55095 3a7141586692ac441533e43942e1aefc2d326389e094aa7c78834f8e3ad48da1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/78891.2eacf9854660d1cbcc66.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"20de-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OAZTTDLEyvcCosydvoUqOui7OzX38red3ukq6Q%2F85K%2BpeWmYofM8OjaRlFi%2B6L1zY2ANLTgZortrVVW%2F1tYxvBdI4E5C8d5PU7rsi8ElmNWnJ3bWBOVbptbUnWvSgF1O31TpPTxgf4bYu%2BfvDsko4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5cf7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/40413.ee00763112ee8df65f08.js | 104.21.56.114 | 200 OK | 7.9 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/40413.ee00763112ee8df65f08.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (8028), with no line terminators Hash0b2eb75acf108aad28037290505f993b 20c3bca016fb59ad79e807f379078b71d12da15b b603d4be2b12cf965a38fad6eb246c3cabc86f6b4370e7733d7495495a7ae0ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/40413.ee00763112ee8df65f08.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1ee3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5ED9X%2BVN2qGAtJEjSE2PQ2WQVflfkJGRT%2BuXkKq%2FrsnPxSjAhyQsN%2F3%2FcA0IufE32xj0diqjcwEvRvxokOY%2F0BXBQzxu8OtYvkzc6GKn5kvRU4v39JI8o3ytkxkcBsY7Fh8l9xDlLM5EHO3P%2F4HvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0aab5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/78995.c052e63a7b5574176cf3.js | 104.21.56.114 | 200 OK | 19 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/78995.c052e63a7b5574176cf3.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/78995.c052e63a7b5574176cf3.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4b93-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDXIDc1fIrJx0E%2B8FsdbhKMvnBDku7sx4aLuN15U2ZGy69gA0tAysBQOlY0ET%2Fp2vG8uQgBxS61kvR37NgOBdsiUtAoMPEjnI5rjRBN7NEhzMI3xb278IACqADRTIqXshcL1opB4j1vWRfE9um5lbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0bac1b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/96634.06d9840e14d8b8f41b43.js | 104.21.56.114 | 200 OK | 16 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/96634.06d9840e14d8b8f41b43.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (16229) Hashb924f4be14a3e2330a86646c12dd033e fb8f63674d6d1b4a937d5e293bb46a10a384bc03 d65f5776f04bea788fecab1869863fdbd743604e16b45c40a3a5c91029b80057
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/96634.06d9840e14d8b8f41b43.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3f9c-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jH26EPEDh4yhxdU6BDf%2B9BJLCRsbxVBK6GMTg7Hgmdbiu%2Fz3nJy05VxDWPyHk9nj5RjKy6xFDorcwknr%2FXhPy%2B3xnrJ%2FzB9yucIPgiyXLPu51L0HUCMzHo12F0x6nJE0b%2F8prQHLBrVjcCrALbs4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0eaf7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/60499.862663374dc7b2606eb6.js | 104.21.56.114 | 200 OK | 18 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/60499.862663374dc7b2606eb6.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (17610) Hash4ccfa2e22aa81b9717908bd2e198c04b 77c537671daf78c65664c86b2348a8901076b2f1 b7094a75dfa107fdacecb7d4de84339c5bbbdd4f7d138de620e58fcacae645de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/60499.862663374dc7b2606eb6.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4501-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cCX31euW9fJNSEF%2F4a0dyVjy0%2BcbfQCHdwzlKU1oy9gy%2FoFRgIVWfQ5BftxCo7eQTWYrpC4cg4Y%2BShNvstCyq9RojInVcYXKfyujn%2BE9tDGFu61or6It1O6UmDOsOAri6e86vdTHUYP4vDQ2048lTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c6ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/37102.04489c88475d6b93636f.js | 104.21.56.114 | 200 OK | 19 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/37102.04489c88475d6b93636f.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (18523) Hash6a056d7583533ca1f6f22eb59c25f71e fd9008c3477be5b59118cec1d51e0d5942e9511a 93ac8375ee2ec8788c40ffd8afb828f87d2e3b7a718f346cd92d353f32cf3754
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/37102.04489c88475d6b93636f.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4892-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hE7xWpBDKVr%2BHhDdITyKQBgVgUIf0w8HB1RY6pD7TFkFWQ6pzTIEb1Mtuq0Zcjpj5G88BOp7wtNRR5cLgN%2F4r%2FrX%2Fxn11L2UqIIfE4rq6n2wUCy3u7Dtmf4ntEI048TYSMkPbXdrkfxfUTTInz99fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c6eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/11538.db58e10c3c76859618f0.js | 104.21.56.114 | 200 OK | 30 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/11538.db58e10c3c76859618f0.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (30244) Hash7f54de7efa90ea0e15b1c612bad83249 1a5edff4e5621f3f3fe3c536c18cd787872aa17e db01fa5a4d163102243a550ad6e1f79763c2b718a1e4e1261bbbaf0c548f5b2b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/11538.db58e10c3c76859618f0.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"765b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MWV3%2FjjNnjr%2BtTTGH2c1lmW3aulRsP%2FgVNjbDVHjsp7oJ7Tu0ZtZS7YqFT65cJSYbUrh4sSouWNsCkfGCZ1SaFn%2BMMzN3pOR%2BBLe%2FaYnLhMrYRcwLUkqHm5SbH895nNnysvUwzyAKLpWQcoCTmU5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c7d27b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/58166.4ec31e1810af6eda852a.js | 104.21.56.114 | 200 OK | 38 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/58166.4ec31e1810af6eda852a.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (37774) Hashce66262030ddf4d78cd0600c1706bbca 195a3af6bbcd112990859fffef3a9b92a777788e e8d1036a715eff98d533a5edf5e91f079e9eb7482fe9c2eabd6df44d51d3eaf7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/58166.4ec31e1810af6eda852a.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"93c5-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wtiiwsbzat4p0hJp1XLXoaSf7zC6CY6a4HBT%2BofBBBBzlUQdAHIPECkXB2IMB2LBb5pU28daLLprN0kn9yaLOEdDnmTSkrKmzRszILIQziOBqtJPk2Y0Rk1lcZ4F%2FJMaBNP32QNgyyEER6KPg%2BjpQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c8d42b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/sentry.1e20f9b7b3b2507e0dc7.js | 104.21.56.114 | 200 OK | 8.0 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/sentry.1e20f9b7b3b2507e0dc7.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (8219), with no line terminators Hashf6c12b3561afb0c5be1c10e2085c10bc 82e6c80f75bd4500d11b8a8eeab09258913fbc04 1fcf9bcb46efa6f11a6f1b081012b0dfa29746b084197a8b57f6cd0288e6646b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/sentry.1e20f9b7b3b2507e0dc7.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1f4d-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N52%2BgZd%2B6X1xuJobyp8DFwOfAFerOfmyDvODDnoIInhgHFYKuTDFvY3Ctu9UBGVJZ%2FYGFLXGH6ZjM4bEAF38K7ixkHrxF2MPfBgjjZJ93IxDJU1kAYBuuisFT9mUkqXA%2Fcb%2FVFGBSN%2F7v4doRJZpYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c9d52b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/68560.e27fd85667a295676749.js | 104.21.56.114 | 200 OK | 49 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/68560.e27fd85667a295676749.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (49324) Hash264fdf0094b5d416ab5fcb70a1f52ca4 f76c8aafe7d2ea911de8ce22bfbaa66d974cd348 73487f57bc5d9a1a20ca844eea8d8e14799184ce34fdf2e31c70a502955b0380
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/68560.e27fd85667a295676749.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"c0e3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNVFoBMFjPd%2BIKCW57%2BswLJF%2BhIFU1DHfXqDxsHyKFheEZIBrB%2BLPL%2BAp4jyId6hmhbl9YkrTo89rAp1PhpkFtp7nVLp0CGNoI3s9ldO%2Bx2MeIOZ2A8NbA8JILRqWGOk0v9Ua0%2Bhl626Jightr6HjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0fb12b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/94491.6feea119a246906e42da.js | 104.21.56.114 | 200 OK | 30 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/94491.6feea119a246906e42da.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (29770) Hash2b097f530ff3ef39552a90e18a8bd883 326b60321000b059a090e4ef046b9421d64962f5 dd4f80fbf943312c9ed47c07c0cd767cfa20d3657f0b50a5787704991ee85f00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94491.6feea119a246906e42da.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"7481-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2FONK4wlfemueIvheXLRifaRXb7TSsCSTLoqgCJvM7a6qs1nXNMxER%2F7EVg%2FBA9A7AVt55F0DKBaTlroPwBOZyfL6KlMOVA%2F0Kxc7OEj4DE%2Fl1PodVs%2FXSTk5tdEj8AilP25df5WJ%2Fo6XSDUy8DUiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c5bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/94816.637e7c0b320aab380f7b.js | 104.21.56.114 | 200 OK | 87 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/94816.637e7c0b320aab380f7b.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94816.637e7c0b320aab380f7b.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1553f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SyXbxohvvRkd%2FwuZBK0QVeyXAX2fxN70fd6vcPq6Vv2D8AJMYPX959wf5AFJSBLdkHyRclLKaLfgUrPMl7BgMBCSZLmQsh%2F6c4HplBfTocakdDLUz4h33W6nPcjDwAMCehuKiTSb%2FLcvw5VE5JO83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c67b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/64612.26d2bf1afbde26a43a76.js | 104.21.56.114 | 200 OK | 16 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/64612.26d2bf1afbde26a43a76.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (15643) Hashe889f804c915f5278e961cde93d50e20 25e94c62cca79bfaba361e27e49cc687e72b74dd f3649beebf41954e8e4aceed2d74c5fcc81a61e1123b4190efa9a02f785977fd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/64612.26d2bf1afbde26a43a76.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3d52-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q6axdqDmwa2AAwdH2DWcRx5czbccmX3Y1KFFqfcE3roxxVO%2F%2BLUFhGIHZcBU1XdEn8DdE5zuwdJjMTfVjuDAGHB93FhLk8fsH3KL8WyFlRm7Y9RYPruIZodhrKORaBrBqr%2B83QXzbCcE8RZBAdtBoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5cf2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/99742.217a8e519977f9b5cbf0.js | 104.21.56.114 | 200 OK | 18 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/99742.217a8e519977f9b5cbf0.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (18014) Hash1960cd6ad791e73cdcfafff546853923 0ad17a1e5860279e6885d8d94ee0e29a1730d530 13c1c620578fee12330a7c3c003da2ea56f487fe471125b76add74f74d0bc36c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/99742.217a8e519977f9b5cbf0.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4695-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loyj1e2sMAmqqaiIuj4kZCaJhqdlygdDzEChiXuGjBNWpzNWGKxTKe%2F6HQ3sStktv%2FPFXdgOwin7RIGbl9nGd6cnLQwtOwL6vEvrs78knxwAkOfmiHH2lMiOII77P7jpZ7b6CTLRJnVoBHNX0nSmdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c54b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/74836.b991877dde75f9619c99.js | 104.21.56.114 | 200 OK | 20 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/74836.b991877dde75f9619c99.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (19958) Hash5de4f60b4efa8bb9454edb13d1cb9d83 5eb21a1fb900d78a23b781b715ee7f3eeb52b672 b6399a12a07f326a303c82e16981091cc42b529ea9f8b0c6986a0d7e91036692
