| login.discord-bot-verification.xyz/assets/48590.9d5fbcc5aac137b478e1.js |  172.67.131.77 | 200 OK | 13 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/48590.9d5fbcc5aac137b478e1.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (38172) Hash43c0247c5fd0d2aca49282b1f2e8b884 9c3d283f016f69a880edb60ebc384c9f39002a56 998a4388e4821fd233dad8d1faf2700c0c47741c4843925dd9252b1bd3dc0c50
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/48590.9d5fbcc5aac137b478e1.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"9553-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xMkdCUX%2FkXizVhAp2JDAyG%2BSAefhK4s2JddfKQbHJEXxw9y6cJe%2BCKXO48Ax59Vya6SMrl69GkL%2FAkvTZLznrqY9fUC164Rb%2B5aEkvG6fu9nVAgLWaWNq%2F9ZacPZg802LEbo88op0Xbi0OEcWflKX02azeOq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba5ae7b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/86480.ebf8826a7f33e22a6aba.js | 172.67.131.77 | 200 OK | 15 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/86480.ebf8826a7f33e22a6aba.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14887) Hashefa64bf325b069f9cddd3a1e224e7679 c18d2104d2ab6cf8599c57fc52d01faf8c48aec9 94139cd642069de9ba7621638c1dd08ff2703c859f69df7e24ee109f4f3cd250
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/86480.ebf8826a7f33e22a6aba.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a5e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgZPq0SazYMEUCgJGZFmqJalWmBMt%2Bn09Hz8TSRNIQxOHlzccdNs83wCo8M1Dc4RESa9yYvAXxYML1gBq9Kr4Ov%2BlFhLARJG2yRknhOKuvrCx7K4venybl9gmINCBOli1RA5f7XJxmd1CydRXTbbG2EFbHDt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba6aeeb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/75676.8481ee3ef6c0d7c670c6.js | 172.67.131.77 | 200 OK | 8.1 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/75676.8481ee3ef6c0d7c670c6.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13527) Hash502ff8e5505ed7ca0324277b0bc89a44 d72fbdd0644c128b92e705195be59364fe41d03a da6f72756a57cf6b4ee7fe8d1ffa539976246470d740b0434e62ce7bb3d4a60f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/75676.8481ee3ef6c0d7c670c6.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"350e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2EdPnDR7G99OLCgTxk39WiV%2BuS5XpmJF6ePIzh2%2F6sFmPhBObdJInLrlo7vtGL5aiWlpynmec2f2%2B0iwVQGUbwH4xGeU%2BeN9KoOYjqzQ7OpMcdFe92ADUQEA%2BpedYLF2J16clC7yjKkFZU50WILNCRYTGncu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba6afeb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/8240.59954d342c818ac8b70f.js | 172.67.131.77 | 200 OK | 30 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/8240.59954d342c818ac8b70f.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash18dcf8fa835cfc1860e0869ae9711d8a 372560e730d7725d0d486544b57f7ca5a1e740a1 3bc562cf2f8191b1220d710ccb7cfba8dd0eca628055f0fc4bf98b0f8e7289dd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/8240.59954d342c818ac8b70f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"13b4b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gk0yiqlAookcy4QDXtcF0xBzTh08NHKVZ0pJgnZ2c9wt0kKlr6VtObAHoKgJvF6RA2C4bORF7crwPv%2FbG98SIFNc%2BwV%2FQcp%2BrtcZgTyihP6am85e5P%2FV93btLV7ENUS6HY2uk6kf7SoZKLFIFLcmSI11Q%2F9S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba7b0ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/34426.9f82349d8cf165e1b07e.js | 172.67.131.77 | 200 OK | 13 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/34426.9f82349d8cf165e1b07e.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14800) Hash495af705377c93d5c53e1b8c3b14d883 16ac3e41a677731e5ced48142c2949a75154fc64 83edb478f8ed6fa71c304bd0571c29d682453217ab896bd84fecfc4f2e42b2ac
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/34426.9f82349d8cf165e1b07e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a07-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nddRMIaCtnGZKKl5ZqE9KOUw4OiP3jCOGegq%2BdSqTegyzc%2BtDLp0FzQMlO56%2B3Mn6xyN7IzZnT8TjWqu3tFmttISIGkPh8adpJ2qY8etN213FPLFRwBRra0fUIEf%2BRXVoUWWUtCiRXV28%2Bd1X5mHH11p5DDl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba4acdb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/31717.335393f06f604050b43d.js | 172.67.131.77 | 200 OK | 30 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/31717.335393f06f604050b43d.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (64808) Hashf21348f766d7fce1d259877b826da099 73baf8dd6916a60dab75cd1879feda4b29a090a8 bfb3e51c1397bb6498dd873eee144f50271c74c4630bb8ae0d55a1da8aeb9863
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/31717.335393f06f604050b43d.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"fd5f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GG4T%2Bgopw9RD%2FenD0eMtKKS3sZBP04aczrW8wOlyqmvF0jXijZe83n1UexjOzscVYayEmSXMWpsf%2FF6jqXx5d%2FZR%2BpUdMikHZd1Bhg%2FHvxok3iL2V4AcYIwVkuuPmS3JOJNFO7IdosEfjGYgLyuIunzGKo4m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba4ac4b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/14875.31e886d6d1db8a56b5df.js | 172.67.131.77 | 200 OK | 13 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/14875.31e886d6d1db8a56b5df.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14036) Hashb73ea7c5ff12b5ac922cf837484b41d4 ecb0e464f4dc99dc4c2a88a0af3a5e80c8cbb0a2 558da14d878234c5150f3875e25a8049954a5ac6446595d3f58ac828620a6389
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/14875.31e886d6d1db8a56b5df.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"370b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOM6UBF9DhKjxymivZpar2NJ1dwQyNvwmib%2Fg8ICgDqm4w3aa6cTORD4O26NYvhY6VZ3JrQjpFK7tN2RMwhmiDXsNBfBWXegGeHd%2FX%2BCTu%2FpPVScsxwS%2FOEkpr5NJOvnnp6RVzsUk4QzsgpSSL8Z363H7xf8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba3aaeb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47146.d5c177e816a2cf054d31.js | 172.67.131.77 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47146.d5c177e816a2cf054d31.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (43856) Hash2dd911fe6af5b351702811c2d2dbdb35 6d22418ce848dafc32e9e0f8224fc6ce13a8efaf 40e9ecd17a864fde103d7ac450a265ed91814c0dbf4ab22f26df913e1f724969
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47146.d5c177e816a2cf054d31.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"ab87-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l2Vwm1cZI47kYfljVDtEfIKR0HlnFPTld%2BdUfWsMead4clGcSW%2BiW%2BwrfJd08dNd5HDx5P3IQib%2FHet6u1W4huUHwl9KVSI7V6bpPUO%2FddI1xoQYVD6ZaQXjDShBv2pdzNjeM5d9m89nXG5TA%2B%2BP8tjvn5p0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba6b07b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/18407.d0257553d76c1da19de7.js | 172.67.131.77 | 200 OK | 26 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/18407.d0257553d76c1da19de7.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (62630) Hashc6070a74fc7828610536a88f4ef0ac00 58ff20e6b81343ce9fb04c9a3b98e96eeaced06b 5a52fadd5efd62ecee80f803d600055810fb7765497d80e95e8f61aa27286cc5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/18407.d0257553d76c1da19de7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"f4dd-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3I30GnLIXm4Chv6H5%2F%2BufYYKb1ima3Ewg46y5%2Fus%2B8PxQc%2FIjaBW29XQQpTYS75YqnjtBYVx9qXQTfDihP8kEzp6szEcP33MheSESvcSRaucSgev7570%2BjZUsEeQA0lL%2F1Es315ZLYhU0S%2B2%2BeqOOxnoAQZn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba6af3b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/25f1e66664a140ac84c9.woff2 | 172.67.131.77 | 200 OK | 182 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/25f1e66664a140ac84c9.woff2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 181532, version 2.459 Size182 kB (181532 bytes) Hash980082c4328266be3342a03dcb37c432 4179f54fd61655067a20a2b37224fde3d8e5024e 1b03dae61d613604b3d41d61cc4bc2e05f19bd27c7ff2638242f9036f2b8794e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/25f1e66664a140ac84c9.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: font/woff2
content-length: 181532
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:09 GMT
etag: W/"2c51c-18d28d95808"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBazsB757lCLjz0ZHUg%2FRovNk7H2cMsAZaL4sOiV9XE0B%2Btlivwq9aK7%2BPPEaShtQcCg045klmQ3YPSfXEmb42siRfL%2FmfrfImmF%2Fmo6rT6QCm59%2FA3o%2FrABwZhKaAsA5JIkIBYedm1CZ6cmFJUsOvzl4Lai"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd3865b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/d8d8bb7602e34b57bbef.js | 172.67.131.77 | 200 OK | 48 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/d8d8bb7602e34b57bbef.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with no line terminators Hash698fe8be9bc378b8795422349599b808 b58a1f49d7900b47d17031aa2c06ea306b73f9db e7c0b17d5eef014f1758c2a34fc8bb6730ef9c462a45f44635f9244a811bf053
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/d8d8bb7602e34b57bbef.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rexqNfCGgGyciGwlOmrlBv8ULIeqlPCuBCh6%2Bp53qa3QdgYfM3whs0p%2F2zYAsLu3oql4CB5B0oylbbkJT4AVDEecTayojidp2KWwF%2Bthc1W7Eis59Uq7usPa5WO3QRjH9fCjIlFo2sSMJK01Fix%2BmRKGW%2BNJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bccffeeb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/22918.9f2b9d54bbfc371a4d92.js | 172.67.131.77 | 200 OK | 6.2 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/22918.9f2b9d54bbfc371a4d92.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (18420) Hash5c6249fadadcf61985346cfe7e1b7245 0cd8c3cadd55dea165b09b350937732c9c63081f 79f170c6631891285f067a393d02bdc4aa9e270c83c2c0fc144882faeaeb71f2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/22918.9f2b9d54bbfc371a4d92.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"482b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4v36g88uRQL%2BxVthHgotQYDj%2FOhHWkz6%2BMHewMe0geovChHOcpGjA5X3191nh4U0hS2DaPeqQ%2FexFKYEdVZNSyIS6g1lyqlxpQqJtclh3T%2BUC6U3vCYu71b6A9qDm9%2BrkpDyyWhDpUQ9gGQQVGUKLW%2FHMFYh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9fa3cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/science | 172.67.131.77 | 204 No Content | 12 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hashe06d1ba70f1331e9f9a113cc2f887d3f 740b83150add8d2de17b3ab10d33605bb00e9589 d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1240998962119446600.xRUiFwJA31ewLPZgPYtygZHV7fw
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 1031
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 401 Unauthorized
date: Fri, 17 May 2024 12:06:50 GMT
content-type: text/plain; charset=utf-8
content-length: 12
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIPW8U7HwjkulNZWDfR%2FDVaQRa5GT1sPP1JHOcylvrHbEJcCLvbntfufhDCxp5jhP07ckZJM2Vo16e2q3jvGN5%2FH0OuFHqfM0wdaL8KDV%2FfwI0mhTYy2a%2FBZD1Q2"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=e1a3884ad656edfc6314c30afcc7a5cfa8604658-1715947610; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=uLnl9ES9eyZfRka9cGzW6dSgK9RGI7zpqMkN3EylPck-1715947610423-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"c-dAuDFQrdjS3hezqxDTNgW7AOlYk"
server: cloudflare
cf-ray: 88537bd20859b524-OSL
|
|
| login.discord-bot-verification.xyz/assets/37580.f4011cf1c76f3c28f15f.js | 172.67.131.77 | 200 OK | 8.0 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/37580.f4011cf1c76f3c28f15f.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (24059) Hash57c8c6f403f66b72ca058bfa2a84d58e e19ca14f4bb25d322910c510f04ef2429487a2ae 934565da3cbcca91b42b6e506c8586d87297ee0d781d1eb7a73d006641a5a5ea
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/37580.f4011cf1c76f3c28f15f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5e32-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJM56RwN8HqmzgUcRa7MotNDJWFW7hbMxzqpwGthwm4zNifHn4O4SsrUf%2FVvD8%2BUyPq3EH29ukMJMd3Ux60snP5FYcs0ilbsEuawqHzPBRcqfT1oen0mt6669lv%2FWq1TDprxTr74l9XnDVs2dlQLOZ4WdurZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba6afbb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/19263.fe32553ff71153cb7656.js | 172.67.131.77 | 200 OK | 17 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/19263.fe32553ff71153cb7656.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (6688) Hash5fd723251a1e17d611269f0674084095 ca252c44ac32b02eafe62a65a5e0c4f8edbcb81f d5c3b365ab99628486943a64931b06e1b7278042185e8546e710c445f5676873
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/19263.fe32553ff71153cb7656.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1a57-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ulcr8BHCRcWUNMXVR8eQkRI%2F9n3TWrjitRnKv11ToB%2B0BKwxh243ZrKGVxIh31Eb0t1GvUZTpBzXugNuhGs8nbUbu5%2FB%2BzvYj1QijAopBPiBdE4iWPiX4HrQXy3QLjgfyQT0cFLRlGAm41%2FTnqO%2Fj2CABPat"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba0a54b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/63550.a619020e4c7b3d5be7ac.js | 172.67.131.77 | 200 OK | 8.3 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/63550.a619020e4c7b3d5be7ac.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7909) Hash597ea58e25651a7e25b338e9010ccbe8 672aca6e2e41d448400704598673662c614ed353 a4d47eaedf384eb30c943a55aeaa4e6526ee627eec7fd479ae18ac2416f0d9bf
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/63550.a619020e4c7b3d5be7ac.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1f1c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFDcguZTpOVz0j9creLdev9ywdDY45WHf4s9Kq7QtndDGEPMHuXkaqBxJAi4cZ8uML2NdGjSn9rBU9SZOGSsKUJgBX4G7S9GsWH6UuL%2FfL6r%2Bc56k0iVd3pYWk8nrYXFDWXj0Hgn3qDDx%2FVIuwX4M6QHg7Vs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9fa47b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/482.6e1c86f88a37a71d42ec.js | 172.67.131.77 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/482.6e1c86f88a37a71d42ec.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (20577) Hashba0cca7d871b0de10a4344be2427733f 4d4149acf6c6694000b0b4a5f18b4bff6aba6878 066deb7f1b943e4ccefdc62fc9dc214596787f8904a464de52bbaecf02ad8d86
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/482.6e1c86f88a37a71d42ec.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5096-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BQks2VVxNiNUvWgT9DUdXfH9qWi57oXmROUYQ5wPxhvMQnsIRcW44GPcvepnYLS6unEO7KbEh8cqjU0BbVOU5wAESCHoVBMYX2JXmJPju%2B8vjsSzc0NC8%2FAmVVkqrSKAObByh3sJM6zfsiOa8KAYmMk6FTN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba0a52b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/21396.259a270b7e3f8803a333.js | 172.67.131.77 | 200 OK | 17 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/21396.259a270b7e3f8803a333.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14756) Hashc74d5b820b3ada88a22cf587816c396f 6234d885e01df794f61cb4f40f67b2fb9f7adebd f693e1a4e6fac3c7d5a97cf8ebc5e28ec4c1aebeab83580734ca143563efdb14
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/21396.259a270b7e3f8803a333.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"39db-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yFoxkYhgIs469ZNuIxVyW79VX7udFiSFUPahWHBgdLPeU0rX2G2FBNZq6SSu0tU1hgzl3Ht4otjPD%2FtmG0AdAPmBuMtrhBSvYxqAbiG5d1rdwUmozpn9xPkgyzhFbmvwmlV2GkSxLxuIjcj%2Bgrq39OzMTV%2Fg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9ea35b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/science | 172.67.131.77 | 204 No Content | 0 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1240998966452027565.VD2kk94DbCNzK42hAMfMmwgHp-0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 586
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 17 May 2024 12:06:51 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOUZIulT0Zd%2FSE6A5bqseos%2BH2j1CG7BZbnymzSAGgU6iVHpNmUKKj3FzEsYdaidpi1PudQjOKIjkDix7AhMAjGO%2F8%2BROkvLMAOiDXz8eB31MrVAI7%2F0fHjR6mBe"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=11b8963c30afde2fb8cd600d4789891ccc91271c-1715947611; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=YK8jhU692dQFloavvWX0YhrZLehHRpfNXTTOfrRkPv8-1715947611175-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 88537bd5ee60b524-OSL
|
|
| login.discord-bot-verification.xyz/assets/21251.87af35fe00e980d9651d.js | 172.67.131.77 | 200 OK | 198 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/21251.87af35fe00e980d9651d.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (22100) Size198 kB (197535 bytes) Hash87ae3712843239cfd30ac976bd99940d f94f35e5ba76aa102c14972c75cd67728f6efeae e4f129ecb25b26e3644847541c531e34f3e0848bfdbb9f0f00fe97347bbd9db9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/21251.87af35fe00e980d9651d.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"568b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3gf3TT6MnDt8oyz%2FaN%2FvS%2FOTQjZ%2BAdH1SmUZjKfIP%2BcCQ%2F61c3NHFktuyHvWH0331pDW906Pm%2BJl8b0teIDe8gKyyZ29TOe0WG%2BYcyqtJ2eUBPfyrf%2B5Gu%2FtlhdSykODAaU9lQsOdgj4I5XeUGhJUTCti8mb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba5adeb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ | 172.67.131.77 | 200 OK | 208 kB |
URL User Request GET HTTP/2login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ IP172.67.131.77:443
CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeHTML document, ASCII text, with very long lines (8134) Size208 kB (207479 bytes) Hash95a4ce54cf97a8509be9a66701984e4f 384a32399873a045e0f8ecedbf80edc815d9c089 4ff05b910d8ae875dbff0d7261102e7e2064384d571265531a4691853d6c88c4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 17 May 2024 12:06:45 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
last-modified: Sat, 06 Apr 2024 12:04:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwzfsOAHY%2BQY42AyTVyvBCBoDEm64Z%2BplJS5VcH6jyz2lab3N%2F82lJtrC5UrLac%2F9BEQT%2B6ceJvkHTpZm6KVhG2US8POE4RDU3XCj1ymnQofWPV%2FONolk%2Fp65pxq17fDw0md3KBvJwZODyhX82woqblkqTex"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88537bb60ee35695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| login.discord-bot-verification.xyz/assets/ee6b51adb64f6365352c.woff2 | 172.67.131.77 | 200 OK | 179 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/ee6b51adb64f6365352c.woff2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 179380, version 2.459 Size179 kB (179380 bytes) Hash7cf1be7696bf689b97230262eade8ad8 8eb128f9e3cf364c2fd380eefaa6397f245a1c82 a981989aee5d4479ffadf550d9ecff24a4ac829483e3e55c07da3491f84b12ba
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/ee6b51adb64f6365352c.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: font/woff2
content-length: 179380
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:32 GMT
etag: W/"2bcb4-18d28d9b1e0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkYR9qe%2B9MIScyST%2FNHC5EwbhHVojmgZGckvPIwXVymRrXspjOl48xVKEBOYB7ehhYTFhOdH%2B4YyRTVj8qNVt6R4hxg4pOYmMa6GI5wjGAhjK5BowWRkEg2BTie0b2O%2FzVvHLh0UgvzfKHa8s%2FVqNFs9UCUz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd94bc1b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/science | 172.67.131.77 | 204 No Content | 0 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1240998966452027565.VD2kk94DbCNzK42hAMfMmwgHp-0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 621
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 17 May 2024 12:06:51 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mmbBL2H5T9BXqS9jGAc4vAUnWREs2JMiWTf4PH60ZR3y5jvmKVh%2FBshhtBcQDL869u0I%2Bs0O1ULcLpknZnbDkAfSrh2Y2KYeoscLReffmHQK6oFV%2BOSrXVwbN2wh"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=47796e73989af86321c06af39d4d890be7a63a37-1715947611; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=k5D9jlIYJXm27QoN7ozdoAH0YrDT4.xFvqnoyw1AOaM-1715947611792-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 88537bdaadc1b524-OSL
|
|
| login.discord-bot-verification.xyz/api/v9/science | 172.67.131.77 | 204 No Content | 0 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1240998966452027565.VD2kk94DbCNzK42hAMfMmwgHp-0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 629
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 17 May 2024 12:06:52 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dCwH5AlOh2zqPKYFyr1rRwWmwk1RRFuZR4WED%2B5vaJ4ukCy%2FKK0io38HW7K9%2F8CqJhcbhnES%2BE78Ol2Af1ojIfhdzKfVt45HNn1911%2FZurGkdahQVF379X5xvmHO"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=b4502bec5cd952740dbf083994b30bda33e2f5fa-1715947612; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=1VwBw6a2qoZIQCWR_4jW7hmrc6b2hw0GkYpzL3WrTEc-1715947612646-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 88537bde8c76b524-OSL
|
|
| login.discord-bot-verification.xyz/api/v9/science | 172.67.131.77 | 204 No Content | 0 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1240998966452027565.VD2kk94DbCNzK42hAMfMmwgHp-0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 1029
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 17 May 2024 12:06:53 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c6D%2FXXxOcU58n%2FMJ3m5AgQa4ufeXup7XxLwXUI4w10r%2BcyqGkY1cy9vnLEMOiEkcm5bEWnP4qFDJw9xI9LupfrHIex%2FcIPxd%2BneQDnEZgPTY8ugqmGDJoke0Sb3%2B"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=afdce2e8b833bd6f379c01750dd0141f9377b460-1715947613; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=.Bznf1e1fq337iBy42QsTFfgKy6BC1QgavtgsW4Fkug-1715947613263-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 88537be3dcd8b524-OSL
|
|
| login.discord-bot-verification.xyz/assets/64999.3c0486790babc24c66a4.js | 172.67.131.77 | 200 OK | 63 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/64999.3c0486790babc24c66a4.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash8cd8d0bc5b146f190f282cdada0cadd9 1768219c0acb75e23d32ddc744dba4a7f5a2c69b 0dd66470fb37396f660fdeef19d012a9e00d99f03680a6a48cd55a9add5aa923
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/64999.3c0486790babc24c66a4.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"31182-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkaET9Lh5FAeKWdSWEqGKLY3B3Vaud3zsjRKv0%2BsNbtKUF0OVKadLrtHHyMKWXVXF2MELk2%2FG4wV0%2B0C4ICkekCF4LW4oVhQbB%2BHX0b9o42%2F5RzhoaJm%2FZlPXQKy2pgQ94oEJwymS5vWIDQenTvx10TZ1D%2FA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba2a80b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/46318.26a20b3d6c9d947ee7c5.js | 172.67.131.77 | 200 OK | 7.1 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/46318.26a20b3d6c9d947ee7c5.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14296) Hashc31c995e6b740c207b3c24a0d1145425 922fd2d139a1ff8bfb89dfec828ed4e52946f359 8faf3e169db9dfba36885821526edddb14b4e0c3feeb1f20786c3f2c51115831
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/46318.26a20b3d6c9d947ee7c5.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"380f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQZ7hjdMGYsut7WjMOXph1NfEYDHhI2ZAagV1ucTj8OHlA%2BVEjrFIsI8r7tiQJ5KbvKcxErWvYbjLT%2FMQSaJnDiweRvRN%2BcwKaT0aBmxE7tpfyD1h5d1Yt6wmMABXXcysSVoX0tm9sz8fk7lJj9X0x9BKh0s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba3aaab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/science | 172.67.131.77 | 204 No Content | 0 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1240998966452027565.VD2kk94DbCNzK42hAMfMmwgHp-0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 630