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/74836.b991877dde75f9619c99.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4e2d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oKcc0kPIOWqI68dE2yMVRcLIX%2FpNpRFfMMNw5lX7fzavpDZ4KPSwb79CMf%2F9yNEGL3nTlpKkgpsRF05gZWOD5SE2cfovDga5Ms3SI3%2FCGXz0MdsAgqkeEKAao2X60QpBzh9rV0rCmbJaGf%2FNsKUiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c58b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/33547.5c46865f95647d249cb8.js | 104.21.56.114 | 200 OK | 61 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/33547.5c46865f95647d249cb8.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/33547.5c46865f95647d249cb8.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"ee2c-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QcmF9nn3YKLslKZ1yPKfTRFj3GmEAwOjnX3w%2FIqPSBIou66Bfe5uiuq%2BGluESIumz0W7V0yXSf9zb5penZlqElPlCYtg2z2oZ71oqlcj7FrTmpY7vswCPY1s84ozhDZZPNohNZanJl1tawIcqudiuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c6d0fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/25653.f1981721227784f0166e.js | 104.21.56.114 | 200 OK | 164 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/25653.f1981721227784f0166e.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size164 kB (164235 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/25653.f1981721227784f0166e.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2818b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=df4g4Uhs40j7bRq%2FQz5PZietvCMaw1fc%2FduZ48vCnkdh2bYt0X%2FPhi6UhcX%2By%2FN8ARw3uLMLM8W8E13XcGLk8Ns7anJ3yc3khVKnj2msbss3%2BhLlA%2FoQUkRrDz8ifqCuMSMk7v99Jlv3vJv9O6hMeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc06b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/31717.335393f06f604050b43d.js | 104.21.56.114 | 200 OK | 65 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/31717.335393f06f604050b43d.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (64808) Hashf21348f766d7fce1d259877b826da099 73baf8dd6916a60dab75cd1879feda4b29a090a8 bfb3e51c1397bb6498dd873eee144f50271c74c4630bb8ae0d55a1da8aeb9863
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/31717.335393f06f604050b43d.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"fd5f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAOdiy3RZ45Yt%2BZstJckf8rJcX5yhGomygiO5aDl101A9PB8TMFkWAbpYoD2rwULK%2BG1P%2BdbVtBZdl%2F%2BBtdbA5ar%2BvwvMzk4j4ktdtkPJuoPZfjQn21pJU9Qi03KCrSx1wCBvx1I3yEHURaL1uXW3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c0c31b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/86480.ebf8826a7f33e22a6aba.js | 104.21.56.114 | 200 OK | 15 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/86480.ebf8826a7f33e22a6aba.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (14887) Hashefa64bf325b069f9cddd3a1e224e7679 c18d2104d2ab6cf8599c57fc52d01faf8c48aec9 94139cd642069de9ba7621638c1dd08ff2703c859f69df7e24ee109f4f3cd250
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/86480.ebf8826a7f33e22a6aba.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a5e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KISu5XPQop1eheDDwDocVV%2Fl3EkDxDNJ6JPeP0oyYHqZ78rihAFFlr8U%2BP92sLI30dwYwpawDbT%2B2PV28Kwx7mJ02R8tSxOKeQqvvYY0TkzRx53%2BU48fr4FHrUlXzTIA3gUEem%2B2roRGqrOT%2Fem5Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c3fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/66701.1a83dd6990836d80fe7c.js | 104.21.56.114 | 200 OK | 11 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/66701.1a83dd6990836d80fe7c.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (11178) Hashb2c21f2a66a342876b66fe2ccca32047 d6c8eaedf6bac6cc072935d1607b9387d912e2a4 82651ceeb7e2bd56422c831f2557e259f8e3ce6cf4e47020e5f0b4f13c81562f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/66701.1a83dd6990836d80fe7c.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2be1-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hpeS3canyi%2FwKh5xaUEVJx0JTjXtuy9F6WJfnF33%2BuXwUPhwh9rHZeH%2FpReV2Su532ZN9n3KKd4j4KW6XgZKRDPZrNp11J6b3b8VP3Yn3HWTj7S%2B60AM9eh1A4g%2Fsw7RmVW3U5SptbTNCueE3XCsIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c5eb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/web.a572a92ab0a38d32b311.js | 104.21.56.114 | 200 OK | 116 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/web.a572a92ab0a38d32b311.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size116 kB (115711 bytes) Hashb97d0dbd751b156ed94ff7be9e299ec2 a7adab0116d09edf46e2fc7ddce04b410cac250f 866bf767de1021c0532594c9493db97ea678bb09641905230423d3276937fc9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/web.a572a92ab0a38d32b311.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1c3ff-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ypA88%2BVgIrmaOpqpAFnMeFnLbVgnOYTkg6r6dNeu%2BO7fbFyuUjvvPJCF7rYCTUEoDtZgqhw3lDWwHU8dUQoGZD2mYVGu%2FB%2Bn4MhNH4c%2F5DC6KcyGJfKiutITmFI7odtTsIsgkArJ2ZyvwOvyyQ4XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c9d51b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/17820.e883271a8a21d461b3cc.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/17820.e883271a8a21d461b3cc.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (14165) Hash3eab1ae6e3a0d5dd18c280bb01fc9426 e09de192241afa3b47cfd3420cba919f5d5bee7c a7400219aa005e47acfbedf2ca55d9da87fc8d4386888f6c995c03358602793a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/17820.e883271a8a21d461b3cc.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"378c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=le5kEw84dgqCZ%2Fbt0riQXKfkSeWxRET7YGKavyWbbFj%2F%2FbxvKGAv35vG%2F4MeMSZTMWcGQ4cFMgX9PqKcJ4TmJaXCiHykWKYRQv%2FVxD2VaA0T3653PiCBWcZhhlVPctQOyGx0koFnZTsPmFJshQhvFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebebb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/64999.3c0486790babc24c66a4.js | 104.21.56.114 | 200 OK | 201 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/64999.3c0486790babc24c66a4.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size201 kB (201090 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/64999.3c0486790babc24c66a4.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"31182-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o0ib2OVQwbWz4FsyVNRsMX%2FwEwZ3fcRtAc6QY3nM%2BoIgGdL7VTBa1hcwYL%2FP2FMaIMMB4%2B%2F7eJdjIgouTxwMWEjyj86t%2FLIK%2F1MLBnrsZa8uCw%2FCKlQ5THBKd%2FpfjAyOvE8Uv7uemkG8zZiudfSVOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfbfdb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/22843.1bda3edd4dd152273661.js | 104.21.56.114 | 200 OK | 21 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/22843.1bda3edd4dd152273661.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (20995) Hash3d7d3c6641376eab526dc37c2a3aea87 9a4405500ec4685d070b940e3e58dbe95ebedf94 8bd28e45bdf228abeeaec72fec246300bf1a2d85ed2bec3710889cb3ad8b72dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/22843.1bda3edd4dd152273661.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"523a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sk5EZzQQIcwlvcIEbfd5G4%2FtLa7EMIuUF0zFa3ChRv7NwPkuykHneVcg3llx2MgFJUSxIO5JzJe0RdR7kxoHvR%2FFThMkLQiVTkN2AlqeRjAMjzzwSooXEyCtYVU18zuNVwkfP8oPdLdSV72qxYQA1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8cad61b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/63550.a619020e4c7b3d5be7ac.js | 104.21.56.114 | 200 OK | 8.0 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/63550.a619020e4c7b3d5be7ac.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (8041), with no line terminators Hashb03a74e4793c52da60a440f2b73aea20 a845f9c25a2f8fb2a10e67468045286a3f0d5851 d64c4d797460c5e849a45bdd00b59075f1a415c2be3a2de56f719e7372534101
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/63550.a619020e4c7b3d5be7ac.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1f1c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTa9XbsAtVyDXGc4a9E4RlEJziMsWUBUXTJ4OIIgfWaNHb99WsNQwYsTra%2FwATpSiSe9mfyyuD7uNVWfpwPIfWDCyLzr95c%2FcPjkYywsw4eQlcrlUSkW4kTJzJ8Dygsu%2B7GjOsEGs6LLdYMn331MFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbd9b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/17605.396d4d0fd6f31f0ccbc9.js | 104.21.56.114 | 200 OK | 149 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/17605.396d4d0fd6f31f0ccbc9.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size149 kB (149407 bytes) Hashd76190debc34ded2033eb596d275c6e6 1d65e4a7e5bc735bff02c5fbb1dbc89d31cabb6b 8069a865a2a03e1afbe4b88edf980d24295d5643a48e180f71f84373ca3d76d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/17605.396d4d0fd6f31f0ccbc9.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2479f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5uPNrVeHa87Rl0wqnbnsN2CeoouEhU8pe233xOGwB1NgEmkDRCBtzGBSyeDpdNptlqov1MlgKYUIWsPN4XTlgcE0ixOIOhnoh6Q7heBvK8C48i5FbWmwI714mOLUFGU3ORQxZNgByKlozootzAP%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c86b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/46318.26a20b3d6c9d947ee7c5.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/46318.26a20b3d6c9d947ee7c5.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (14296) Hashc31c995e6b740c207b3c24a0d1145425 922fd2d139a1ff8bfb89dfec828ed4e52946f359 8faf3e169db9dfba36885821526edddb14b4e0c3feeb1f20786c3f2c51115831
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/46318.26a20b3d6c9d947ee7c5.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"380f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1MZGnD1AunyRrUTWa2KhY32p4mqTlfmz3yDlNKd%2Bd%2B2LOvc5rWQ1JWjzwXIGstGhlPmJvb%2B%2FMWrk8JBRbSFWOhv5Rencytf4tD%2BrFWXjfRrXV8lRgXPvjrh1fohjm5Sneoqk9O4MgZta7SAU9%2FfQhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc11b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/18814.2887004806e3f2dcb541.js | 104.21.56.114 | 200 OK | 17 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/18814.2887004806e3f2dcb541.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (16511) Hasheb44fdac0aefca117662f9db435ffc09 bf2224f54fd833cad9374ec73e35425ca7850d0d 8e7a022b3c6e28ed485a3e73ea49864a44b188c56ff7f3be7ab7cd268662a33a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/18814.2887004806e3f2dcb541.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"40b6-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3oJCa8MCKWvuUMSm2W1iyAekpz41s61KGiOvE4WNYq63ZFhClir9U%2Fw%2BkOEt6hdylLPzt6mBYbbT9oEZAr7AbmGA7sLwiCgqCLoRvU%2BhzC5WM%2Faa3fKBRbLIzL%2FQCCLNxtBX9b9Y3mUoJiDp1n8nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c3cafb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/94381.75805595bcb471e9283c.js | 104.21.56.114 | 200 OK | 17 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/94381.75805595bcb471e9283c.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (17283) Hash1d9461b1a5901db3a1913721102de7f6 b5aaaaf164bd8d45b150d86ec7580dd08743efc3 8fee5c60698b99ceefb3b9443339bf6ae1b610b3e5df65ef668eb1dbc8643dde