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 17 May 2024 12:06:54 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xTYbfuTkV4V4WzngpFzPZ4ZdvcqGC0rZX1BfkXfc3bZJKt27pS%2B78oHH99AXDwFoL7AqKRDPZDUz%2BPFb8cdqwShAUyg7l5e6SZ8K2D%2FuNpJGqyqR%2BXrACiDbhbFm"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=3a8f68b00fa9263fb9012dd856e145e947ec2d4f-1715947614; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=DQNz7kWdTLo.AKw94IPdvtMAxS6Q1GuAVF8rEY.M10M-1715947614558-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 88537bebb8a6b524-OSL
|
|
| login.discord-bot-verification.xyz/assets/a9639edf37cbf3bc290c.js | 172.67.131.77 | 200 OK | 2.4 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/a9639edf37cbf3bc290c.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (5737) Hashd9df16a4410da1283413782d73eb3995 d6e9e495b9370d55430cfa2a9b2bebe6c2bb6289 04c792a2f69c7ecfdb99a12c70da852c68467f21cb3f3d89923f9453fbe62104
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/a9639edf37cbf3bc290c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"169a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MP5xgBjqEP1xpShutD3Zc8HhDnt4XnphVXAL8CmevaltMRRc%2F7JA1aJqwfmF7sd2Yb1tuqixnYdSmm8Irv9blK9uJh06zSNfPanoodv9979LB3hehTneurDQ6BdwXUEb1w9q2uRkMvveXQAfStRyq%2FdZlZI4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bccdfc2b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/43870.0bfb9a80f88725fba82a.js | 172.67.131.77 | 200 OK | 15 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/43870.0bfb9a80f88725fba82a.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12536) Hash4a5dbaaa2de36a47b31cfed187c7010d 2dc2fe96364b7908203d990daadb8a927b3ad490 fbcde0bc982ed39ff1a8f01ed530ec98f3dc846c75b6323dcae398779766af74
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/43870.0bfb9a80f88725fba82a.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"312f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JxvjZQpvUFaVsNDgxgI3PPFQ4OrxX8lk4AGTufZ1PKsmef1PjpMgSL043EmIhm0MfNsnbqD0IL6SZJuJ6foPK0%2FjE4sXrg8xzRyB2sQc4NIhYIUEuGPZQEZsYxo0RBN%2BRJsBKCiaQ5f%2BqgZTg3I%2BrGuuHjEO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba5ad8b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/science | 172.67.131.77 | 204 No Content | 0 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1240998966452027565.VD2kk94DbCNzK42hAMfMmwgHp-0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 751
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 17 May 2024 12:06:56 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dg4UcSnHZ%2BEpcKb7DN4bhDLhurOQKJYA0tcwmgwlGS5pGyIUsi4or8NVh4AUd%2FJrSFOlWEKEhACnyalbDN7t7BnKyx1%2ButgbsXN%2BLsjNO%2BjM7La8EgQ3V0viPMdX"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=d5a5776bc8f199f9ca76550ce2b3270432f402a4-1715947616; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=DeV3ofyrcg06YBWhL7ONUezwM4Ia8X.wW6uMr.jWu_Y-1715947616036-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 88537bf3bd96b524-OSL
|
|
| login.discord-bot-verification.xyz/assets/09563300dbb31ab193bc.js | 172.67.131.77 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/09563300dbb31ab193bc.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with no line terminators Hashec073b89d1e7ba84181549612598648c edcbbb9de4cb3d6a50c166d9867d765c3b122d75 5331b7ef4afaacecf3a1a72c0d956c88e358d413574639a6e6c24ebdec7b757b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/09563300dbb31ab193bc.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zhev4Ej01EPfv%2FjlK8CYSIQ8bnBUyh1s5ARqdUTWgM1cC2R8wzznGhR2cOLz8a%2BhFUZEmQnbKiHnIXof2U84s3HE%2FaTygH6W2OkNGNX2yAkkgcW7zSWB%2FLeEN4jctaOIjqnupjcbgaq5eG9nZvQ7Pp64zaJS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bccefd8b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/3341.1a1f8595a0c8fc9f99cf.js | 172.67.131.77 | 200 OK | 31 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/3341.1a1f8595a0c8fc9f99cf.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8424) Hash3739dd26278a6a2149a5a956ee334367 44d14091495b00f64c5a4b82efcf2912e068a23e 894f8e702cc1ed258b681930c7bbd67ebb41dafe243a1b46766dafe845a357a6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/3341.1a1f8595a0c8fc9f99cf.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"211e-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95ASk%2F5mqpNh0iQkK8%2BfADI5jiFJYNcMqvxfUE24GRH6p6wUNIyPX%2F0CMDA2lXxQThtOgk3mYlVYKN6BdEFH%2FcTXHt7F7UYO0sXItaXXC3qYGDMQtACFc9H2sBTqMAMsWuGWMkca%2FMcuRIVLc9r61IdCMpNl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbb4c4cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/7273.654bf842a369e2d3de94.js | 172.67.131.77 | 200 OK | 112 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/7273.654bf842a369e2d3de94.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (112392 bytes) Hash8da1faca35a6cf1029dfc42e48b9c810 45f463dd73d51dabbb399d6ae6a4c1f16019e50a 14acf9e94dd9a0cb4dc91e43f797654258398f2c91ce40aff16960d049111125
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/7273.654bf842a369e2d3de94.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"7626b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKURH%2FOI2xRvFdNcQ%2BRd8b4oZpjXDp4%2FPvYleLRRAtwrCwOa8qWDzJg2qE7p%2B8GI%2BuDk3D40kISZu7cgDVN%2F9%2BQciVTryhC29Ms%2B2TjbphpwnqhnRMTJsm%2B5QEUsDvfNx62u%2FeDBkh%2Bl0YO%2B%2BWMnjO1To6Nm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbbacc4b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94288.dbd73ecb6b1482a870b7.js | 172.67.131.77 | 200 OK | 6.5 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94288.dbd73ecb6b1482a870b7.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (9979) Hash38d4ac71291ec9223ae33b9ebb5a4e89 7282b3fb164396d9510224b3040a89902c825546 9a8d5847b100e711a41231d5c45682b01b8173438f96c52667fd872976c18cc9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94288.dbd73ecb6b1482a870b7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2732-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TL6H6z2Is%2FoWmOYMPKE9r63TxlobR42LTweGBGmc6BZwL0YJw3QmuL1BxGZAChva3SIyE7EJdbzgmmemr9of1R4eiRHWxGKLeGhprMl0dLUhJf%2BMN3vvJQ86el2lJpBL95tST0O7bPIfXBiAPa83s%2BNe6tMS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbb9cafb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/27043.105ce50242094adf158e.js | 172.67.131.77 | 200 OK | 91 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/27043.105ce50242094adf158e.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/27043.105ce50242094adf158e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"16445-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuP%2F67hOWhtqgLnRysBDmn87e2QR2Lz7UVjifW%2Fo2ACyjO1xtOz%2FeixFuL%2FQd1rbMXD9vWKCIdIo8zPVaeBalNxFB92Wz%2F88NiEjbYoj%2FCg3THSD0VRcmOuh13Y9cT8MdxImhGJn4mnHhbqK88sqGt0%2BOGka"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab63b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/52033.8c199987fcf5a97f2ee5.js | 172.67.131.77 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/52033.8c199987fcf5a97f2ee5.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10438) Hash8eaae7e1a96c8c653d0d85b3733e705f 5b7a6b708f070bbdf46cf15e3c613e3e60896260 83e5ef5e06c1625afe2ad608af5ab6b3dcf13652395d218b8f2a2442bb5791c5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/52033.8c199987fcf5a97f2ee5.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"28fd-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1tQAuWP%2FFXP%2FBcLelcJSJoR7dP2lo1xTQa9bb5vIjFcEoZ8QvDJOpaCepO1ZwX3FEVb8kZeZydK2jAaRpX1zWK5ptnV%2FXEaAGEclkle5%2BzanbesdNIImIeI1coh05fLiklfhE1oznrXMIoQDq5Il98kugAoC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd3aa82b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/9a02726c2f8410020238.woff2 | 172.67.131.77 | 200 OK | 188 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/9a02726c2f8410020238.woff2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 187596, version 2.459 Size188 kB (187596 bytes) Hashe55012627a8f6e7203b72a8de730c483 4c43b88403ec9c3053d74b4c502bcaf99f594c57 8390503760c8f26556001a28e7d95e4a237a4780e7ceeebf0853ce252fde4ba8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/9a02726c2f8410020238.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: font/woff2
content-length: 187596
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:24 GMT
etag: W/"2dccc-18d28d992a0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TH1dJzV2UKXWSzdRcvX9eeZ3uGtOik3SHKHTbSWs3qqdKF3Rzr82m5%2BXwDaeKXAlnxJqRfAz8Tvvt4WgueklNjfB8AnQpscg%2F9XhCj4Q7opYXV20KwUg7d8XR0Duw4l%2FC3Q1c%2B%2Fyoyak4u6iEgXvb8eq0r57"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd94bc0b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/80083.7fd81fb4889aa662cd19.js | 172.67.131.77 | 200 OK | 26 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/80083.7fd81fb4889aa662cd19.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (26162) Hash0abbebabbe917f168094124bb3cce39a 9de38e8e88c1c3450db921ccfcaa3afb35563194 21dd7691eb613640f3b6e7ca733fbb99374430c34523f31fbeeb877ca8c5c494
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/80083.7fd81fb4889aa662cd19.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"6669-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81lISXvypXGXWXBUcuYCOtl1qCRVMvs22cMhH%2BN7Z8hy%2FSOkrAxXMOKnngnwdyl9mugc%2FUXYsWpNH3Nd4vUP7vp%2FQ0ZYAx8Nf%2B2%2F1xZnSMVsiacc4Dhe3l0WPE%2F4hacO4h9YhMoq%2BERQEg1x%2F03AmrnMC5g4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b4bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/25653.f1981721227784f0166e.js | 172.67.131.77 | 200 OK | 164 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/25653.f1981721227784f0166e.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size164 kB (164235 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/25653.f1981721227784f0166e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2818b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43O6JhojQ5dxtKnTWDD9Yc6%2FBSPcHgppANXe3Lhy9%2FIocLO18psY99enjS2VRdyGAJj405uJ7EusinMKVvkdhvJ5rHyHV2McYPR5eXmuado1et6VmjzDm8TZQ80ePFMOebLm3SCfWetk3achkagycwAeY2bZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbb9cb1b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/3c723e3c991fcd7cce58.js | 172.67.131.77 | 200 OK | 164 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/3c723e3c991fcd7cce58.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hashbb871017dfff7157e3481a5dff8e4529 36e5c0824c189aef00bbd5f35387a84b7010227d 55aacccdae49dac44e6d8fb3cf3041ba4873558d2d851d0abe9ecdf99dc1e0b4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/3c723e3c991fcd7cce58.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fHIdCEOEUtVnF%2FWZtgsypzEf3IMnzxQqpBiE8KjnD%2BywgMAws0qLvcCqX2a9JRP4xh6W0SQKe1v9AqhH5VUW5xrw31e0ZQmnFeRqdbQCln4Aatzm%2FzvnF5caw2KDVrcTX3hkKmG9FbpHT3e1rDnGAhV5IZB2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd0ffab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/77015.48150de6efe657e3c6e2.js | 172.67.131.77 | 200 OK | 34 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/77015.48150de6efe657e3c6e2.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (33607) Hash81c3fc72ba9d6399582bf44261a7d3ae 1c226b78a91b94e41031384e952806a0f7df56b3 5d14345894349f81168d5cbac6e2427d0390773574634f6936e06680a832d282
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/77015.48150de6efe657e3c6e2.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"837e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXnGS%2B3X9gJZygER7KhKGThx87O3fV4n9KEob%2B%2BCxeykX4fhs7LYF9VdEdqwFkswe%2FTiAz6Tchr%2BrqvzgQOGGvI2LMN%2BzqftfKC%2F8kLm0tDLzkfxKKZKwYskHigcFoubtSqkZg%2FEnPGDrT1astlqEIRcs225"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b42b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/18814.2887004806e3f2dcb541.js | 172.67.131.77 | 200 OK | 17 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/18814.2887004806e3f2dcb541.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (16511) Hasheb44fdac0aefca117662f9db435ffc09 bf2224f54fd833cad9374ec73e35425ca7850d0d 8e7a022b3c6e28ed485a3e73ea49864a44b188c56ff7f3be7ab7cd268662a33a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/18814.2887004806e3f2dcb541.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"40b6-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9tGLxEX06UtVSIQ%2FPCp4GyXZ76fHrUaLxD3xKk%2Fv3GRBCCWl7wpMSwJtZrrRGqP079aQIdWKlh5MaWn0KLLErckirZFEwTIH2P1w01g%2BmHT0%2B25iScjlleeESzPB4mU7ddu0hz30D%2BRyjqNnmSGcEepC%2Bvu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b4ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/71554.35bafd030ac297a37d2b.js | 172.67.131.77 | 200 OK | 100 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/71554.35bafd030ac297a37d2b.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size100 kB (100440 bytes) Hashba52e5e9910264fad8c8cc08677ff419 2a8303994f8bf6fbce44a9198fc69f39a41b8af6 e6eebeabe896bd729ea9001e3049ec54e5438c7d5ecc845ae6a3f8d5c51e7f2c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/71554.35bafd030ac297a37d2b.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"18858-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymA%2BfTj9RVwcn79CXxsxhsW6ySk200xPTpb6awa8ozHtoXcTmTw138T%2FL2CV6OLImzwEwaut8uLbqmHgutpyu9DdzsuuYq5BdSeQYCZnLH7CL%2BPXAPjNRv7GtbDnxFd0EOA3S6%2BRIG0nN5PxZ7vu%2BfGkzDVo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b4cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/31421.ced40b898074b2c19b15.js | 172.67.131.77 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/31421.ced40b898074b2c19b15.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12060) Hashce1c4ffbc40c7e9bf65f4228013a5819 5032e464391b595927baf62c1e4bf0034ef66d26 131db5cf2b0741365470de35e02d94da3de2b223b8c18e3ca3dd7c26af23d6e6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/31421.ced40b898074b2c19b15.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2f53-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DAfbbFaNpSltyUNlhxZbgnAx1VFFlFwrNu6VunjBLCvXH5JmdD%2FC3I1MexOacianW%2FLvOOuljG8SG91vfFUIVisFWq6acCo%2FhMEnAfBSFiO7dXp6dEdVR%2B5avgBAD72yk1vwrySKhuvxQRCwEqpFoCsdUFff"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb82b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/13942.42b3309fce7f57e5eb63.js | 172.67.131.77 | 200 OK | 141 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/13942.42b3309fce7f57e5eb63.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size141 kB (140709 bytes) Hashb57f45095b443009c496ab1c1471be7f e9af53d0e3e3ab155abafa07d23c79dae2c71f2c 408ebf752cddb6bc3782d7266fa4a7aa759bb9d4255f8d17cc7aade0ecb971b5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/13942.42b3309fce7f57e5eb63.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"225a5-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKXuz8%2FEbu0IyLydRgmY16zB76NFaNLQ5Yhh4u2yyWFuNNw2slS6pNUdJCJgDmsDkFOsPSd1ebbZAiSyC2IYJrXxVMYglzAGpQUz0QypWeWkGsdDOZXfEo7xi72c3eFnD4313MQ4ibSCkriAovEN8lwusU1r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba2a98b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/41831.ad048c0163425aea4d2e.js | 172.67.131.77 | 200 OK | 16 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/41831.ad048c0163425aea4d2e.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (15734) Hashaa0f56ed2b08f1029037fc3d27925069 87365d2e6e51333ebd33cdc51cad33fa7aa5fc44 84267bc281052f153133ac0dacddd98dfbf3edaa99aa2b60f0ed645e90d1c0d1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/41831.ad048c0163425aea4d2e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3dad-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5igbOijoqIxF6zUnaHojwCdC2goz6O3dVuUuO1R%2BUyfE3DGxRsg8BfI%2FmU8FAbVyINZao47ltgYyRAg7bDCbvF9BHf09XgXzhN8M6l%2BCErtHf8RFib0sC3%2FjNY4CME7XzaBRIhml6lJSZSIOHf2%2Fhoq0t%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba5ad1b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/48059.86a954da9c9a44ee9dee.js | 172.67.131.77 | 200 OK | 121 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/48059.86a954da9c9a44ee9dee.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size121 kB (120793 bytes) Hash0913b93dc0dd7e4beacfbb0303501b18 e2fa12d63460ad8a54218971c444b085958ced88 9f32de28a06abc9233adf200a94a4d637cd39ab3b3970390175b42e09e5820fe
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/48059.86a954da9c9a44ee9dee.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1d7d9-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mksmzEP9LdamKbBEmJgl0LZtjoMdzKCGKfXtaFw4NB%2FINBPrUlnZ%2B7rKNKmRQqK4SIuqoAHFpe94GwIdAZiUHx%2BFlc7SLN56jpJ3c1yr90aiQvlS8poLlO55FthEil0ZNGozJvx1elP2lMf77y0RtnNN8dKy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab6cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/33547.5c46865f95647d249cb8.js | 172.67.131.77 | 200 OK | 61 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/33547.5c46865f95647d249cb8.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/33547.5c46865f95647d249cb8.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"ee2c-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlcI05pbSwdwMrn8PbpNztP2MGo1WE7rsoUX5nzUbCmplqUS5Q0TkJLueTmuHd5cc5BePYKAvAaXSNLbnhp76kILC0nmcsO5RQWaA4oEUtaMFpNFw45ofLzsWjAF51AHPEe1RFIhPbAL5dJYmTj0qiww4JyB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb87b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/11538.db58e10c3c76859618f0.js | 172.67.131.77 | 200 OK | 30 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/11538.db58e10c3c76859618f0.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (30244) Hash7f54de7efa90ea0e15b1c612bad83249 1a5edff4e5621f3f3fe3c536c18cd787872aa17e db01fa5a4d163102243a550ad6e1f79763c2b718a1e4e1261bbbaf0c548f5b2b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/11538.db58e10c3c76859618f0.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"765b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BktGYCeO%2F6m1kiTeFwOwNvKKm9QOUU%2BVXc1akOZXRgFpLbaopY0HDuq%2FULwZHtkpXNaQFAYUDUnB9LxZsvnr3yXw5LSB%2FpaCcL%2BwPkDURmn06uv0l%2FQHBY%2ByFyg9mB%2Bjw31Pc3nkY%2FgDDoyrPpRmhRic7hEk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb8eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/799ce01abdb0da7bdef1.js | 172.67.131.77 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/799ce01abdb0da7bdef1.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10064) Hashf9eab234b26ace83cf074c0e8ee41795 7400543cf80242671ca9f63aff06b4fe7e33c3e2 99c1fb6a35c0b13536fb0ab5c1afb16fa359fa23e56d7c50fa86207f10e082cf
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/799ce01abdb0da7bdef1.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2781-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VjOExIlKFXWN4so6E7zStC1WWbeOlqQsV8euXy9awln0dIQKiZQ3m50euezoRH3%2BBfvS4NB6zCzIAonCfk6W%2BXNYvJlnMCk48wKp6E1bPYl3l3XrB3zAuFlVyEVZWu%2BhJeKSfstJlBHt1l88m1PUi3kJWVgw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd38a56b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/e0ece3c23b33d18f4d00.woff2 | 172.67.131.77 | 200 OK | 187 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/e0ece3c23b33d18f4d00.woff2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 186744, version 2.459 Size187 kB (186744 bytes) Hash05422eb499ddf5616e44a52c4f1063ae eab3a7e41cbf851df0f0962ed18130cf89673a65 c1d71bd80fc3ecf5ef1a97092a456a046d55fd264be721f2a25be3e59ccb8b2b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/e0ece3c23b33d18f4d00.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: font/woff2
content-length: 186744
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:41 GMT
etag: W/"2d978-18d28d9d508"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1mS4mz86feKRJbMmu854Mp8B4tM4jBF%2FzlaOXF3qGi2z1J29mrkiI64dk%2FF2UQsbLLv54PDWQQnu9WuGPlKI37g5wVMCMTTPBf2QlOgG%2BvECRKHvVGeOXpfjEoQDUjSKxHh%2FbLxFENgWCl28bEZg5D%2B8gJe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd9fcc7b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/17605.396d4d0fd6f31f0ccbc9.js | 172.67.131.77 | 200 OK | 149 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/17605.396d4d0fd6f31f0ccbc9.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size149 kB (149407 bytes) Hashd76190debc34ded2033eb596d275c6e6 1d65e4a7e5bc735bff02c5fbb1dbc89d31cabb6b 8069a865a2a03e1afbe4b88edf980d24295d5643a48e180f71f84373ca3d76d5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/17605.396d4d0fd6f31f0ccbc9.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2479f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGIbZrBPt0BpeaG1NSljXL35lHXZTp9oomurbEwSBLDzpAK1i6jtwN4oc4gJI4RLLTcwKXY4SwDBsaimKdxxfZ0Us04Awm%2Fu1E%2BN2F0EbdbAgGLabYmCHAFSFJ5Y1yNf0bmuDbvc7ANtglo%2FANqQ5Xz1aznP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b3db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/44d5e1639bc492dc8d62.svg | 172.67.131.77 | 200 OK | 3.1 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/44d5e1639bc492dc8d62.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash02799b7410be627fa7a88303875c8132 4cd594b6972f1081641e15ec286e9bf5a6786b2e 004f3b15b564c0aa1283e18e84b1f4bbc714f5ffedaa5dabd7281c01b08a559c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/44d5e1639bc492dc8d62.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"c4a-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txz%2FuvuZDFxTETjcnUP7Ha8FhkUlb4Ys2P0wMpegklEgS0%2Bxd8UsXjAr9nUzXHvXEISLDSsJQf6KmuNkQEDPm%2BS2%2BnOExLuRyxpZ70ivoRpjAdydgS1%2BYEomD1Y0adZ27gJpsHYA0Lq9tYhjBJMBkAd9rD8c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd1828b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/40413.ee00763112ee8df65f08.js | 172.67.131.77 | 200 OK | 7.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/40413.ee00763112ee8df65f08.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8028), with no line terminators Hash0b2eb75acf108aad28037290505f993b 20c3bca016fb59ad79e807f379078b71d12da15b b603d4be2b12cf965a38fad6eb246c3cabc86f6b4370e7733d7495495a7ae0ee
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/40413.ee00763112ee8df65f08.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1ee3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DX3gcXj1GcJ3YpKqsfrbjqxMpV2RbBbbDsDbsjVPpVFud6O9mPJsUY2Aw%2FsgOO7TIPkXJdnIWNr3wtm00iPlmX2sQ%2FuFj9bJZFRgNMJkQwNmc1rQWqcaR8KhMLXyMKvbTQW1uB5AMS6wKF2p3EcXSokh4X%2FQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd36a2ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/fd3f659b46061bd95594.js | 172.67.131.77 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/fd3f659b46061bd95594.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12472) Hash1f26d0370e5e43ea29dcff7c1c53d661 dea8cfb895f9081bcf0b5c6eaa2608c0da58393d 8f23b16a70005926318364b1757e80b28978294775227047866f5a64f1683fea