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94381.75805595bcb471e9283c.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"43ba-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsNUm6XVDCELZoYpbuxYeRWRTaFsT5ASx7%2BKqH8prA95VGTUjc35GR4%2BwDNwlmmurNzI6MDqKyJRKR%2F74lwpL%2FgU7LUlYlXd6YdgfvGdh8mLFd4TcaoiRfx9hVF7%2BPCDoIvQr2cv3vjojAG1W4HVxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c6d10b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/44504.4c4113c3ec609733dacd.js | 104.21.56.114 | 200 OK | 60 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/44504.4c4113c3ec609733dacd.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (59916) Hash34be6172cc28f54550f737535ee7406b ae6f7a023c57531df95cfce4b8c2faf862b922c5 419e3eebea240a838aa818a0ac9b57d607a52c7547cd9ee876bfb2bd84226e8b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/44504.4c4113c3ec609733dacd.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"ea43-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TsP%2FvepfUQlmBuX7XBMCMuLdqg8XdWnRBGzXq%2FvlIFMHPAgfYh4Sda3siLLTAbCpOuxRx3Ubb7dqEjGaa7QbgqUHfnSjaTYMurWir%2BVAg038ZtC%2F4PUYSNvlYt7ASbrH7%2FwMtvUMtBG4Q4TgMc5USg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0bac5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/app.046be1857b9835ad19e7.js | 104.21.56.114 | 200 OK | 684 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/app.046be1857b9835ad19e7.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size684 kB (683933 bytes) Hash548bf6aaee7185ceee59b635b557dc9a 75c298df5f2397e4218d17de297d781fe169b461 4a0fbde1b61188ce3cda8fdce6f655968b6264dadea210b0434dfbb667f1a4d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/app.046be1857b9835ad19e7.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"a6f9d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZyYH1x3i4tgIIcX6MUFKaLa9pYqnmhITCN%2BBnK1tu%2BUW1TNZP6aheOOyT0AX8hJOGy7NmnXBJHor6Hmogp%2BgejpeTrmKVfEEM4OO4F6d6g8h0VqG5%2Bl1FFJuERA5jAiRYlc4u3YntDE8A0qtzlw5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbc5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/22843.1bda3edd4dd152273661.js | 104.21.56.114 | 200 OK | 21 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/22843.1bda3edd4dd152273661.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (20995) Hash3d7d3c6641376eab526dc37c2a3aea87 9a4405500ec4685d070b940e3e58dbe95ebedf94 8bd28e45bdf228abeeaec72fec246300bf1a2d85ed2bec3710889cb3ad8b72dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/22843.1bda3edd4dd152273661.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"523a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2B93upbQ8iAsLaaiPI%2BEZPQZbxsdYea5mr%2B3sCbAz7R%2F5Nk%2Fnb%2Bs7M8oFJTZszsc5TpnLlxrs3oBa9L2HIVBt0bJwndToqTtSs6aiPqY9skbBw5hppwQKacsXSi7gKNR0D3Rwcxsx4HSqbQ6QJJPjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc04b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/3c723e3c991fcd7cce58.js | 104.21.56.114 | 200 OK | 164 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/3c723e3c991fcd7cce58.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with no line terminators Hashbb871017dfff7157e3481a5dff8e4529 36e5c0824c189aef00bbd5f35387a84b7010227d 55aacccdae49dac44e6d8fb3cf3041ba4873558d2d851d0abe9ecdf99dc1e0b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3c723e3c991fcd7cce58.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2jD3DqfpN1UX6Jm%2BZsYqi4if5XV4pEENRc55sok5OsLrHVu9z%2F0oUajJvoj2phYLsWlr%2BEyZJePoSKkrPxGUSK9WpYaMtAfSENn0XXtC3TMVf3w%2BdA%2B%2FTQk6Sc%2F9gGslJmR2cvJ2HZGpNh4mgsU2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca11b50b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/a9639edf37cbf3bc290c.js | 104.21.56.114 | 200 OK | 5.8 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/a9639edf37cbf3bc290c.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with very long lines (5947), with no line terminators Hashf392c77642c2fdc2ad568c6141c40966 8f9529db4fcc332030fe2b066220c4d5752e2cc7 9c96486a4197d9bfe932ae15364d60dbda2ce77fb28f6e53319f5a9b6b25b486
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/a9639edf37cbf3bc290c.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"169a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoxyHsHTZNbIteO%2B0PoWv2562uOYA4h%2BfF3UO3b5P29qFAHoQfVVnTFwW5BQgBPzLFF%2BWfGHChAcbvoSP5ro06RF0evqAlWUGXu8xEa5VFskvPL758PjqiQ0qA%2B1KRQTgYm4Gk%2FwrOl1pYO9z4qIdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0fb1fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/44d5e1639bc492dc8d62.svg | 104.21.56.114 | 200 OK | 3.1 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/44d5e1639bc492dc8d62.svg IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeSVG Scalable Vector Graphics image Hash02799b7410be627fa7a88303875c8132 4cd594b6972f1081641e15ec286e9bf5a6786b2e 004f3b15b564c0aa1283e18e84b1f4bbc714f5ffedaa5dabd7281c01b08a559c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/44d5e1639bc492dc8d62.svg HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"c4a-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MH5xKQMaU1lzmTMQ095%2B801LWNjQV%2FonfV9kKmxOuYbmsBWITW7Otz4UNQSt5Ty6240uO2stXXd%2Brr5e%2B8b%2BgE5QTfXzKFSwmkYXuj1nOvRl7tcnzXBE3XXQITwkZMgoHacv41vqa1p6%2FkCjw1hwJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca12b63b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/ee6b51adb64f6365352c.woff2 | 104.21.56.114 | 200 OK | 179 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/ee6b51adb64f6365352c.woff2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 179380, version 2.459 Size179 kB (179380 bytes) Hash7cf1be7696bf689b97230262eade8ad8 8eb128f9e3cf364c2fd380eefaa6397f245a1c82 a981989aee5d4479ffadf550d9ecff24a4ac829483e3e55c07da3491f84b12ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/ee6b51adb64f6365352c.woff2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: font/woff2
content-length: 179380
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:32 GMT
etag: W/"2bcb4-18d28d9b1e0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bd1lP3ObJAav95tsLUm6xit5uepfrs4Go0owFVWU4zBXy1gJCeY9WFsZJncpHNXtxoX6QHq%2BsVAxt2T%2FaP5aNVPQE3Unmeybw5crGq9Jws%2FD%2F4v2Y3sf0Wluited0UjwDb%2B4JKA%2Bw0wvnelO5Qeg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca67b6db505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/56145.19258dcaeb421600cd44.js | 104.21.56.114 | 200 OK | 213 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/56145.19258dcaeb421600cd44.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size213 kB (212738 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/56145.19258dcaeb421600cd44.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"33f02-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ARaFk%2F4mnDRKjX7u38NI2qqSEe2qFFdlPm8BswMdOZnHd7UX9hL4QZw%2Ff4bNu9A5a2xtYqboOiBC%2BMRIvISQ2qcXIB4oYnOsNzda3oZKHjEhSOIJo45g089FVjjcH7QrBlpk7dpjXW9RY0jEzWDZAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c83b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/6575.507fad3ad28f9e5198cf.js | 104.21.56.114 | 200 OK | 1.8 MB |
URL GET HTTP/3login.restore-cord-bot.online/assets/6575.507fad3ad28f9e5198cf.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size1.8 MB (1792121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/6575.507fad3ad28f9e5198cf.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1b5879-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ue9aHNT3cUmv8Kk1ZglTekCfVq9QHLLin48G%2FF21pZflHqBW7oaPT6t8FojBQ5bQnu027UzWdhpvRq10LxlfPcaXqP7%2FfhEmHIvJFUatUqu1oOATIYCUA%2FZz9Ed67N7VgJKHif02uM1TcVMr%2B7d2Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c9d4cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/34426.9f82349d8cf165e1b07e.js | 104.21.56.114 | 200 OK | 15 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/34426.9f82349d8cf165e1b07e.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (14800) Hash495af705377c93d5c53e1b8c3b14d883 16ac3e41a677731e5ced48142c2949a75154fc64 83edb478f8ed6fa71c304bd0571c29d682453217ab896bd84fecfc4f2e42b2ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/34426.9f82349d8cf165e1b07e.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a07-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3HW6%2FcryCtnzyWMPoB0OMrwe%2BDJaYtpmRNeCOW4Y%2FohxbPClA5rzyol%2BXZkOLOl3lsJZr28Ljonw8UuMIXgv%2FX5pHeL%2BrBvsjqsoqyYQ%2FMnQjMfkRtmM8zI6yVOq5%2B3HPYi9M8llEEoXM6p7h2uWXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c0c33b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/62768.3bd3b009dc2945b07d60.js | 104.21.56.114 | 200 OK | 40 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/62768.3bd3b009dc2945b07d60.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (39620) Hashb6b6813d1e66352c0decf44454134375 95a172f9805fdeee7bf82568b66c493972b35ad3 b07bc7d7d0a9086f1b02065c938b99544f7d651295ca2c860b22ff02c482a239
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/62768.3bd3b009dc2945b07d60.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"9afb-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YW0orWBfLz16CkRIutRYxYKMMkPm0kgV3Jsi7VqZk8Qq51WadB3nFnrfWG0EIZtmS2FJAF2xDVgL5K2wwrORQi5rnprIOrFLN93WDybRY%2Fg7CH70uoE7qD8LEupxi6R1JylsswZezA2U%2BuF%2BTmFcKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c3ca2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/3341.1a1f8595a0c8fc9f99cf.js | 104.21.56.114 | 200 OK | 8.5 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/3341.1a1f8595a0c8fc9f99cf.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (8843), with no line terminators Hashe26a8efc5dde624130372229258ab5c8 6fb44998a93cba1ead19a776409849a6c50bebe7 6302c624d089c3bcde5638a15d621c0f664857468478526bcac9b419ddc6d81f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3341.1a1f8595a0c8fc9f99cf.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"211e-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a3gaAjPR%2FK9hEwyIUqhTvOFSErDAhpDVfgUGKvB3ivuwYauD8oBdABtbUcDf0BEqAOav6o%2Bf3M%2FkswenmXXlFPpFrNg2nDyni7ikYPpWjybM6nZCmMZrlMNPEno4JiKioe3SxfedLOnk5Y1lbDHokg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c9d59b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/shared.6fd41c763b4cd504862f.js | 104.21.56.114 | 200 OK | 119 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/shared.6fd41c763b4cd504862f.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size119 kB (118990 bytes) Hashf2444e4ebe925f193c83f692cd8766e6 9d0c75a19d0693743e6429ab8da62f70184426ab 957af5a5dbcbbb943faca25af701c1a3d8839ad98d55ee5aaa401aa2f117ea8b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/shared.6fd41c763b4cd504862f.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1d0ce-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byM5cfcRnwwL4BJ%2FfAiOxi2XD3c8XvyICm4yrQtGOjfkdEp8Gvj3xcEmHD8dUI8Rze0IOr8u1BOPJcwgzMOBCDUmx0RDaoKudfbUWf%2BYlwCMb8TbpYztV8j7HC3kDNMkLSOv4ySk%2BY2JD3PMhnAU4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbbdb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/94751.a83f5d49f2a33eb3efc1.js | 104.21.56.114 | 200 OK | 1.0 MB |
URL GET HTTP/3login.restore-cord-bot.online/assets/94751.a83f5d49f2a33eb3efc1.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size1.0 MB (1006633 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94751.a83f5d49f2a33eb3efc1.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"f5c29-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yq9rgRezhtyp2BPPgGoMP3Y5VN37Bvei2uh5XEJs8xuGWpU3EK0qQdCqVS52XNhL0n9OMCWJqLXHB39Swnl3Ov4C%2BkTBFPKfnGO%2BWP1pdTN3I8aFT6E%2BbsUAKql4jMEgLYb4LmGldFTC2kuVp8Jk1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc0fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/69628.7b15742208fc0d4aa02d.js | 104.21.56.114 | 200 OK | 91 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/69628.7b15742208fc0d4aa02d.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/69628.7b15742208fc0d4aa02d.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"164df-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKLA4Z1cQeJ8A1RRil6%2F3en%2FKqbMt5V%2B6gELwy0zxY1A5LejCwSFvhknKvYwkwZvgjulEdQoZyc7OoyAC3sBAd%2FF4KCycbVtjrXTzEaYoCq7z77KX3LUv7EX1XOmJKLGm3O74HLZBU1FpRGxS8nBzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c6d0ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/94288.dbd73ecb6b1482a870b7.js | 104.21.56.114 | 200 OK | 10 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/94288.dbd73ecb6b1482a870b7.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (9979) Hash38d4ac71291ec9223ae33b9ebb5a4e89 7282b3fb164396d9510224b3040a89902c825546 9a8d5847b100e711a41231d5c45682b01b8173438f96c52667fd872976c18cc9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94288.dbd73ecb6b1482a870b7.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2732-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AIYgXfrY9ds7pW4%2Fr68AoCwvjhY0croOtIovmo6nFcvudXhYePCSfZeRcnmxaTV3uzABwjJ6Ea0UQK33%2FVo9h7K6Ph4zbWn1iJifvjyOgLz5ngNUdXuSGtuMzq5VLIuRCDRh484rxWw16Ab5pL5J1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8d5e62b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/99b391e2f74aa1e0d266.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/99b391e2f74aa1e0d266.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/99b391e2f74aa1e0d266.