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/fd3f659b46061bd95594.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"30e9-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0UhjCjPmdXx8ohgBc26eVFcf%2Bhj8C7qW4KZH2w%2Fb8YxJMVVV5dh50629jG6BIlv0dTrq1oXqgGSkQxYd9AL7Y0DFwGuwJhMM%2BEOckV9vgyeXltK3%2BsJDoIfOETW5p5yWiXQ1vvcwCTCP%2FX4Z1sBQTNA62buA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd37a48b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47387.b94323b63bcf5c32ba76.js | 172.67.131.77 | 200 OK | 80 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47387.b94323b63bcf5c32ba76.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb235b236312169e0db519e60c0d7eea1 6d34c175ce387b8bd435ce463d44706f08e9137d 03c0d5a0ff0b821c4ceff908a8fd7e62ea9b881711023244449f71455215d00e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47387.b94323b63bcf5c32ba76.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"13927-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZMoK8VbC50WRff3hv0x7qTKglXn8PmnDma1pmRimf%2BCJwW7dnwR3ojldHCiR1i2sE%2FUmKGoHP2jV4pWMfKt949yGkv%2FU%2Fbfw2fMRG1nOm9pA2u2nx7SXZQdTCeyXuch%2FYnwAzFc5cmjRy%2BlBVsww2B0f6ug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba3abeb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/74836.b991877dde75f9619c99.js | 172.67.131.77 | 200 OK | 20 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/74836.b991877dde75f9619c99.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (19958) Hash5de4f60b4efa8bb9454edb13d1cb9d83 5eb21a1fb900d78a23b781b715ee7f3eeb52b672 b6399a12a07f326a303c82e16981091cc42b529ea9f8b0c6986a0d7e91036692
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/74836.b991877dde75f9619c99.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4e2d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g57zMYTGo8%2Fv%2B1Lb2RSIj5yri%2FPeYDFc1l5uKvu65Idg3jgql6saehJpro%2FipnDpEM0qxq0vaBOrCObQWTX9ztfMNPwwNByvUONFZfz976vWS8l8Qcg%2BB06%2B7%2Bryy7OgWP6qjd3e8B8KvV%2FfN3XRhuBzX%2B%2Fj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba7b16b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/58166.4ec31e1810af6eda852a.js | 172.67.131.77 | 200 OK | 38 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/58166.4ec31e1810af6eda852a.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (37774) Hashce66262030ddf4d78cd0600c1706bbca 195a3af6bbcd112990859fffef3a9b92a777788e e8d1036a715eff98d533a5edf5e91f079e9eb7482fe9c2eabd6df44d51d3eaf7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/58166.4ec31e1810af6eda852a.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"93c5-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27nxgAS9193UohTLqUGeAwrBJ8xTQOpQ3ofL%2BEdpJ7xOcWkVxmFcZjxlc1DNmG1R%2FCSDZHjB5wnX9KYdKQ1sOzPYwJw6XKH0sKJN%2FG63KiSEKBu8flZ1lb%2BMQpuGfJCtc%2FRLhX6BELYmoSpn%2BnT6PzN%2F5ygq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbacb96b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/65800.d803fbd4c225782b31d6.js | 172.67.131.77 | 200 OK | 40 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/65800.d803fbd4c225782b31d6.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (39520) Hash6ebe1a578a746f1da064f34508d700bf b27eeeec818818be41f90df32894c3c618d183be c5781d163c837d6d2c72081b42e6ac0b513ba744a8a2ef95b62a4be628fd0168
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/65800.d803fbd4c225782b31d6.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"9a97-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlpnzfcwVEzaXaZLip1rRoyIeHzhSwkL6fC1WT8JbAkS6%2FGef2RS9vr%2BiDWQgWj8mVHERHcgJX0dTI3cRNW05pP%2B5ZbCuLbstqJTYUUISNKjqVjFYYbJ%2F0kabP55wLyyvJcMZY9p5GZa0f78Rdbf8B1H%2BgU6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbacb97b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/68560.e27fd85667a295676749.js | 172.67.131.77 | 200 OK | 49 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/68560.e27fd85667a295676749.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (49324) Hash264fdf0094b5d416ab5fcb70a1f52ca4 f76c8aafe7d2ea911de8ce22bfbaa66d974cd348 73487f57bc5d9a1a20ca844eea8d8e14799184ce34fdf2e31c70a502955b0380
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/68560.e27fd85667a295676749.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"c0e3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Be7tmBnJJVBS87Ro8cbYMEZ63xs0TwIts0phpPEvpN8YgNblxpy9DOr0InxONW3oJQl9ZI5HABb5vZf0cLaKobMi5Jn4fNdY4rmqKgjS9FNthdRGpmwaHcUAZMs3dLk%2BcaCfYvokFikHJC8Zh4A9J4L6G%2Bw7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd3aa87b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/23777.2a4fc059cb5b5caf5307.js | 172.67.131.77 | 200 OK | 60 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/23777.2a4fc059cb5b5caf5307.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (59652) Hash264bf832f52128869c50c91968264bb4 95a54d2525f093719198bfa0aaa1c7ef8574cc4f 515cb4b2b1c5a8190e7a9f74c13a3539aa2f758af17a50a71b9832fe53a88f9f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/23777.2a4fc059cb5b5caf5307.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"e93b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6sydqRl2PKHvnIM8WWPy4Fq1IJT%2ByTe2eIh3zBYcKxUjUJtOONkZsrZ9QnzW2LRaYbRXPkqVTEp6Gk5KDCPHy8n6zDSXwxAZ9nOcrsyOagCvQR%2BDlIR5oj80bk02JNsjUIPSWIGXZxk53UwLWmUUBIV7u7DO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b35b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/96897.008f2a416a4c547f02a7.js | 172.67.131.77 | 200 OK | 8.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/96897.008f2a416a4c547f02a7.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (9305), with no line terminators Hash09526b3c9921a6dc860a1ad3e0b0bbb7 8830182678c4c396ec9098dbb522bf8124196a97 9c1e6291fe3e409a901297061f201be5ea9de639ca97a63badffdc77f50fbce1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/96897.008f2a416a4c547f02a7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"22bc-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4dUyYthVastNBwwfVEnJWNRpPVvf6ATzP8GdCD0z6%2FiLFS6A7DYj0akiBCof2HsJ2SfQFQg5aqXYzunWXBIpUjSG01uJc6yhw3j6b27SCRI%2Ff0OUEkDyfOrhfIZE%2BbzO3euQEX1R93AcqhBJ%2Fo6foGoWUtq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab5fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/81161.16bd418e776559e11cd2.js | 172.67.131.77 | 200 OK | 16 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/81161.16bd418e776559e11cd2.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (15686) Hash3c97dbccfd4e8411ca557fa727fd0a19 f35fea6cecdc989d2850b9a1f7abd2330aff5133 ca76d86c4f5150906a316d1ca088cd09eadbd882971821fa6e030127b81eac32
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/81161.16bd418e776559e11cd2.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3d7d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMXaITum6Grqx2YNt2OdoZSjZtgOtzDUq1G1Z2pE3mCQpi%2FdspJGpSCHW4EkxOoM%2BCkXirmeidyLQe2iTAl%2FVzEqM4Ap%2BMaJ7Bn31Qxjx%2BbzrnCkOnLckfUAEpVqmIjPSeeHzR7%2FVo10KFokFOGgR7TOTvDN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab62b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/64612.26d2bf1afbde26a43a76.js | 172.67.131.77 | 200 OK | 16 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/64612.26d2bf1afbde26a43a76.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (15643) Hashe889f804c915f5278e961cde93d50e20 25e94c62cca79bfaba361e27e49cc687e72b74dd f3649beebf41954e8e4aceed2d74c5fcc81a61e1123b4190efa9a02f785977fd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/64612.26d2bf1afbde26a43a76.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3d52-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Srcu6igq%2FgCX0%2BmF%2FKa9MR%2FPERVLCKKlXQ%2B9rec9fipXiuGkdDaszSYu%2F46MaUOFjexC2tQfvMf9otKq%2Bw3Dy9FbJrilfxfGpoaTPa1XxZLIqGF231U3XzcjTeUKad6ZxgAWWKdlrZuOIMEBiJLEviVlhjdJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab77b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47470.c4ab7647d25b8ac58ca8.js | 172.67.131.77 | 200 OK | 312 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47470.c4ab7647d25b8ac58ca8.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size312 kB (311789 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47470.c4ab7647d25b8ac58ca8.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4c1ed-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ozTY7x5FO1EOe4dFPaQOhqayZP%2BwQ2oB2ngfJ5vHGFGNpqHaByd1nF%2BJx%2Fu6tJgO7UGFTFEujdbmeVCV8jfAKl%2F1aBKXXx1g%2FxZBEUxf%2ByUwPpQxdea0o0YV3ekVznXeK5a6zx7WBrL6HnQ%2Fagna5%2Bv%2FKear"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbb5c58b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/63900a1ba1f23d305c53.png | 172.67.131.77 | 200 OK | 48 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/63900a1ba1f23d305c53.png IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typePNG image data, 1058 x 1113, 8-bit colormap, non-interlaced Hashc8f0b54f79a9fd1ef60ad74c73a1ee1a f47b48f1bb9fac21e9887fe55eebf56abf454eba 8ae8119962b9358ab934ffb612e634fa23ca462c720c8915a8306c4c984d1cba
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/63900a1ba1f23d305c53.png HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/png
content-length: 48168
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"bc28-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zpWzFxodQzVVfg1C7YBesyoh1W4gUfH4Y17b6oB1bhn%2F%2BXuTyn38JYDGgYbGfRAKaXpwNsSbxZLMmWMbRFQGizunzmU7Yk24i0UwaKAnIi70kqrBMHkHtMeCi62UksLpbUvdHs553K3bO5huLR0fd6kRGKqP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bce8a79b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/99b391e2f74aa1e0d266.js | 172.67.131.77 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/99b391e2f74aa1e0d266.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/99b391e2f74aa1e0d266.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3558-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAtcfiIPs3LfbvooXUklGOJ4rFv%2FdHo5cyNl8yZOEkxPRTPG3LJtgywV9RMYezBrBeJSGKbbns%2BT%2BDG46qkRRhfmxdGLbTbLpEkvvY7M2Ijv1i0Enyx2oxN1uhRJA2AUtUPkUDlf6KxOYwL0xasc4rqHMfJP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd37a40b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/4650ae2583f4cebb91ab.js | 172.67.131.77 | 200 OK | 11 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/4650ae2583f4cebb91ab.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10990) Hashaefacf14a0528576a759837b74b8054b c3769250863d85360b36096f544b1e9c9904c9bc c0ea7413413b3ee925b173f94f67a7753ff6a77c00759b004e417b865ad9b727
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/4650ae2583f4cebb91ab.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2b1f-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fljzF4NWU8HE%2FChkt8UV8OFOvH%2FnHzAUpUx5EYR0x6mK5L1AUtPdjklluCu3bA5FWMGQteB3uvUkdLpXNobQl2LpJ2rXwUQcAtcAovaOqOk8PE2cC6PLOhInVmIisQ8SYka2GBjFnBKH32CJFAVhd6nGWKR6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd37a4bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/23992.0430129d8ed977cac0d4.js | 172.67.131.77 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/23992.0430129d8ed977cac0d4.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/23992.0430129d8ed977cac0d4.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"37fe-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7kHp5dCdl4a3Yc6KybTNoabOzd8nQMyZ9WjBJzRVw20m%2F%2B40nY42J59ycatF1LX5NE5iYRBPyvIE7EJ85hwz3fI8NxWCDVDy7hj3YrUHmJGr2jbxF95JrL4qbh8jr7hPTXqQ7WLI%2FN828zYnynHb%2FraUmEkO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd39a76b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/58409.1811376ebb7f14b0be53.js | 172.67.131.77 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/58409.1811376ebb7f14b0be53.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/assets/373c25761d0b65dbc8a9.js CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13964) Hashb04469c4ff1a1e4369a1238f1a6e7e13 baa699271e0bad0d5d568f5d0cb2dac21f5a2d0b 2dc6a1da0d49480f89ccab794ec25a14cab0ca4034039ae26e39faccdda82a50
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/58409.1811376ebb7f14b0be53.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/373c25761d0b65dbc8a9.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"36c3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFlloWgUMvtznM66T%2FAQ75tAumPs3ZS%2BKyht6ndcv5TE46KNyntKIflSubEEjXUeQzOESma%2FH6dTtt%2BGmnvovf%2BFGvmwYDPR8AUuyMSGug2Ok0I6M3jc9J1ZJau9gpHpnVyU6f9UrE3Ccf6QuTPhb5HhdHMi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd92b78b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/app.046be1857b9835ad19e7.js | 172.67.131.77 | 200 OK | 684 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/app.046be1857b9835ad19e7.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size684 kB (683933 bytes) Hash548bf6aaee7185ceee59b635b557dc9a 75c298df5f2397e4218d17de297d781fe169b461 4a0fbde1b61188ce3cda8fdce6f655968b6264dadea210b0434dfbb667f1a4d6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/app.046be1857b9835ad19e7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"a6f9d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9G18GD3oasyZCMo%2BiX22XEktrBdeGfYtFnrOCfGNhLOGvM7fiobgRLedo11Efo2pKVKjWQE7ikSTuaJtmN%2FrHwWAkqy1JGppG25fcXsyIG%2BHyebkecsQR298LmlA1W%2FkTa4kEdTBh4ot2c44zfsbxkbZt6rx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9ea31b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/22198.f5f5aeb061c44ad3e071.js | 172.67.131.77 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/22198.f5f5aeb061c44ad3e071.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12232) Hash037eb3fd7c79a6a5da8011e606e917bd 078368fc9988f02a9d9b2faa6494b3209ca6f8a1 b24340e4a45954dadfd82c820035335f0d27ea454fdbbb263ca273cd590d5a23
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/22198.f5f5aeb061c44ad3e071.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2fff-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loLkVuDpy%2B3kmO%2Fq4vjN6Aq3%2FGy7gX8f1C8aRjqDkzDCHt%2BkDKI1dioUhYSfLk76QWgsN86IGaxailIUIqx%2FJ2RFa%2F5sRQ6InT5F3cBEGBmkGnuvqtJZN%2FhzrLgVdLgPrFXNjgvGMRiy1DIrnVz9bVIinDjv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b31b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/56145.19258dcaeb421600cd44.js | 172.67.131.77 | 200 OK | 213 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/56145.19258dcaeb421600cd44.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size213 kB (212738 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/56145.19258dcaeb421600cd44.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"33f02-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvD3dpUPi4JLofhKw1blJGjBYzqvkfhorM6H7ualEdYQuJA1DdWN8RY22McRUUywmbMHX6d8zt0q1%2Fs%2FyWMa7xPu4yLkB5kTwUOqBv0vB76v95Byb%2FW46jkamcBrfhvnwj9h%2BZtAlS3LOUD0KXChyJPvTpYx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b3bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/78033.af8587a9881dd8fba471.js | 172.67.131.77 | 200 OK | 1.4 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/78033.af8587a9881dd8fba471.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size1.4 MB (1402833 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/78033.af8587a9881dd8fba471.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1567d1-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0rhu%2FIFctyKM6vCNIf%2FVDDhS8A7BO4hu12z3NfxnlZO52GG9zdrvWHACJbMiXevQ%2F%2FA%2BukuqByjDm8X9z6eH%2FGRediF063FXkpOfaNTIdceo3FHA043M1CihLK5UensKkj0nhKB511eCQW1QvWUaE3N6ULk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab65b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/a826e445dff97cf15335.svg | 172.67.131.77 | 200 OK | 2.1 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/a826e445dff97cf15335.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash1ff7f50b770d68712d36c79ae6121521 e3fe855784e971e2c57de12e878aa073da7d31bd ad965cb39af806b0543af5c32ae34cd0b136dda9272e6d877b067cd00563e048
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/a826e445dff97cf15335.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"80a-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NA%2F4Zlyoe5bdXkrYdHFLQpEqrBqb06xtQDr6oNPu5RNARSuGKSgk%2B%2BP7kLfE2%2FiF6TCuN5iNL19N%2BRcKH%2FkEvQ1tARCBrpBTxxgBCAqXeu6kerTkOAHUZoQr7k7Z0T3viWesrC%2F8k3wJUY1G5OwM%2FZf8VoLw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd0807b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/44504.4c4113c3ec609733dacd.js | 172.67.131.77 | 200 OK | 60 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/44504.4c4113c3ec609733dacd.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (59916) Hash34be6172cc28f54550f737535ee7406b ae6f7a023c57531df95cfce4b8c2faf862b922c5 419e3eebea240a838aa818a0ac9b57d607a52c7547cd9ee876bfb2bd84226e8b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/44504.4c4113c3ec609733dacd.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"ea43-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tzEJObFijDcyJ5031nRjAWVCirSTo7%2FKcCP3NqX5tNWbpy5%2BrspGh4X6xbN9IwXGVIGrat0zVXp%2FkTOFrorLlNP9ks1vwnRKh7T%2F4pBL7qPMG%2BOGrSauBB%2FZkeuKTXDuJnrmfsvuJtthDdtXuGwGbdf2ZJYa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd37a3cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/65000.e1b9099437a0cb5444c8.js | 172.67.131.77 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/65000.e1b9099437a0cb5444c8.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (21036) Hashabc619bd0b72681ed95131a5e0489b12 50f98a563f0b7771b5df533e8dd75306f37606d5 0384028309684382f2d9e791a778dbe1a4a0e9bc6e6756bdfc3d4f236ae3bc66
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/65000.e1b9099437a0cb5444c8.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5263-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FyugWv2zHRxhY0EW3wtbQ4W1Nxr684T04QipR9%2FKCNpsN5zMtC7VQITLvOrvk5ocYBh2NZaqMr4yJuSyWPF3jtDRIDpTa%2BPX9b3HVRd%2FXy60uMmnfjzFFC%2Br%2FYwMT97VOFApxdItD0gGAd8tTeJfM8LJOOZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba0a58b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/10991.d742d0d238c0d99e96ae.js | 172.67.131.77 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/10991.d742d0d238c0d99e96ae.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10475) Hashfa3d9476408d24313aaaa8d6794932fc 4ab50205305c760862e0892cdf69e397a73fab7a 1f9dc95a0409e1d5a703e72a1f03578ba3b0c28cc1e7177a2b7f46cd7056cd2a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/10991.d742d0d238c0d99e96ae.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2922-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqoraznV5oS7Aq5acKqGlkoR3JWCKoKRqL60MlxB9RK2UWshKBVuMdaLr%2BbtIqRBsWJEV7rhDod%2FtMj1mQk9Vy%2FRXfyN7HB6L400H%2BfCHDLErLNhK2sIFcJX8fAMfjVWaRp99g9jysZQyNDgA9beJVfG9Pa0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba0a64b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/99742.217a8e519977f9b5cbf0.js | 172.67.131.77 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/99742.217a8e519977f9b5cbf0.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (18014) Hash1960cd6ad791e73cdcfafff546853923 0ad17a1e5860279e6885d8d94ee0e29a1730d530 13c1c620578fee12330a7c3c003da2ea56f487fe471125b76add74f74d0bc36c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/99742.217a8e519977f9b5cbf0.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4695-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZuBrb2YnxRhcPUFwQBnAfOjKQN9QZw%2Fg3abODOtaKE9ZTnCgzD5weQ%2Bya4SKPgCYRhJiHlBH4DtY2scBoMog1hJ4FQG0NMY5A6ulmCSGB1wOYjmv2Si5TLXerMqE9PHCPoYOvjNgqg2qLZWUDwO%2BzFNVC3w0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba6b03b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/49191.4c47aae235ac3c0cdcd4.js | 172.67.131.77 | 200 OK | 13 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/49191.4c47aae235ac3c0cdcd4.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12692) Hashd4ce6646e8d5ffda699497912a3eebd1 4a805ee77c49b82538f97e189c6fe64763b596af 27303c6d56e622d841fdf0dbe19d3b61ba24b4d9ed0f0063554d40d051419a8f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/49191.4c47aae235ac3c0cdcd4.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"31cb-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EBRBMt54hQM8idSapaubvT7HEzdmvk0%2B99bNDkYfi7RGe2m7S5ZScaQouGd3dgo%2B0I7oKRcaWb7evgaEHcYNMKFn3RmMXQcAaye8%2FkxlI9k%2FH30KQwcHU65vdbJCVvxdORR3ZvqE3acSEspeJ%2FfLyjPGa%2Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b2eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/53509.d075f1bff85f12b95485.js | 172.67.131.77 | 200 OK | 9.6 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/53509.d075f1bff85f12b95485.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (9755), with no line terminators Hashe9eff6bdc6b8bf132d282ab7e5a01c35 089fddfc575d1e95f64830332cd239ed1bd373fa 31a2beb20e1900be01f696441242a8abbd9f3f40dd8e9146d61bf141b36b4cdc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/53509.d075f1bff85f12b95485.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2592-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ysATGbPNjU8FFSw841ZNL0si2pTf58wliMe5KcoofMHpxAV%2B%2Bd7gN162TBmrOZ7YqBhQmXKs4HPEm1ViIeLHqS3l0eoFnjeJnI0uT38A6HwitW1JCYnpVNwLc5LG6jzGTL4gfTVjQB1Eo26ehZWOV9v1APa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb8fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/22843.1bda3edd4dd152273661.js | 172.67.131.77 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/22843.1bda3edd4dd152273661.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (20995) Hash3d7d3c6641376eab526dc37c2a3aea87 9a4405500ec4685d070b940e3e58dbe95ebedf94 8bd28e45bdf228abeeaec72fec246300bf1a2d85ed2bec3710889cb3ad8b72dd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/22843.1bda3edd4dd152273661.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"523a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3hlh1PAVTG8JF91V%2BjkM406tuGSbyljvGkePsjoK3SNsi5U%2Fn7a8VcMZIe7ua1KkniKx4M2mHTrNQ7xIloj1H%2BLrHiDoOF5NcFECX5S%2FNDis2pA2nDfMQk8c%2F%2FWxhfpfREuLNZPYNJB9YcZ958X1%2FKKtKP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbb6c68b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/?v=2 | 172.67.131.77 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1login.discord-bot-verification.xyz/?v=2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.discord-bot-verification.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: arrP4D4h6JarjWQoIdknfQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 17 May 2024 12:06:51 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EEdVromDVcvPj1u+Go4G0wXlc3w=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QGFIu04qDuR4v8Bx8LsrxIJrBLlxHxu%2F7pSlBnI2aX4tzZJ6bGhPMuSPC0O1z61vycRrcLfiEn%2BxnRDxUV8cijkt7jkcGrrR00FBFCbVM4mRSWFB%2FXhogRtHthHOJq01ljR3rUup9cMOaz8F8QBqIpFkFnXh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 88537bd8cab756c0-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/66701.1a83dd6990836d80fe7c.js | 172.67.131.77 | 200 OK | 11 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/66701.1a83dd6990836d80fe7c.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (11178) Hashb2c21f2a66a342876b66fe2ccca32047 d6c8eaedf6bac6cc072935d1607b9387d912e2a4 82651ceeb7e2bd56422c831f2557e259f8e3ce6cf4e47020e5f0b4f13c81562f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/66701.1a83dd6990836d80fe7c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2be1-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g41yGIL8GBtFP0ccQGHLvna0jOXTA0h6viHcqXyA185%2BBOZBbijg6BewinShie64i6jZAN9Sk8EbFXoEQhWDAsDgfGt4t68AP%2BDYHMjnfD5Nf%2BcPz8qvs5OIerYW5ieyLJ26LhEV8zxJPKbU5bPM2%2BoiOhB%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba7b20b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/6086.2af42e57fcf6739db519.js | 172.67.131.77 | 200 OK | 19 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/6086.2af42e57fcf6739db519.