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3558-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VcchqrSCf4IEmvkpYqOxwdNF1y9M7YZEjV%2BhZYT97BK7DV2FjTn%2Bq2jDom2iihp9Oq5LPsXFJ4q6bbIsZkeC1Iem55Vm4%2F2yqY7Gr9KJ8g0yNvTtISISXlgWQI7HCcw%2FD8tzPNhENbwCu%2BZq1klRiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0bacab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/75851.82c9a7f8176d778029e3.js | 104.21.56.114 | 200 OK | 9.7 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/75851.82c9a7f8176d778029e3.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with very long lines (9810), with no line terminators Hashac6ef2a39ee1dd9bfd9906c593a8ffc6 0770b44a9791f7bb2d95b3c44c79a96fdf08ac4f 99c9f93237bec55428a7d0199a1a1c33239ff4f3afc72f09a03c860961430ad7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/75851.82c9a7f8176d778029e3.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"25ed-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eubQUjsgBjLCgvQ9XqHev%2BZVYm1znFNKSlN%2BAcCsemPv9pCIxK0ZVEnqEzPIiBAmjT0vS2L%2FyFmPDpNPLjVOpQUw2bk%2BY81snCeF7RTNuP4m7%2B7QINzVg05BdD3v6%2BWPTRdEEfTE8qq5TIVN15qqFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc1cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/14786.f948127b41553ade279f.js | 104.21.56.114 | 200 OK | 179 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/14786.f948127b41553ade279f.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size179 kB (178740 bytes) Hashd69e56d43eca67fdd7b58880418dad05 2c978cf96ee924c1eaf3a8e7f4f7a1df8a67bde7 1e625e5053b23ddf6c8c3c0775e2b7f865ad1fd8e34a3b67b0b12b714dafddd2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/14786.f948127b41553ade279f.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2ba34-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YIcSV0DAouCu18ieO3RzYPPB%2BQxWypnelAPQURIU%2Bxuuckln%2FcIRYlU8pleCZA9DZiI93BFX%2BCR74mkkMg1edtC4QeeY6H%2FsDfTSWvwBc7EjBg%2B1I6HEvyPdHnA64ohiLv5JC7gcugEz6Y8GNCpbIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cc7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/6086.2af42e57fcf6739db519.js | 104.21.56.114 | 200 OK | 19 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/6086.2af42e57fcf6739db519.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (19374) Hash6fc5e9f209e47dece5d8e86354e38916 78a29b4cf26974c725b5952e0b65baed2e3309c6 014e1cfc914dc362f3a55113e3aa27163bcd88c8323905e7d8b43c7b16ae821d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/6086.2af42e57fcf6739db519.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4be4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CkrgtFTsLd2oFMOcIMbOuD%2FSK0IO7zcDX8%2BhXj3BOMim1DLPoYQrqhaOVkufB4f%2ByzlvLf6kqWQzmZwqzjcUMtSvQUu5V9OtAKxm9REXMO3lGt1TOtweheY9KikGYakhwhhF64GIjE8fxOi4s%2BXsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5ceab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/77015.48150de6efe657e3c6e2.js | 104.21.56.114 | 200 OK | 34 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/77015.48150de6efe657e3c6e2.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (33607) Hash81c3fc72ba9d6399582bf44261a7d3ae 1c226b78a91b94e41031384e952806a0f7df56b3 5d14345894349f81168d5cbac6e2427d0390773574634f6936e06680a832d282
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/77015.48150de6efe657e3c6e2.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"837e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pk3J3i%2BJvbeQXWznTL4oqfebNmj8QVYYnXNk%2Ffy6YhRuw54Z3gpyr5webEkVUOt6KYgkgv%2BugD%2FiVgVkjDxcSYPrEQo0bAP7xyuXYb3EmGmW4Ovg2%2BnYga1rqn2zYU7yQKXH4PieGpaCC0XHE%2FWXKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c3c98b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/47498.38da6b2cf2f487359536.js | 104.21.56.114 | 200 OK | 10 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/47498.38da6b2cf2f487359536.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (10010) Hasha4ff99b0bbadc5f521c2a07f0f1e3f93 30b17f14702fe71f825a3966b652f65705ec3c93 6e2b1b73e8b8dbf90920572224e0edfbf56fa6e20d0cede00321cb2ac91c1254
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47498.38da6b2cf2f487359536.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2751-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fsdHBr%2B4t2YqVnSxOIGq6QSw4LatO4nAYtRsjmUCOG60f19d6WhyYzQU6BsArGJSvKPBeAh7pAFSipqDTe2KUSL8A1fyzPSnwjja6JMJqdFHhda7X601S4tLWn%2FcqWcgzCglqjwzfYodd6ldMz3JPA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5ce2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/7273.654bf842a369e2d3de94.js | 104.21.56.114 | 200 OK | 484 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/7273.654bf842a369e2d3de94.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size484 kB (483947 bytes) Hash8da1faca35a6cf1029dfc42e48b9c810 45f463dd73d51dabbb399d6ae6a4c1f16019e50a 14acf9e94dd9a0cb4dc91e43f797654258398f2c91ce40aff16960d049111125
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/7273.654bf842a369e2d3de94.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"7626b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KaqMksiBZ709d%2F4XAfqhOSCHnEMDpz7s2DxxzI0lu8X37o%2FzIze48jK6%2FTBJbyTa75LeL1pCZGrtIFAEz13ZZPMjxsOx6iXJRXeU%2BO5ghzAmb2aLtlpEogAw0djUkfG0UTKhjqsMNhqcNAyRIXeuTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c8d3bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/47470.c4ab7647d25b8ac58ca8.js | 104.21.56.114 | 200 OK | 312 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/47470.c4ab7647d25b8ac58ca8.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size312 kB (311789 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47470.c4ab7647d25b8ac58ca8.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4c1ed-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejcE9FDF467HVASB9UShIei4%2FDgF2vnlLkjWZldP8phMHtPhplrkDXijU8Imd%2FLgb%2FB4TWlscVoE1wqwgYftAy1HIoIDWUOt%2BAqCSH8uw36Rw8nqPurJghCv5ap6jx52Doe8SXgBbB9t42C%2B6S8CUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8cad60b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/68291.687557b9b660607399a3.js | 104.21.56.114 | 200 OK | 18 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/68291.687557b9b660607399a3.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (17615) Hashdd0045a215121572125a5304c3133a15 3ef4f53e521272322eac0952cf5b9b7f7b01ceee b491a88ee2a3533fc0c2eaa6a9f23a5e5d8e431a06aa9cf36e4c36fdcb0c699f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/68291.687557b9b660607399a3.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4506-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=faUIHC%2FX%2FVqU%2FvEOm3MZldsxNUyCCKPtvNz%2BAtfuSckQpl8l%2FM4n6vn%2F7DKRWs%2FpIv3eP1H2QbHMbFvBhO5i3S5l0PlyenGIYeI1VEj%2BRr3wJ%2BtRY4ZolWajlOVJTDeKKEgme71Zam7r%2B2nnoiqPnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0aab2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/62783.e18caa1168cc95380ff7.js | 104.21.56.114 | 200 OK | 100 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/62783.e18caa1168cc95380ff7.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasha98ad4c95668e7f4c84026bb92b67cab 7491bc769395414fb0547fd10164defb59634ee3 68e24e65cc7a6af0a0d33cac04f39aca1e1e670d0c137724abe4a917975ede8e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/62783.e18caa1168cc95380ff7.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"18608-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOc4bvWU5uYf77bRw%2Fg4AIAMC%2FEnTZB5%2BY2mLTkYKEVDaHmbMd2%2BeWneMypDciI%2Fy32TF3yEl0WWMA7OeUE3yNKfEyoDXGGnCRvKN9kRF8tU%2BNobmo2nG6A4W68jGi1Zfj2qg1ic4A9cyDY4U3cCcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0fb13b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/94288.dbd73ecb6b1482a870b7.js | 104.21.56.114 | 200 OK | 10 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/94288.dbd73ecb6b1482a870b7.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (9979) Hash38d4ac71291ec9223ae33b9ebb5a4e89 7282b3fb164396d9510224b3040a89902c825546 9a8d5847b100e711a41231d5c45682b01b8173438f96c52667fd872976c18cc9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94288.dbd73ecb6b1482a870b7.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2732-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QoOuqp3prAg3UNNbLlhsRxCszPh1u2K9YBUp2MmAdMtjGdPuULFPvTAOHPU8MgtklP5J4i3zo4MQam2v7NTCdYTu9pDO5Qf%2BoY9Qy0ntgq5pZs19XDBXbfhKorc8AHi5yqAcY1rvzAUQeMOBduGTvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc05b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/23356.ac12463556a44bd7b330.js | 104.21.56.114 | 200 OK | 1.5 MB |
URL GET HTTP/3login.restore-cord-bot.online/assets/23356.ac12463556a44bd7b330.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size1.5 MB (1470465 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/23356.ac12463556a44bd7b330.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"167001-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85FYHhU4NKcB8XUOJzN1%2FMgk11fnl1k3tZ9x%2F39%2BgtNDksSyAglaIE7ynGuVGzZDAEYaUbO0mnpH18XEkvy%2FpzU%2B6Kn4sarRmloU5gcLVF4qgAj15O3K%2FGWQXIJwY%2BplX43RlpaS52U4f9J8D838dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c3c92b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/78033.af8587a9881dd8fba471.js | 104.21.56.114 | 200 OK | 1.4 MB |
URL GET HTTP/3login.restore-cord-bot.online/assets/78033.af8587a9881dd8fba471.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size1.4 MB (1402833 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/78033.af8587a9881dd8fba471.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1567d1-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqjFXXabxi978fig0ScCoFtODy7%2BPZ%2BEcfa%2FBkucdum6j3DNQt%2F2Hct1EnjlyDRP1s2fGrB3KHlzbbQ%2FoxnYOgkTNLBwqRN7GA5%2Fu4i%2BV7QE1wv%2FmHr%2FQOj8CiEB%2BtmKzWKD8NY1ys32GSfOHXqVZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5cdfb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/images/favicon.ico | 104.21.56.114 | 200 OK | 25 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/images/favicon.ico IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeMS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashec2c34cadd4b5f4594415127380a85e6 e7e129270da0153510ef04a148d08702b980b679 128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/favicon.ico HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:27 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:48:45 GMT
etag: W/"5ff5-18d28d8fa48"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvDKW%2FbmPgO6NoHJg9VLRGDhDdDyP2nOxOVOXmwhDpu45bvf624LJWyAbgUv2oMyefPXmIEA%2B1kRX2B3oFziqVnkwbD%2FKNcEB0R%2BsQSN8D4O1CkoWFHcAIJ2UAwB3LLvvUWl%2FTfLoffXYVR1msptYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c9a3970b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/799ce01abdb0da7bdef1.js | 104.21.56.114 | 200 OK | 10 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/799ce01abdb0da7bdef1.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (10064) Hashf9eab234b26ace83cf074c0e8ee41795 7400543cf80242671ca9f63aff06b4fe7e33c3e2 99c1fb6a35c0b13536fb0ab5c1afb16fa359fa23e56d7c50fa86207f10e082cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/799ce01abdb0da7bdef1.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2781-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5IOKjnpt%2FqU%2FAs86MKtk4DbKgVTiEhqu36dSm9lF4RNw9Uyg%2BhDm0gk%2BYGhmX1VcNFUuIGy1kx8Nu5wZqKhUmBFctSS0GMatMlq93KiVqLLYVk9tVfTSJ1A65XZbvR5ZeFvBn7e2z6LFk6LYtiZrdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0cae4b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/399f7f1238d1fe8b2b51.js | 104.21.56.114 | 200 OK | 109 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/399f7f1238d1fe8b2b51.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size109 kB (108609 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/399f7f1238d1fe8b2b51.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1a841-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rp%2FJFy72EIt2lP3iYymX8Eph7JiSnHfiKgXmbW1dpMSlSJLemEm9zFR310WiWskRAYVb%2BZB8fb3IVJlzXwTaDOR%2FVMxc4khrXeEY17EbvFRSpUlw6xeHV45mnSvW0CZYzQOLIMcPZzySLP8B4j7aCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0fb15b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/shared.20ac0e19e560421c41a2.css | 104.21.56.114 | 200 OK | 475 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/shared.20ac0e19e560421c41a2.css IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size475 kB (474928 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/shared.20ac0e19e560421c41a2.css HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"73f30-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kv8rIqAs7dLDw4x0fYvqurBrygSIYy9AUzK9%2BJNWlp%2BY1qGvmEZ8oHnU5XP6ubtauEftHVjXyK6tSZmJojvRDARn3qeVk%2BUll8Eoa4HYj9cL35UjyE8cn7hlzja0iD7vyGsFD0xrK4QUHepmzvbCzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bcbb5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/47470.c4ab7647d25b8ac58ca8.js | 104.21.56.114 | 200 OK | 312 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/47470.c4ab7647d25b8ac58ca8.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size312 kB (311789 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47470.c4ab7647d25b8ac58ca8.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4c1ed-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EA7Dwewhzg1g6YFcIMKVH3PFL%2FrvSV0b6G6%2F6cZf2qv2nJcB%2Bk73ukU9T91csX7g2Z27kmDH4AyaneVDuoRlGIWIZetJBXNfR9I9PSjsQG7lcfoLzGO26y7SxTp%2BkrtYNeYsr0HztBsXmM8q6JobXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc03b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/?v=2 | 104.21.56.114 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1login.restore-cord-bot.online/?v=2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.restore-cord-bot.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7TQtoWl5oevptWelrYdnqQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 07 May 2024 07:05:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: frNSHJti0zvefaDmpQVhrIi8Gcg=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNIHK3QxPx1bXjv0GpIHqb6lgx9CkmBZ3kYv8fVCCEnIXWQnSxcysK820wJf8hUXIRL46odJoVF19twi%2BEN%2BukANl65K7%2BK9Q4WT6k6QK%2BRXTTHadFKFrSWb%2BEn00glwDJMGJQmNCnK6Eswdhs43fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ff5ca60aa956a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/26737.36ed5a81390b304d18a5.js | 104.21.56.114 | 200 OK | 9.4 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/26737.36ed5a81390b304d18a5.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (9496), with no line terminators Hash95d4749bd78c2a6b73af4d40c1072db0 d84ff435507b47269b7877de20e2b5637f2ada02 37b9c1afe404b4c5e7e36ce3374735666c8f23665a3c88ba38e3cae0192c1e46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/26737.36ed5a81390b304d18a5.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"249b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUxvbewhWRJaAKL%2FGGseDQj1a9hXOgY8BzMDuyEt0NeCrtmdARpF2T3iUC4WQSR522lbEurwAmvEFDSY5vUbqUuZrgZckQU789OPJ5ppMihVyDXG7StlWlZn9oHjl5QTCtnXpSptKgYcl8SAggeU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cd0b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/65225.45a68e44217bdc89eb40.js | 104.21.56.114 | 200 OK | 76 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/65225.45a68e44217bdc89eb40.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash5ccb90b22d94fa973ac33a2890fc7929 bb8b8e3a4a475920dc76225e76dad6c1305a76e8 e06633cbe7f25420c71e6a28fd6ccab71404df0d3fcf630e26cdb040e0e0ae2f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/65225.45a68e44217bdc89eb40.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"127f6-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8EAu48tYxFgwRjk5McJr5urL%2B602vNTyWKNi3DyDO1hHMPiduSI4HtRISLXqI%2BMDJ6Un8flEo%2F4cj%2FMisPyKJuAs86iW0naZeHLSVbJpY34OTpzHDs%2B5U4tmtI9rQJWoErPKkIBBVwm%2B4y8dhQzqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c6d0cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/53509.d075f1bff85f12b95485.js | 104.21.56.114 | 200 OK | 9.6 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/53509.d075f1bff85f12b95485.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (9755), with no line terminators Hashe9eff6bdc6b8bf132d282ab7e5a01c35 089fddfc575d1e95f64830332cd239ed1bd373fa 31a2beb20e1900be01f696441242a8abbd9f3f40dd8e9146d61bf141b36b4cdc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/53509.d075f1bff85f12b95485.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2592-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ocxHg9W4bhCvSVZ31QORvimpgQpJaeNEV4VoOVEGFXFwzhls4NVWC68RzalelbvpQVc6K%2FOvCkf4Ng%2Bt%2Bq2ZALHXxKsmzfBR2YIKYYKvWZ5%2BOvlrlm6Ku26ZtvYNOUDvacEloKMWPjxd8MbSGqXhow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c8d35b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/58409.1811376ebb7f14b0be53.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/58409.1811376ebb7f14b0be53.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (13964) Hashb04469c4ff1a1e4369a1238f1a6e7e13 baa699271e0bad0d5d568f5d0cb2dac21f5a2d0b 2dc6a1da0d49480f89ccab794ec25a14cab0ca4034039ae26e39faccdda82a50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/58409.1811376ebb7f14b0be53.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"36c3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYxYtrH4rDxFXpulct91qDlzqpr6AbS6qs0z4iOxjcWNZpg0El9nKpwXSrOIqQmOQ6LEepAF9Pwz5W0ARvQN%2BdplcO4PoTgU4E5d5domoDcs3GxQLQz82xUd0Pux0f6JinYFz4wq7bRV8VBPblzHrA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebf2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/3341.1a1f8595a0c8fc9f99cf.js | 104.21.56.114 | 200 OK | 8.5 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/3341.1a1f8595a0c8fc9f99cf.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (8843), with no line terminators Hashe26a8efc5dde624130372229258ab5c8 6fb44998a93cba1ead19a776409849a6c50bebe7 6302c624d089c3bcde5638a15d621c0f664857468478526bcac9b419ddc6d81f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3341.1a1f8595a0c8fc9f99cf.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"211e-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuXa1unEDf%2Bo02wUsyVK0k2WwLXMnsWpsGnv0czwcrqIvDC%2Bow1AjxMxvIpAyFl5BvzHIcXedlg4RGSiXvUNgNzexvk6rTqQdoARg0WiXdArMJeqcITG9Wrro38hSmlmscpkGpJsw8ym62m7kMac8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebfcb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/09563300dbb31ab193bc.js | 104.21.56.114 | 200 OK | 164 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/09563300dbb31ab193bc.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with no line terminators Hash8e42afb6be6c7e5cb3f80a429a9b38a5 9f69a17c261ecb637260673bf19224d146446522 e99ddcc2b404b34c865bf9b0476cbf22be543672d12349f58aa61d5905898014
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/09563300dbb31ab193bc.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Vfl0QiKuTcUIV0mf%2Bl5zMgJM%2BO4XIM1HLAGaYIdbV%2FDQcQCr2%2FzaBH7tGAG5EPvzygMayXJuFLqzDyMb9wENaMGzPJcOCwGbx42%2Bue3%2BzoDILliY5HbxyBIQm%2BfvRi4vaWYDdbhxiiffbbWFnakfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca11b4db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/d8d8bb7602e34b57bbef.js | 104.21.56.114 | 200 OK | 164 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/d8d8bb7602e34b57bbef.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with no line terminators Hashf82bf1c23c9485e0017406246ad5bd7e 6edc2406e77fe53d60d5c955b76b6f34a5b3cd59 f110fea7669d1c9ada9bc6f23ebf0fa2ef1d58f2fc98b30d6d25de027a0b8afd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/d8d8bb7602e34b57bbef.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=db7JQx3a0p%2FNAJMvxFHLYgkQPx8c4D9YE1alGWa7yJzlArTbQOdCwRiYpl2Pdi8jEumLoKFkNRF0B5uC8SQY3s5U5Pe2m93dJMDQhQ%2B35UKZprpR0yCxeOYSQO%2Bn%2FOt6Xcm8Nx9CsmTLKw6zDVfARw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca11b4fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/10991.d742d0d238c0d99e96ae.js | 104.21.56.114 | 200 OK | 10 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/10991.d742d0d238c0d99e96ae.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (10475) Hashfa3d9476408d24313aaaa8d6794932fc 4ab50205305c760862e0892cdf69e397a73fab7a 1f9dc95a0409e1d5a703e72a1f03578ba3b0c28cc1e7177a2b7f46cd7056cd2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/10991.d742d0d238c0d99e96ae.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2922-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hNLCI%2FU2iAlo72WenQfCdF5FPHXbEZsrbGF93k27%2FiPpOjLtZy6Ji7MwJ92dUaOfeRP%2B0JTJpeu5Ddc3O6NTAwafMapha3QhUxT97lAJZZjdRvls220Bm8a0qZXjIoRI1yNc3mt589zI2EEqWYA4Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebeeb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/98106.5d0f74b94113ede84656.js | 104.21.56.114 | 200 OK | 111 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/98106.5d0f74b94113ede84656.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (110574 bytes) Hash052c17e11e732de852f587cb1fe2cda5 31a92c74ce4c31c741d43570106a7086c94362fa 52bf56ddfb5538d260a9163c9fa4bd213fb2b79ee3da2a2cda4de6c37ed53ff6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/98106.5d0f74b94113ede84656.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1afee-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ir5BoTeXlRJ1JYgnCQrKZTct6JVTuD2omt9F1nyB9kPzDgzYs%2FMAsZZaK1rb7R%2BxUVxRxVWIy%2F%2FzmC9%2BiYJbl74uc3r2U2w6hfdfg5kW6Qt5%2FNF8H74epZjVtNo3ERS4%2BNagDWDHeohzirCIB6zbnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca09a9ab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/13942.42b3309fce7f57e5eb63.js | 104.21.56.114 | 200 OK | 141 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/13942.42b3309fce7f57e5eb63.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size141 kB (140709 bytes) Hashb57f45095b443009c496ab1c1471be7f e9af53d0e3e3ab155abafa07d23c79dae2c71f2c 408ebf752cddb6bc3782d7266fa4a7aa759bb9d4255f8d17cc7aade0ecb971b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/13942.42b3309fce7f57e5eb63.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"225a5-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5DT%2FnVzbejALARZj0G1gFLLOlyPyfRAA0mB2yB0%2BJoBI1WQYNBmKTk26EXhEthVtTDCS3sldya73dOaM%2FS3rVxuIVLnMexScdT9OZD7IcdCseYHsc08%2Fxa3iV0CTWlGV0wZnvHde9pW7pIykEkRhKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc0bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/67079.912803f13064d4c3677e.js | 104.21.56.114 | 200 OK | 23 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/67079.912803f13064d4c3677e.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (23306) Hash2a521f7bf2072b4d3eabdf38c0681157 90cfe120f3d79aa5d4efed7a5b458ec27e2d9af0 d7cc40cdb7b530f4d0050c5354a295361f1550e1e3f3092b8e2758fc26006903
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/67079.912803f13064d4c3677e.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5b41-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3eMZqctcPQFhw%2Be28EGKrZYdwjiecUZUppLKYa8UliCgbnaXYICTXAxLQ1y%2BBCRWvevpnonmtrORtBA9cPOJtWtUV36OEGv0ZSRjHCm2YGKmQ%2FehaY3NMkPdZ69VLy9p0GozJwZYEl22vA66n13kA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c80b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/46541.c33eae8d471e53d0e4b0.js | 104.21.56.114 | 200 OK | 11 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/46541.c33eae8d471e53d0e4b0.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (11221) Hash5ae0a08a3f12c1e8188baa3c52edfdd0 f557a1633dafe82e67dc1c79430a29e8c2770c1a 8c9541c705b78af92818361f371dffe2932fe667fe5bddfff23a10a94b0e9491