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (19374) Hash6fc5e9f209e47dece5d8e86354e38916 78a29b4cf26974c725b5952e0b65baed2e3309c6 014e1cfc914dc362f3a55113e3aa27163bcd88c8323905e7d8b43c7b16ae821d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/6086.2af42e57fcf6739db519.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4be4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhAMD9xUeQwanqct1kx7pOjO%2FcVukH%2Fhm0OfQL6sqMdHVttooXBMFzlhe86iVGlGW4pCiQeZrTFS7Pj%2BA2%2BMVg%2FsDcyqDZcA1zwiH%2BgJf4JkuU%2BZj%2BUtPCe7M6YVZuQuuPn1YzvB%2B5vCM5DYmXnG0GYdVEiE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab72b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/18667.a2153b412864bc0484ff.js | 172.67.131.77 | 200 OK | 11 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/18667.a2153b412864bc0484ff.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (11075) Hash40ac4831e99b9248bfcac7f7dc820c49 ff2b273c92b32ed9a0849743bec41a5af5b9d3c1 b47a9d595f8492f38ccddba2d47641117fc6a8426d73db79218259717462518f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/18667.a2153b412864bc0484ff.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2b7a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PotvGqJKHT5jZxLdv7zTjpgz3vAzNYqs5sr3xrxda4BYQFA03%2F%2FW%2FQM0ODy7i%2FkM42mP1e9dVDFsbMMZONI5WRfPNGa9rzR6liqPEelA7G9X0SQ%2Biexw4ey285vhdLaSSfWrbkQVluURZFj4zUg98Y40aEyK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd39a7db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/3f46bbecb4287c0a829f.woff2 | 172.67.131.77 | 200 OK | 65 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/3f46bbecb4287c0a829f.woff2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hash8e0185b3d3272056b90fa759b629b4a1 f80ecdd55cf374b1f5520fcd64e97883c1f514d8 7f2fc9c03ac5cee4e206b61d510b427ba6e8f5c7554d1b5db42c5caa7cf2307a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/3f46bbecb4287c0a829f.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=poJ5lHiBKzXciiSGFD5Q7D7W0rZwaQoiow%2FUF7cNykQ90vMKuF4kYCNtu9I5RUh3wLZgyhRGMWxhIg514J8dKqEse%2F7pGL7uun27u%2BMd1aHvFFV9nw3KBXxNz7j8%2F8ScAD%2FKV0nCoXLi%2BaWv5GT5A7RVI0k6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd859ffb524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/31897.ec700144df6b20f401cb.js | 172.67.131.77 | 200 OK | 6.5 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/31897.ec700144df6b20f401cb.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (6675), with no line terminators Hashc541881b1eb8c6fc9ef167b40d30b518 b18e4deb44d3a876d671cd0c32c1cf60512dd342 b45ec7b4dce9bbc331cb5b4af670a517c046f91c6cc8d32f04c143456f3bba9f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/31897.ec700144df6b20f401cb.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1970-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSnp%2BdinJBfHMg1Zy8q6vfsDtPxp%2BjykEtq1L04xzKCX5M6o1JvJB3FgwkU87kWCiBJZ7cVoHS%2BfKsRvGMQ6v86UE%2FCGbKoGXXkvNBxK%2FDhccHuGyvkRy5NwBiHpjHsGz1y7WNCWa2doLZgeoH4mVjzbPXjT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba1a72b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/shared.6fd41c763b4cd504862f.js | 172.67.131.77 | 200 OK | 119 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/shared.6fd41c763b4cd504862f.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size119 kB (118990 bytes) Hashf2444e4ebe925f193c83f692cd8766e6 9d0c75a19d0693743e6429ab8da62f70184426ab 957af5a5dbcbbb943faca25af701c1a3d8839ad98d55ee5aaa401aa2f117ea8b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/shared.6fd41c763b4cd504862f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1d0ce-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64YeXQKTibfsnOlKxHXv%2FDZlFI5yVOyBsar1qm82uUby%2FEQ%2BUUuFCqBU0lPrGydyx5hegXKB%2FpbsSFzi%2BI130L%2BPxIYRFbXJpeMSWHzYsP1Z%2Fa5r%2FlrrbpYvIcsipSKNrRQngwEt1r1aDIaxJwN573oAzywR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9ea2eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/58409.1811376ebb7f14b0be53.js | 172.67.131.77 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/58409.1811376ebb7f14b0be53.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13964) Hashb04469c4ff1a1e4369a1238f1a6e7e13 baa699271e0bad0d5d568f5d0cb2dac21f5a2d0b 2dc6a1da0d49480f89ccab794ec25a14cab0ca4034039ae26e39faccdda82a50
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/58409.1811376ebb7f14b0be53.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"36c3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOsueSzFclMkslsc3nZ6gZqBXh77jEVPBeDaNZ4IJbxyTtXlH3D4%2BfDuOs2GCZ0NHv1E1PFLavN6IkYFeBaLDywq19g67SCWgPCVr8xFDVYsGNEV5E4hmApjJvXg7Kz6sPhSiX8Cc6xaJ2xDt3sLGtN4wjff"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba1a6cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/37102.04489c88475d6b93636f.js | 172.67.131.77 | 200 OK | 19 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/37102.04489c88475d6b93636f.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (18523) Hash6a056d7583533ca1f6f22eb59c25f71e fd9008c3477be5b59118cec1d51e0d5942e9511a 93ac8375ee2ec8788c40ffd8afb828f87d2e3b7a718f346cd92d353f32cf3754
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/37102.04489c88475d6b93636f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4892-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mj8G8mdRHnOS88iieTnzoThuhi%2Bt2K1z3AByq5uH8P%2BUBwphvn7ECujMbatAv8pZaKcf6bxCOELVzcShtpWv4PLuwyUT31DP9jlEDS046Ha1gDJ6wU%2BukjOiGCB1CyKRZsWkaWoGV8MlwxVU8fVte4XG%2FZyD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b29b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/78891.2eacf9854660d1cbcc66.js | 172.67.131.77 | 200 OK | 8.4 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/78891.2eacf9854660d1cbcc66.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8513), with no line terminators Hash4864c337a44bd2d3badf7670471a790d f64d984f97d5a1acce5a839417b7aa0f61a55095 3a7141586692ac441533e43942e1aefc2d326389e094aa7c78834f8e3ad48da1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/78891.2eacf9854660d1cbcc66.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"20de-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lV9AVe%2BRuqI6NFCBR992urL5vGO8KJLCBZlzKfVtvXdYV3tq%2BwIVfSrW%2BSGa4ObfGi5vzSOVvBHEHkBzsHp%2BPXp5exSV7ep00NjN7mcAEAGM0j6weJoA4RCUwvN58fjOZBYoKWrygn6zJ40ER6kLPHW6jWz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb79b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/7442b576347c1d02886f.svg | 172.67.131.77 | 200 OK | 395 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/7442b576347c1d02886f.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash3e60ff1de94af19ce4bc825b9d2fd18a c5a4ae459f6596bdefe85021f198826e316b4198 8a32440759eee1d213b1561c980ebe7856fcaffa11588a4b7131cf83fb1c2092
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/7442b576347c1d02886f.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"18b-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8MYXVIKiQ0Tu4s%2BV6NVqIXpv9LJcD4tWC1z8e4AVBul%2Fer2CmidvtBnbkkrSd7nqtS4%2BJk7ZvEj9NkBl7lpUyqvdGwqkTb9Pz%2BnNUhuySV4AqPSLfEDKvZjSLm7LgsrJfwXYfTJS2d2V6xOTU%2BKsEymgIkR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd1818b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/3205da2e8f78633583d0.svg | 172.67.131.77 | 200 OK | 688 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/3205da2e8f78633583d0.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash845877ca568da4ce63844760bd808400 c25334314d5646fa7bdc85e171bf96d3d4c6e794 cdded65b4ce8893fde73a93b00ee2061dbdabdbdaba65f0fc61631c17ce980ef
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/3205da2e8f78633583d0.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"2b0-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FUyzWIWThlKhk00UVoN6saCPms%2FCKeEZeWvC9061SPhoxNQLBmXHPbCtO3jN5UQ4ct6kTQyDp%2FsuGDLlBJ6poALjm0dK%2BuaeN2gbMTYDaSuB9yiX6dLx9cAZG82iEW1vTXqztCSPgux0uAR9UHeo7iEl%2Bbb%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd181bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/62783.e18caa1168cc95380ff7.js | 172.67.131.77 | 200 OK | 100 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/62783.e18caa1168cc95380ff7.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasha98ad4c95668e7f4c84026bb92b67cab 7491bc769395414fb0547fd10164defb59634ee3 68e24e65cc7a6af0a0d33cac04f39aca1e1e670d0c137724abe4a917975ede8e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/62783.e18caa1168cc95380ff7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"18608-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FovuTuqaBw%2FlD0quQvaaSf2Jd5%2BdEuxGyJPflrDg62RUKYQlpfhy5YdAyNkzD%2BX9syCXVoH8KlrzmkEMQWBIPNRfd9SMoRzD5fM9GxPs%2BulXHmucb%2BeF8yBJwCkG8F9Fz%2BGa7xdI%2B2Z4ISt0fD8naSBeb6wM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd3aa89b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94816.637e7c0b320aab380f7b.js | 172.67.131.77 | 200 OK | 87 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94816.637e7c0b320aab380f7b.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94816.637e7c0b320aab380f7b.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1553f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WHLeHapNrgISJN3cXrRy%2BmB7NihsgLdFFaaxbMt9FzD5R%2FBlhzE4FaIdPkSy7cvj3sMuGNQTqjGFqu8CVFFmjBh1orqR8PJRMI5pJkaQwVFkShtueksrDaGRsDNEIRO1zVk2uJtJRj4t5a%2Bc3NJk0KHaZvKI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba7b24b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/23356.ac12463556a44bd7b330.js | 172.67.131.77 | 200 OK | 1.5 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/23356.ac12463556a44bd7b330.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size1.5 MB (1470465 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/23356.ac12463556a44bd7b330.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"167001-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qMJChWNyo2fCekXi9WybCOLx%2FjWtiHV4qIe%2BycZRS8ROEGUFlyJRQRrYvwbo8mcy1r2gOd2yrnuVNdidLunjYYaSX%2B2a24clIXXFH9TulF6%2FkvsPLp5HosF%2BHxtpS23XJZkVZFsEJpfRM4t2toQD36JStIEx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b3fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/26737.36ed5a81390b304d18a5.js | 172.67.131.77 | 200 OK | 9.4 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/26737.36ed5a81390b304d18a5.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (9496), with no line terminators Hash95d4749bd78c2a6b73af4d40c1072db0 d84ff435507b47269b7877de20e2b5637f2ada02 37b9c1afe404b4c5e7e36ce3374735666c8f23665a3c88ba38e3cae0192c1e46