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/46541.c33eae8d471e53d0e4b0.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2c0c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuA%2Be2uijHIiSHgnrIrxj91RA2iRrOO%2FEETW46CpiNaFLPq4%2FaJIXSLDjZuWe2YEW9u9YUUKwDRddtHG2sgvgqGPginnYFGkXxmnwcctuz93tBJiSofungt2Y5NefCVuP%2FgjYzHDxfRSGLrp%2BJlQxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cc2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/65800.d803fbd4c225782b31d6.js | 104.21.56.114 | 200 OK | 40 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/65800.d803fbd4c225782b31d6.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (39520) Hash6ebe1a578a746f1da064f34508d700bf b27eeeec818818be41f90df32894c3c618d183be c5781d163c837d6d2c72081b42e6ac0b513ba744a8a2ef95b62a4be628fd0168
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/65800.d803fbd4c225782b31d6.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"9a97-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sP3%2BEDV8E5%2BSHW7t9IleZ9Dl5drhJWynoF%2B6i%2BCxIigaKkTX6I8IMSD2zgqymHxf4Zk%2BKQNgKeR7yISeLmxKzKbUpc5AMNhi7ZeESULZNHrGITKwmvTj99R1fmJmfTkyeM7IyWAg6TOV6YtEA%2FIn0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c8d43b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/58409.1811376ebb7f14b0be53.js | 104.21.56.114 | 200 OK | 14 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/58409.1811376ebb7f14b0be53.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (13964) Hashb04469c4ff1a1e4369a1238f1a6e7e13 baa699271e0bad0d5d568f5d0cb2dac21f5a2d0b 2dc6a1da0d49480f89ccab794ec25a14cab0ca4034039ae26e39faccdda82a50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/58409.1811376ebb7f14b0be53.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"36c3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXcD%2FsSOpKl3qk8b11kcCqdBy%2BT2kr5SR2i5psGWt6Zj5LCR3eGP4BcoTmDXdGDi85S3bpJuPY7JY%2Fp2vf7E4hawDv0lDfh3z9%2BGB7Y50CYN6tDLX%2B0wx5Ty%2F4vkA0J9qQw5Q6DbVQEI1G0QdB6eiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c9d56b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/22198.f5f5aeb061c44ad3e071.js | 104.21.56.114 | 200 OK | 12 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/22198.f5f5aeb061c44ad3e071.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (12232) Hash037eb3fd7c79a6a5da8011e606e917bd 078368fc9988f02a9d9b2faa6494b3209ca6f8a1 b24340e4a45954dadfd82c820035335f0d27ea454fdbbb263ca273cd590d5a23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/22198.f5f5aeb061c44ad3e071.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2fff-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bwcNmzkInsfsE%2BEjjyrbtG6ZiKEPlv1r%2FpH3voFlDnNZifJUuD4bHgRIY1WmKnrx3yE01iYZMVpVcsSdGjhkoy1dFeoR6h2trYXnQo2XujswPrZaOOuHDngyoS8lDVHh6Dc7QO9djttU1QhMQpmdKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c79b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/6eba4b5678bf2ff1c053.js | 104.21.56.114 | 200 OK | 45 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/6eba4b5678bf2ff1c053.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (45008) Hash837a213770a91c0bac5bc9e9c90010f2 0607bcf00f83d5529a1948a9214e8926dcf7348f c615595bc0fca0392ff1f30597dc0ab1cc6bf06493ce2f283bc30736a3083c30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/6eba4b5678bf2ff1c053.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"b001-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zr%2BE6NWOZ8WgxY8FPI7LfXyTsJwfPMKwm9CNdFev9A3fn%2FELaLjqVOII%2FpS9I8pD2KsGnD3UmeB2UR6sLlQ3MNGaD9LwLvws91awC2yi5aPgaVvmjw1OXuCaPw4lNMHw1nMjJyX9WwhcADhbiQ5y6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0daf3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/18409.4b935bbdaf404e1ee4c3.js | 104.21.56.114 | 200 OK | 9.5 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/18409.4b935bbdaf404e1ee4c3.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9914), with no line terminators Hash5aa60c5a1722502712e8c6df505d4633 81a39b0f30fc6a4cf1dc23df5c165fa4d9dcd474 6120d464aae1c7b09b57c26824fd3fdd42710850090bd9e7221a526713cab5c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/18409.4b935bbdaf404e1ee4c3.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2546-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBLZB7449KM1EpGgMRorwFSa4eRNrNI%2FNX8wGwmY1sdbHzPVWLinJjigkb0JFKYoEzUNBZn2PEwoYXXODhZ0A5Ailh5svNeSee4CoolimQKtxIn9HT0sOiRroFs5YQyeqbafalhU%2FDKI%2BGOW2qJL4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5cf5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/fd3f659b46061bd95594.js | 104.21.56.114 | 200 OK | 12 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/fd3f659b46061bd95594.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (12472) Hash1f26d0370e5e43ea29dcff7c1c53d661 dea8cfb895f9081bcf0b5c6eaa2608c0da58393d 8f23b16a70005926318364b1757e80b28978294775227047866f5a64f1683fea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/fd3f659b46061bd95594.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"30e9-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7tyGgDq7WfFFenh89YEuMsjxewMFT8encpUahXPnVDraS898NWXys5k8gN%2BgavIS87wkc8i%2BRX8CinQ%2FaAEZ3S%2FVljfN7Ke7RwMuzi25dn1XyWlzzi4S0URX1%2FyzQO3zKVKGDZxJLEBNm%2FM98hUmSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0cad7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/482.6e1c86f88a37a71d42ec.js | 104.21.56.114 | 200 OK | 21 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/482.6e1c86f88a37a71d42ec.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (20577) Hashba0cca7d871b0de10a4344be2427733f 4d4149acf6c6694000b0b4a5f18b4bff6aba6878 066deb7f1b943e4ccefdc62fc9dc214596787f8904a464de52bbaecf02ad8d86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/482.6e1c86f88a37a71d42ec.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5096-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2F%2B3c3zpOUu2eoVSW%2FybHtbXsW09FKiuViV7Ye%2B1A0VUci5dty69CtgUJpdUpcX2ya2hFzVMn3%2B1mL2fsgQfkfUuGzp8yqJnaNvetQw8MNnoiRBElxkpFOXIbOb3Tyaks3waGm5ilWrsPr4M4fSYFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbdfb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/19263.fe32553ff71153cb7656.js | 104.21.56.114 | 200 OK | 6.7 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/19263.fe32553ff71153cb7656.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with very long lines (6802), with no line terminators Hash22004ec800dc7d91289b0f2b29cfb22e 54698e8664becd4ffa7f35cd3eb3be9d9c357ce1 3031275133c2f739865c83543d1130f56f98a103fcb5548177c7cd026f5de85e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/19263.fe32553ff71153cb7656.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1a57-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UvXB1wRr4gE9s12Y%2FnBRQXgvEk5mwsYrzv1kso0muEDNLFzoQ4CFyQEbLAgwIwM3z296erhwt%2FG08ye5Dm3vh6IHec2q7OPKWXEA2ts9zahL%2FOyqmWrMTnCKzZbu5Bnf72Z%2BzmIiPierZa7fJhiAuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebe4b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/55639.406bee7d3e2064cd65d4.js | 104.21.56.114 | 200 OK | 28 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/55639.406bee7d3e2064cd65d4.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (27753) Hash75d1d4ed4e9080766fea15d7548a9472 b64d354f4c71d5176d3cb52dc7e55e752b48059a 66e11c8abc27f8285a8a7a8179af491f8b5d8e797b92afe6bd4a2cd710b2e122
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/55639.406bee7d3e2064cd65d4.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"6ca0-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6EYgmqgKZtE0VaK5XhUNfmb%2FpY5fMftaW0Fx5q7rihtLHACBjNrIN6cEoQ4jOEBjh8M6Lo0DwWF1BMH3KdRW%2BVEcMZpcRUnmYLynOKLbJ8Ax02mTV4Sw4NDF298wGMBlNV0LiRLOq4VRdycf3o41Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5ce8b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/25653.f1981721227784f0166e.js | 104.21.56.114 | 200 OK | 164 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/25653.f1981721227784f0166e.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size164 kB (164235 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/25653.f1981721227784f0166e.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2818b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xN70qvlUR8l9sa9UFvPfGNyDHbztORPqM%2F4XaiEw%2B9LQtR%2FWssvX962dqzRGSeGHoC9ztQveTu77QwkSf4cnJfAlCpUe%2B4crp7uLerAl2pQBgQlLdDbhbiZRZGrFedkhjXFbgMksj3ixYwX%2BiZnDnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8d5e6cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/e9e649f003bbece806b1.js | 104.21.56.114 | 200 OK | 16 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/e9e649f003bbece806b1.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (15715) Hash6a513e08bb57247ee2a7f7f28392d957 9ad8a8814f81f63d7e6302f913b45a047f2e8985 e6a791274ec54c4a3ac6c8b2f7a2689d04e9579f00b218e9e849abae247c0fc6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/e9e649f003bbece806b1.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3d94-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VlqnSrLmX7sBy6sPaZ2Ahsz4%2FkCu%2FFp49%2BmHg9IQi8cYAQGfBfYrKev%2BwzlblBHeLNQrirJQxsp3Mo%2FbG%2FyArZuj4Sw4t0rfjAGu42ihDeIhWPMozbNJgIHNdlWEAn79xz42ixVrHn0OSo%2BIPgngKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0daf6b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/41611.7d797575820892675652.js | 104.21.56.114 | 200 OK | 21 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/41611.7d797575820892675652.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (20820) Hasha290ac62b9753650e23d6e78ea4af855 417747142045ca3f2e616d389c0e678c3d6bab48 7140411b3e59a097ef31914fad63941fcc863cbc7fdf7f8aca5ddb67f9a6388b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/41611.7d797575820892675652.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"518b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtY0VAcFN8Lwg0%2BTX8kzVHjWCZJRdPGy6JXdyOiuVTANCoyBRGFLJPTmFA1sJzFnpochRXWDm4pCrRp2ttNElywplLCLHrE7Ci2WsjoTwmFaO6T%2FxxhrVsZzYHg6nbvsEZF5%2FIP5MV2As9ZbdL7jPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c7bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/23777.2a4fc059cb5b5caf5307.js | 104.21.56.114 | 200 OK | 60 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/23777.2a4fc059cb5b5caf5307.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (59652) Hash264bf832f52128869c50c91968264bb4 95a54d2525f093719198bfa0aaa1c7ef8574cc4f 515cb4b2b1c5a8190e7a9f74c13a3539aa2f758af17a50a71b9832fe53a88f9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/23777.2a4fc059cb5b5caf5307.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"e93b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijhnC5wh7OoLmRwXMdn%2B0zlqTS79o0JV4Pew8TL9wQlJGtdz4tnbQz%2FJiEU%2FDnI60PR1V9TryCnjIbnx%2BzcLjO1cyDcGIgTwvc8ufg%2F%2BZsCrZ6437mjY1TzrUDzLPBCua8FXBDI5DBqSQUUbxzBbZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c7db505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/71193.ad9560e90cdc0645a7a0.js | 104.21.56.114 | 200 OK | 774 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/71193.ad9560e90cdc0645a7a0.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Size774 kB (773921 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/71193.ad9560e90cdc0645a7a0.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"bcf21-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tm3NAS3Ko7gYnjNWYI9Iej0RTwNEQpoS9hyEIb76zhKqKKcqoWoO7fRiBPoWCXxnvrLqv31qtMd%2FGCfulaBt4ip%2FZ9c4Khnygy%2B1OwiqottDhwlcKjKofx3OazLSwe%2BAGDJpWcWJxW6FKRJsC%2BW7NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbdcb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/65000.e1b9099437a0cb5444c8.js | 104.21.56.114 | 200 OK | 21 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/65000.e1b9099437a0cb5444c8.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (21036) Hashabc619bd0b72681ed95131a5e0489b12 50f98a563f0b7771b5df533e8dd75306f37606d5 0384028309684382f2d9e791a778dbe1a4a0e9bc6e6756bdfc3d4f236ae3bc66
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/65000.e1b9099437a0cb5444c8.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5263-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIhT8yK7A8VpLwAUvhf%2BGV%2Fyp7zdXiMRAXMfV4Lr6uA3NL%2BSyXFQXT5W%2F%2B%2BsYkZjGAgK8i4MmgvqCub12mT7XY8vQUmQFvz5RLc0xEe%2BmI4MXg%2FSvjdy94ydUTwHxSYoO4LCGtd8viD%2BPDEhZYVuZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebe5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/81161.16bd418e776559e11cd2.js | 104.21.56.114 | 200 OK | 16 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/81161.16bd418e776559e11cd2.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (15686) Hash3c97dbccfd4e8411ca557fa727fd0a19 f35fea6cecdc989d2850b9a1f7abd2330aff5133 ca76d86c4f5150906a316d1ca088cd09eadbd882971821fa6e030127b81eac32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/81161.16bd418e776559e11cd2.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3d7d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0h8vzcGZqFgcKsRjOlg2BhUtZjmFKAvXULQmSDqKLyAZwD3d4ptL8CJ0CVI97U9CZMbjWbKZOynT23zJFY6mKzsuIhntQ6F2kwuZro1N6be1cAyCo9ax0bdAOZ9j%2FrSvTu4slBlVuTgCXAPoFfc%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cd2b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/3f46bbecb4287c0a829f.woff2 | 104.21.56.114 | 200 OK | 65 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/3f46bbecb4287c0a829f.woff2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with no line terminators Hash8e0185b3d3272056b90fa759b629b4a1 f80ecdd55cf374b1f5520fcd64e97883c1f514d8 7f2fc9c03ac5cee4e206b61d510b427ba6e8f5c7554d1b5db42c5caa7cf2307a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3f46bbecb4287c0a829f.woff2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKLJMD7rqsqM5thAwimmJYUryvKW9t1lRzRojKQJbq5vlPbnZxmpOC9Q4ElC8irNCgvU8ZKmnpySwx%2FWtKFBwIZ5PbUQKKXKIc6GvfyMedgcpFQr%2B73flu6pqY0GaKgl%2BZfkt45fTc02aIQNn%2Fx5gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca589e2b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/e0ece3c23b33d18f4d00.woff2 | 104.21.56.114 | 200 OK | 187 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/e0ece3c23b33d18f4d00.woff2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 186744, version 2.459 Size187 kB (186744 bytes) Hash05422eb499ddf5616e44a52c4f1063ae eab3a7e41cbf851df0f0962ed18130cf89673a65 c1d71bd80fc3ecf5ef1a97092a456a046d55fd264be721f2a25be3e59ccb8b2b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/e0ece3c23b33d18f4d00.woff2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: font/woff2
content-length: 186744
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:41 GMT
etag: W/"2d978-18d28d9d508"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5hRtStAfgeSD6sL4NJMDGqwPEIQ%2Bfc2BkUGDcgOMJrSM5f18UPsujDKG5f2QII7bdLmOPmsr9GZ3yl9xt%2F%2FJa75J92Nu0TREKcmwPE%2FRAMO3hxwioYn0y9fFGPsTD0CSlzrC85I2KoJS6HLfTJeqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca75cc3b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ | 104.21.56.114 | 200 OK | 12 kB |
URL User Request GET HTTP/2login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ IP104.21.56.114:443
CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeHTML document, ASCII text, with very long lines (8134) Hash95a4ce54cf97a8509be9a66701984e4f 384a32399873a045e0f8ecedbf80edc815d9c089 4ff05b910d8ae875dbff0d7261102e7e2064384d571265531a4691853d6c88c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 07:05:24 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
last-modified: Sat, 06 Apr 2024 12:04:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqEVQEdXfw3%2B%2BGjwMcVLp5VjwpFo2woNK9VdRA%2FwSiFCc71BXjdDn%2BKFgRm%2F9CtQnwNwqCi4tm4AUbDfKha%2F7DaeNuNqd2fNVmXwmaamqvOMLxLlILPjF4toJRkwDXfW%2BZj%2FuTIU7i0lijxlEFBi7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ff5c879c1c568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| login.restore-cord-bot.online/assets/21396.259a270b7e3f8803a333.js | 104.21.56.114 | 200 OK | 15 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/21396.259a270b7e3f8803a333.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (14756) Hashc74d5b820b3ada88a22cf587816c396f 6234d885e01df794f61cb4f40f67b2fb9f7adebd f693e1a4e6fac3c7d5a97cf8ebc5e28ec4c1aebeab83580734ca143563efdb14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/21396.259a270b7e3f8803a333.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"39db-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D55wZ8dzNrRHU9Im79jzVDMKqjdasNZamidOJmCHR3mCAwBvIIo6ljyFVZLBZdsNWjL9u1p6ruABUUy6aLePg%2BIbVdvTH5oxn41BRofWjuse27h9P4c02ZPy46cFI7iZ9332SL7hppmsxZvMb7p8ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbcfb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/52033.8c199987fcf5a97f2ee5.js | 104.21.56.114 | 200 OK | 10 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/52033.8c199987fcf5a97f2ee5.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (10438) Hash8eaae7e1a96c8c653d0d85b3733e705f 5b7a6b708f070bbdf46cf15e3c613e3e60896260 83e5ef5e06c1625afe2ad608af5ab6b3dcf13652395d218b8f2a2442bb5791c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/52033.8c199987fcf5a97f2ee5.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"28fd-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vnMWwCyERltPlwHWUtzqRAlFGuWqNziprtD2RYVWQZW%2BXNDiY3oBqD6cmWk6XrFp7TfNtjdTAZXEgBM6dseaVEViiQnxL6W5qY4AB1t9kIhLKgtqmoOsKuyiGh0R22ije7vzO1qcQGOspiNvfrlhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0fb10b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/66888.79756ea63981ab2a6341.js | 104.21.56.114 | 200 OK | 15 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/66888.79756ea63981ab2a6341.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (14863) Hash1d86b77c518ea58ffd94ca73f4ecf8ec 46fdebd87f50f9aeb25b1908c92995e8d39212e1 a2740f55ae9c5911162e7891dab7a0a23ceed7ff351fb7956bf02f2a46e68f24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/66888.79756ea63981ab2a6341.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a46-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfQmL65C0hlsyZORtGgJn%2Bxm5%2FgYGputd5DD0yAYJn2hEmtJW0oFHjPW3yGpdMN2LG4ms1dyv3OjuZ9CwiTXI70FbjonIu50d%2ByXdKzNStkA8ymHGE4Qt3M7EhEoH5RBKNwOVZ5kTYVMeCkx4jXYkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cc3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/96897.008f2a416a4c547f02a7.js | 104.21.56.114 | 200 OK | 8.9 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/96897.008f2a416a4c547f02a7.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (9305), with no line terminators Hash09526b3c9921a6dc860a1ad3e0b0bbb7 8830182678c4c396ec9098dbb522bf8124196a97 9c1e6291fe3e409a901297061f201be5ea9de639ca97a63badffdc77f50fbce1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/96897.008f2a416a4c547f02a7.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"22bc-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvMlzbA8wGojo2cptJDm0%2BvJtT%2B8PYz7amxfU43%2FNVLFgruBT2AduhFAQr9k7V18Qi7CWYTd2n7txiuiVK6Ua%2BV5FzXHlfxBLMi8gCYU%2FBGgAOvI1gPssjX%2BxaBP7rN4%2BmFcvuLkV1657vnvGcRKsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4ccbb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/18667.a2153b412864bc0484ff.js | 104.21.56.114 | 200 OK | 11 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/18667.a2153b412864bc0484ff.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (11075) Hash40ac4831e99b9248bfcac7f7dc820c49 ff2b273c92b32ed9a0849743bec41a5af5b9d3c1 b47a9d595f8492f38ccddba2d47641117fc6a8426d73db79218259717462518f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/18667.a2153b412864bc0484ff.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2b7a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EOTk2Qtx5Tpc5nSuAywamXBEv9NHuaAa5lMWjF207WIkpv%2BHIV%2F3myfTDFRPtIes6erv8OUdfu5YlQ%2FG0QE8jhUCDRYVuNaOh883c5VyLu5pbu1HaHNEpSPedFZUU%2FFMcjPoK8j4fReVn%2BuMIVT4sg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0eb08b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/5486.e277dbe0f48aff03f253.js | 104.21.56.114 | 200 OK | 18 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/5486.e277dbe0f48aff03f253.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (18439) Hashda488d066f499947444eb7a2c835e1fc 378be16a36214b56e040795885974a4e7d5635f9 1dfc9020a696de7183246e819d88bfd70298526c4bbe9042b5b39d3628cbaebd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/5486.e277dbe0f48aff03f253.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"483d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNkOKqnmPYvyDIeB9qPkr53posCQzKAHoMaFLSgzFuJ%2BE%2BISs5VoyNp%2BXivqJq6UXtoZEDpwR2GmAvgriFV8XFzL4H1LogFZxymlSlb1pzBvKQ5i54ZafsdmJRl82rqwBBMmbECi8n92g0hly7Udkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bfc20b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/71554.35bafd030ac297a37d2b.js | 104.21.56.114 | 200 OK | 100 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/71554.35bafd030ac297a37d2b.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size100 kB (100440 bytes) Hashba52e5e9910264fad8c8cc08677ff419 2a8303994f8bf6fbce44a9198fc69f39a41b8af6 e6eebeabe896bd729ea9001e3049ec54e5438c7d5ecc845ae6a3f8d5c51e7f2c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/71554.35bafd030ac297a37d2b.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"18858-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TutoGWt9%2BPEVEu7VCDaZ0ynZq1gG5FPUsGaKLRSIIPtRbNQY4haMLLtHFURnan30EG%2F4JLdNpXRcLAXg6WttWtwiG3AUxJFmG33UBjr82tkJb81G03uNK4qlVjDuLd3osWrnuJKbvA6jIN6Zh%2BsaBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cc0b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/38081.229b2d35737bf3f84541.js | 104.21.56.114 | 200 OK | 22 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/38081.229b2d35737bf3f84541.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (21630) Hashc20b5e9bd89cd932aec62501526bc4af eb2f709ad66bef7b20d4ecce454b827cb5758391 b4c9960af0c70acf545990b29eab7e4465caa262df425c820907bf259da27441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/38081.229b2d35737bf3f84541.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"54b5-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lCdSzUV62Guwt59QyQqorwYjORszF%2BXE9%2FXUXds2hjtDqk2UiqxDVkEsH6uj3Jm8LYYFO3d8Pl3qbZPgUp1Erre1a%2FfXjuSGtdqFFTjIeGBWV4aF4md7eoBfQWi9XyyiKKLsVmjQ3bjBSUfaK3LbDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cc4b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/27043.105ce50242094adf158e.js | 104.21.56.114 | 200 OK | 91 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/27043.105ce50242094adf158e.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/27043.105ce50242094adf158e.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"16445-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydlFZ62uDhs0wBTIB5hnnuXq997G4zRV1Qr8ShFh9zwmL3YuUvrVmsxdScLVeEXX4oIaMjhh8zxieppJs7lK2iCHjVUqbyAjF9uSyWZqcURun3nax2ZlbXyOAiYa%2F%2FLZJ2H4%2BlxyrKFeIxNf8p%2Fatg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5cdbb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/49191.4c47aae235ac3c0cdcd4.js | 104.21.56.114 | 200 OK | 13 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/49191.4c47aae235ac3c0cdcd4.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (12692) Hashd4ce6646e8d5ffda699497912a3eebd1 4a805ee77c49b82538f97e189c6fe64763b596af 27303c6d56e622d841fdf0dbe19d3b61ba24b4d9ed0f0063554d40d051419a8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/49191.4c47aae235ac3c0cdcd4.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"31cb-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o%2B63s3yGMd8PCxGVHhGZuWWKFTHHK0a9P8ZCWatNPWODW1vj2OLghWPWg%2BUBvR8dDfop1%2BIvGM6NJDXjvRKKtv5Hkrd2MVd7%2FTZEc961IrDsFRFKi1sl1CIy9aUKMPwLFJWdQKbRQHZGTmrzLdPw8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c2c72b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/80083.7fd81fb4889aa662cd19.js | 104.21.56.114 | 200 OK | 26 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/80083.7fd81fb4889aa662cd19.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (26162) Hash0abbebabbe917f168094124bb3cce39a 9de38e8e88c1c3450db921ccfcaa3afb35563194 21dd7691eb613640f3b6e7ca733fbb99374430c34523f31fbeeb877ca8c5c494
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/80083.7fd81fb4889aa662cd19.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"6669-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8pUFz7bCBJFLzN6miA0hNFOcH3GLFUBRvNI2MEnWm3yJDL16M8NpK2oQPVwwsTf6Wq%2BBjxb3Jgd1VtwPGjbweitJBxhW9Xch4qcGmem60D%2FOu%2FM5u7u38OMbr3mREJ1ZQieEi2IIdzR5u9AzdtaHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cbcb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/37580.f4011cf1c76f3c28f15f.js | 104.21.56.114 | 200 OK | 24 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/37580.f4011cf1c76f3c28f15f.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (24059) Hash57c8c6f403f66b72ca058bfa2a84d58e e19ca14f4bb25d322910c510f04ef2429487a2ae 934565da3cbcca91b42b6e506c8586d87297ee0d781d1eb7a73d006641a5a5ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/37580.f4011cf1c76f3c28f15f.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5e32-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXLUyW8R1jC3qduX79BTFy5gydb%2F0ilR5oQG9QONNPub2x0B12DTMdb4%2FSnBqCCB7uM8%2F1N73jnk4plUTwp3fxT9RlDgTMDNrLD4CuLkHOQfq4HjlxZadG5M31cs%2FmTB5t6xIBm21Qk5tKzIMnGrBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c1c4fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/89261.02ed5e657cba70087452.js | 104.21.56.114 | 200 OK | 15 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/89261.02ed5e657cba70087452.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (14959) Hash792d2294c9fb0e7d0a07bff3abbb0d0b e3ec35950876ae2e409e65759d0802c00a91e40e 2d3415e0b866788b07564eeec5035c17ac14645fd13b0bcb9bdf71b5f66a1e69
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/89261.02ed5e657cba70087452.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3aa6-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aA1bG3KskjiLJEv8AsNEjgHJDRjROBrZGZ5mz4ou1DULQLW9Ho5m16uQnBL4hmTIzfClULY3QFCsIY3dd2xemyMyQ4pTKTk%2BNoditPJWn%2BUOfoCaX4U73ZYWmh%2BFzNsfn8Y%2BZ6M%2BGh5sJU0VT1QmsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c4cc9b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/1f3e315f020ed5635dc1.svg | 104.21.56.114 | 200 OK | 180 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/1f3e315f020ed5635dc1.svg IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeSVG Scalable Vector Graphics image Hash7be3d705f8fd758f30fdb6d593364954 469caeb23537d7152c40fca8e5a8c9a03013eb07 907d7bc2d1af895ac583237f9005822ad480c51fd03618f5a7819c3d71b62424
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/1f3e315f020ed5635dc1.svg HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"b4-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CWXBip5v%2BKM8eGl0lLxhzq2Ks7igq1jGTC9OgJ6bJjgujY5SO69%2BR%2B02nm%2F3Nux%2F5OyyxsbZuxsW%2FPUwsFLH3vhJE%2BJfsfZr4tjU2CC2RxO8UcB%2B62O4YMB6y8cvPaZHcfDGSQhk0K0K%2FaW2GYTlag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca11b56b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/1af9bdf041e000508e41.svg | 104.21.56.114 | 200 OK | 137 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/1af9bdf041e000508e41.svg IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeSVG Scalable Vector Graphics image Hashde7079c084523cbb534e908927ab5519 cd4e81dfbcc142ff38ac775c9302f26d3bd28fa0 b5d51114897461dedb697b36086385bdc8b62f56da6914fcec198644a96aa65a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/1af9bdf041e000508e41.svg HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"89-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLx5uOa6tc%2Fjz8wrGh7EJInfO3BK49fjchPAtdLErFpa0u105FYHle0O3U8JkzHVgpkY4qK4CC07WEgN7clvXtaiTw%2FcRCTrJrq98CHQrdO%2FQ83a2yg%2B2Zp%2Bi6IXOef4oN842LU1n8SXLhyXHa30Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca12b58b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/8f581f91e7e650ac87a2.svg | 104.21.56.114 | 200 OK | 137 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/8f581f91e7e650ac87a2.svg IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeSVG Scalable Vector Graphics image Hash897482ffa8de9752445d3eab06524d8c be0afe5b3be92b25fd9baf6c4a98e30a8b4e831d 071d1d5a1ae9749fb0b9175ce5f7b74e994c97cb33f38e2a68bd717b32518dab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/8f581f91e7e650ac87a2.svg HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"89-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Uh5iDV1f4wbLqRGEIUzr3A3jWXva69ELtjmT2ClJHBa0lKUTK9q9o4D7CqAO4WliWo%2FQu8vz8uVkgTOpkauH1ssy2Ehj%2B8Rblz3op%2BmjlOdG0FlxIkN%2FPGz4fPD7Z%2BXsfvCzgT%2BpxI0i7lpwfhydw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca12b5fb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/22918.9f2b9d54bbfc371a4d92.js | 104.21.56.114 | 200 OK | 18 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/22918.9f2b9d54bbfc371a4d92.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (18420) Hash5c6249fadadcf61985346cfe7e1b7245 0cd8c3cadd55dea165b09b350937732c9c63081f 79f170c6631891285f067a393d02bdc4aa9e270c83c2c0fc144882faeaeb71f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/22918.9f2b9d54bbfc371a4d92.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"482b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tjyj2jnTAJv46fDw3SR2gBKOlGg5josM0cWNfDFkX0jQvFGpuWoLqusoXMqGCCSHuNAsgeDdrxdZnqO%2FNnoSBg8kNOCETyHng7Sos6B4IsCZ1ha8mRminDsg365yzpDeyfgV0v1unnl8q4sYoBotMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bdbd3b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/31897.ec700144df6b20f401cb.js | 104.21.56.114 | 200 OK | 6.5 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/31897.ec700144df6b20f401cb.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (6675), with no line terminators Hashc541881b1eb8c6fc9ef167b40d30b518 b18e4deb44d3a876d671cd0c32c1cf60512dd342 b45ec7b4dce9bbc331cb5b4af670a517c046f91c6cc8d32f04c143456f3bba9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/31897.ec700144df6b20f401cb.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1970-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVuxQsKaGrKClxUqZI605K3Poq7ii5C1b1z3IYiLPzEasnCA0jNbClgMfn1sbId90EpH9lbclohV7ARMQR2VfQa4j%2B8C8hTDTLMTYW4y6b5RMhUKUGwUtS7mqi%2Bmw2aMYEFtcYP5FIRbnxv5ZhN%2Fdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8bebf7b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/api/v9/auth/location-metadata | 104.21.56.114 | 200 OK | 112 B |
URL GET HTTP/3login.restore-cord-bot.online/api/v9/auth/location-metadata IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc01b8794c2578db83a624677863637dd 12f43acb250541e7b2f85a7ab1d21499ce354a69 6b31181fb19d9d5f68d14597f7fbd1dc0d07b6587784011d42f109a2854388a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/v9/auth/location-metadata HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1237299246508802048.2W3XwqVFKEDgvx7hHyw4S24KoA0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHTPINFkvgz%2Fhad5G9kUn3x5f7lX%2Byv5joKeO%2BBYiCFRcooBTlb5TzqAkNGzTbBNBQ8gx2n3ij9ym0MwaJkDEtCsu%2BdoFVv8rfqmBYvzS4m7FejxPnHff%2FTh3gDf"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=3012e9d20c4011efac9dd63f572b097a; Expires=Sun, 06-May-2029 07:05:29 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=3012e9d20c4011efac9dd63f572b097a931eb2f708481068d45d5936b0a523ef8b6ac00c9426ae8b705d947465098275; Expires=Sun, 06-May-2029 07:05:29 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=390ccdd173dd51ae8999d1a8cb93f12b3e733d57-1715065529; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=ha.QtH_mmZhwx3vCjmrlsrwD1c3l0dSrpheC7BNVmcM-1715065529607-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"70-gqIoBQ3hG3CLbAcu5S0O/xQbm9A"
server: cloudflare
cf-ray: 87ff5ca5aa05b505-OSL
content-encoding: br
|
|
| login.restore-cord-bot.online/assets/b9811218b3a54ad59fb2.woff2 | 104.21.56.114 | 200 OK | 65 B |
URL GET HTTP/3login.restore-cord-bot.online/assets/b9811218b3a54ad59fb2.woff2 IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeASCII text, with no line terminators Hashc7621ccdd6a8ca9b681b2def747d72a7 61c3dbec477606bebcf5d6ccb58f26659651d0e2 135667d8b38dcb9372bf4d65eaa44fa5438d0b06831a2cd562eb82b8d44f4098
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/b9811218b3a54ad59fb2.woff2 HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:27 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bYCZ9hSUJTq5YIvG%2FQyz%2B7I1nOS89%2BnEM9NgbwyjL1OZ9mcvxc4Zeuom9h824GCer%2FTfTM14VxhZg9R0xzjsFuk%2B%2Bajr9xMrG07TxfRbgzpIUkMhMkSBgvyml24kcllSuxHDxr%2B4W%2Fnw%2FlkoaYumlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c9c6c95b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/1182f0e14eb94a3d391e.js | 104.21.56.114 | 200 OK | 37 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/1182f0e14eb94a3d391e.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (36601) Hash52b599c4aedf6b6ffe9c2ed3d2b352bd 936cdde615c933061158424d3b8ee939c0f862c3 17968598d9e70c9e4261422b17902c0d3cee59654d9fb070842f392d2f760ecc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/1182f0e14eb94a3d391e.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:28 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"8f2a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjlGCtLi57Yg7eaaWe5z3NSRO9wGuGJJRLE7AJMFawR701pDQ3Red3HiVi46CUDillM6sdeBpTpFCNla%2FrGHHP4BY212qla4AsZkhTnJjOmsqQPpoe%2FIg8yCfWdps4OAb25zb6RsslFRPuARYLDLuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5ca0daf1b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restore-cord-bot.online/assets/48059.86a954da9c9a44ee9dee.js | 104.21.56.114 | 200 OK | 121 kB |
URL GET HTTP/3login.restore-cord-bot.online/assets/48059.86a954da9c9a44ee9dee.js IP104.21.56.114:443
Requested byhttps://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestore-cord-bot.online Fingerprint14:B3:9B:35:36:ED:E9:F6:66:EF:0A:00:48:E5:9D:67:60:72:BA:D8 ValidityThu, 02 May 2024 07:43:12 GMT - Wed, 31 Jul 2024 07:43:11 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size121 kB (120793 bytes) Hash0913b93dc0dd7e4beacfbb0303501b18 e2fa12d63460ad8a54218971c444b085958ced88 9f32de28a06abc9233adf200a94a4d637cd39ab3b3970390175b42e09e5820fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/48059.86a954da9c9a44ee9dee.js HTTP/1.1
Host: login.restore-cord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restore-cord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1235507493564715018&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QP9ElZpVVbiBHetJmd1MEZ2p0VMtmSzImaxMlW5lzRkpnVtNWd0cVYulzRil2bqlUdsdVW0lzRal2dplUerRlSFhGVKdEbUp0dZVlS4tGVKVEaUp0RsRlS3lVVKZEbUpEMrRlSHxGVKdXWVp0dJRlS0ZkMRRjT6V1dJRlSykEVKdXSUpke0dVWshXRNlXVpFVeVN0T4lUaPlWVXJGa10WSzFEROdXWq5ENVpmT3VFVNNTRq9UaNhlW5x2RjRjVtl0cJN0T4FEVOh3YE5kMVpXT1EleOdXVU5keJRVTp9maJtGbFRWdWdVYz5UbJNXSp1UMjR1TwsGRPhXSq5keRRlT0UkeNpXSU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 07:05:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1d7d9-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=644VJi8q%2BzgdoWWG55f1IkW8Yf3mmFRFq%2F%2F3is8s6KjGPch5ee7lB8m7b953%2FMzrL4gELeuB%2F2uDPZ31dqvi%2BAQhvN7IFvEGJv3Ln1fP003xjEmPS%2FXnTUbOhDlVzAwYbQkx2UoWmvzxZtLLqvvqXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ff5c8c5ce4b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|