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/26737.36ed5a81390b304d18a5.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"249b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iyf7IaSHc%2FakIw5hhlDKfvwM%2Fb9XnntoW5edhhcmQ3cF4r0VoCPmPqXwo5Pdc54Qbg%2BR5sACxnaSdl8aDlPyrkcFedy9f59bbJTxjhvBafMMiNR88TAFVA%2Fn6x%2BVH2Ew1skKPOVx%2BH%2F3gc9uQDnU74HzwoBp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab60b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/373c25761d0b65dbc8a9.js | 172.67.131.77 | 200 OK | 8.2 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/373c25761d0b65dbc8a9.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8384), with no line terminators Hash67b3dae3e035f4b66cbdcbe9e2b3db06 ffc03b001a0a34c594168201310b4f026e43c3e0 9f70c195e6580956664b7805a511d15c3d1aa59353302cc02180492af13a5ef5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/373c25761d0b65dbc8a9.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1ffe-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MiX4aPbx9p%2FUqAfASJ2VmkgLxi28v4I%2B7ftr0KGmPEe67qh8ts%2FgLVUhbbqyBpmyZM03a18FLho4B1H%2BGzkThWtaGqgbEduh1gm6XGXQkDinJo65LP5k%2BnAjWquOkoXgrL81KwTbwxk94waelahZ5qQYogS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd3cab5b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/55695.a2abd2a754a025899810.js | 172.67.131.77 | 200 OK | 959 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/55695.a2abd2a754a025899810.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size959 kB (959311 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/55695.a2abd2a754a025899810.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"ea34f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2F%2FtXnxiuJrrnKdl7iBbnWDeSNvgZqObuLA46v8Uy5s%2BjW8l80136IWK0ARkVJFZilYv2ubuvBDWA5ZD%2F3Y%2FKKy4%2FIUaIEHDvGUpOa%2BSyhhSljmx9ZJCgyi67FErtxK3wHca5a20yyGN5y2%2FxevmQLl2q8TE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba1a79b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/74970.ad098636400bd7dcbe6c.js | 172.67.131.77 | 200 OK | 28 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/74970.ad098636400bd7dcbe6c.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (28091) Hash3c3526a5242b8edbf4465c32aaf8fa93 577aabb70319ddb82ff368904993a42b33867d13 56d5c52d9d7ee3aa25c7670d3a69b9d711c20ed56e61f26f21cb459640fbf3d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/74970.ad098636400bd7dcbe6c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"6df2-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EYEMuq6nflisaR0dZllPCwdV5FXQUc0ul6jUlrghlg%2BWksKoolEJ1kjSM1wxJkQMYvf836e5m7sARum7Nh1cBtpEabm2Z%2Fei9714hjKt%2B1ITJGS148R91X43WLb09NYB7ho9yTn%2Bq5u9zApLM5O3M7cnQeIf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba7b14b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/16b667dc5539a47aa346.svg | 172.67.131.77 | 200 OK | 4.8 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/16b667dc5539a47aa346.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash494836497650f0993f4284c20688a2d1 440998c4564e28141e685c4f4b69a40dbdb20e81 163f994765bec3cc17ee6a35331e4f5c5a3769d35a91c2beeebab9ee4981b729
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/16b667dc5539a47aa346.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/shared.20ac0e19e560421c41a2.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"12c4-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=udTs48MoLHkwhrNpUr4gWGA9YvfjyR7WP0BR6SdPjmBd8jpaQCe%2BQJ8WyvW37Fqzj2STCMhLMburrtxDlByZDuMr8SnTR3O25aAJ1P1x7A3AvWygmk7SoExXc8eQpYG6fY3ibQUGAbiXfp8LmtXo0KW8B%2BIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bce6a26b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/30982.a6d605c291ff090be83b.js | 172.67.131.77 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/30982.a6d605c291ff090be83b.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (11446) Hashd06e1097bc0b493b61ec8ccb6a3c1338 d69f77887e7611c330cff1fa7aaea9dafbc57ed5 1587658b44a41e7384ad7bd8d2e747e98ff01403347075b0205c68463b87dac8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/30982.a6d605c291ff090be83b.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2ced-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2B9SM7a7M8H%2FMpCm4MdKX0djsqEN%2FjMTzgIQOhxLANvDIvFrINM%2B5lhMsJfTWkNDPwHhWiuBqrPjofWi99RTa%2BFQOTMR3iZkKsy3CV%2Bga0bdeLZjrS1uSgT1AvRtWcAQx4%2BEQnilqn790xCm%2FZx2Ik9JRnka"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba4acab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94381.75805595bcb471e9283c.js | 172.67.131.77 | 200 OK | 17 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94381.75805595bcb471e9283c.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (17283) Hash1d9461b1a5901db3a1913721102de7f6 b5aaaaf164bd8d45b150d86ec7580dd08743efc3 8fee5c60698b99ceefb3b9443339bf6ae1b610b3e5df65ef668eb1dbc8643dde
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94381.75805595bcb471e9283c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"43ba-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7kl3zWOvjARIFjK8A7vsCftth3THCUOTmS3jKqgZW9bLHnB7rZekaitlaA3Evy%2FLIdzhHj4PnJXH0vteAo1py6GF6HLGnM1E8HhBlEs8Id6uFlEmfVTPlI72QdKxywOB%2FOKFOkl4Fp445g6WYYYughsiAlnC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb8bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/f84e3e81b8d0718cd917.woff2 | 172.67.131.77 | 200 OK | 65 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/f84e3e81b8d0718cd917.woff2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hashc0caa8227e2754f8440029c42df9f7e9 cc2f0e3655002fdff933711fabb53d63c23cbfbd 89a8e6fe1c595fb5fe77edd74ee8990458ecbf2941bb44e60ce8d96b6fde660f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/f84e3e81b8d0718cd917.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JP2I%2Bm%2F4emofUm6rz0upiJjiYPBxQzmmxM%2FvoJG5oRq1UuiXIZHd4avzUxPJ%2BsqqnxqILgfylAAEYKZ5lhgc1J%2FEpMWoH2QvZ%2FEcGsiri9HgCSJNsf75p%2FIThUEqQ5JX8KX51FFT%2BLPv835KXHd2GIw9nP66"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd85a07b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/shared.20ac0e19e560421c41a2.css | 172.67.131.77 | 200 OK | 475 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/shared.20ac0e19e560421c41a2.css IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size475 kB (474928 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/shared.20ac0e19e560421c41a2.css HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"73f30-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0bvZsZcw4fWY6Uk46yYbGf5V%2BJHmQS8xZ25J1QRdzDEmWgATJHK7dvWWEWi5SQ47UvPsrdIKNKvv9dAquzqvjRaBlYnW7YlUhR5ym61hNVUGKkFOaMrEauLOP0YUTmdat%2B9nLfoRUSyHw30FMGBzjLSk%2FGV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9ea29b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/22843.1bda3edd4dd152273661.js | 172.67.131.77 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/22843.1bda3edd4dd152273661.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (20995) Hash3d7d3c6641376eab526dc37c2a3aea87 9a4405500ec4685d070b940e3e58dbe95ebedf94 8bd28e45bdf228abeeaec72fec246300bf1a2d85ed2bec3710889cb3ad8b72dd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/22843.1bda3edd4dd152273661.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"523a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDrpkJ1To7HYCOetnnOCl0iGVA4SZT2rbkRXKrbao3hNiQ0sx2QicApwju0VRNl%2BYCXMT6XyPvh%2BJu0tAzumROONNgIVQyDxmxkFbmZ4JPDOPDZ8qjDaHrdk%2B%2Bxur%2BitfYYS2HM7FR44tvvC6fE7dwTxsyjO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba2a93b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/66888.79756ea63981ab2a6341.js | 172.67.131.77 | 200 OK | 15 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/66888.79756ea63981ab2a6341.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14863) Hash1d86b77c518ea58ffd94ca73f4ecf8ec 46fdebd87f50f9aeb25b1908c92995e8d39212e1 a2740f55ae9c5911162e7891dab7a0a23ceed7ff351fb7956bf02f2a46e68f24
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/66888.79756ea63981ab2a6341.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a46-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otprnm9OqCl1ndTxt29NKyuKbuDhK7jGKXPKQhtXGU74JwSqgqWrMCZ2AMA%2FXuMwwVm%2FW97N79aQgjbXM6eNwGCMEQ8NSFzU183AaxGMj3SSpQjTqoY6IcuVmhitV6L2DjGO%2FSqcKC0bonPZ5nmmQmmW26Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b54b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/18409.4b935bbdaf404e1ee4c3.js | 172.67.131.77 | 200 OK | 9.5 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/18409.4b935bbdaf404e1ee4c3.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9914), with no line terminators Hash5aa60c5a1722502712e8c6df505d4633 81a39b0f30fc6a4cf1dc23df5c165fa4d9dcd474 6120d464aae1c7b09b57c26824fd3fdd42710850090bd9e7221a526713cab5c4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/18409.4b935bbdaf404e1ee4c3.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2546-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IU06uBUZtyO7cw1HsHfM5kI1EnIuEc4PxOHGLK%2BruB5PWZg%2BQFLyl7AZotaMOYFZwgMX4rtgsKSBnNg5w4Eoan8dL1FEoonEQVWnDnKvdZ3fqv3spZggb9ExFwsKpoha0mfAETIRCTh7XPLJ8g6D2KXCzDZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb78b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/69628.7b15742208fc0d4aa02d.js | 172.67.131.77 | 200 OK | 91 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/69628.7b15742208fc0d4aa02d.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/69628.7b15742208fc0d4aa02d.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"164df-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gsmadsq0MN8ey6rat0gw9vASpU1j%2BfXujseAuCVAKaf0QOLi8XD0WAtxcOTMOpJgfRC6txG0yZI5vittx4P3mXBN7vVQvWEYPE1nMXO7zQ24eGSfKOSWomdjKq%2B%2FYWgMm1Mp2lCtD2BpUlZKW8BH%2BCoLCccv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb84b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/5486.e277dbe0f48aff03f253.js | 172.67.131.77 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/5486.e277dbe0f48aff03f253.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (18439) Hashda488d066f499947444eb7a2c835e1fc 378be16a36214b56e040795885974a4e7d5635f9 1dfc9020a696de7183246e819d88bfd70298526c4bbe9042b5b39d3628cbaebd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/5486.e277dbe0f48aff03f253.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"483d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxsKJAvS5H3rgrhlrczvRvyMJ8LX%2FYYFkdg3Hn7PZibiTLtoHbsVVfui9dSjuAN315FSctExpcRG23n%2BK%2Fvaq0cbs0u81v8ENJhBpsSOPT317LIWDITAk24xHzmJEdsvCAohz6upP9ddgFlroVi%2ByQ2mR%2Bx1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba3abab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/sentry.1e20f9b7b3b2507e0dc7.js | 172.67.131.77 | 200 OK | 8.0 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/sentry.1e20f9b7b3b2507e0dc7.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8219), with no line terminators Hashf6c12b3561afb0c5be1c10e2085c10bc 82e6c80f75bd4500d11b8a8eeab09258913fbc04 1fcf9bcb46efa6f11a6f1b081012b0dfa29746b084197a8b57f6cd0288e6646b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/sentry.1e20f9b7b3b2507e0dc7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1f4d-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7iNySRXrvTYyb46Tkw082v9ko26MmfL5GcJrtqFVw%2FbnlyOQBO3hFZgCPlCGZMooZkG1wY4msvjxSCEfq5tSHa%2Bh4ZtKhND8WhaPXWvjTcEafSTEJ0ONhBCGlpEATVNhR4Vog%2FlzK8NKlzbtZHoFx6N1IK6Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbacba7b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/321a07cbc6f5919dbce9.svg | 172.67.131.77 | 200 OK | 139 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/321a07cbc6f5919dbce9.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hashd8307f61f76f425f8834fd27a04c1b3e 5fd275de4826b418e24dfb34abca1dd2d6397b78 e05e223815347635e74c037681ab5036542fbd6c1a0f08a9c923153ccf837441
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/321a07cbc6f5919dbce9.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"8b-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4GLVJ%2FW39WXFT%2FffJYVzy51V%2BVQSFacWNgVLq%2B48zGUwmpJge08jwgMTTymtTbm98qAcdEQqqziZzau8HUc9QWUhaARnY9g0R%2FTEJmZEq7iX9sd56NgQHPkqDTgzipRGODvG3jxYmYOQaQ26Ny9nuOvArAZS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd0805b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/71193.ad9560e90cdc0645a7a0.js | 172.67.131.77 | 200 OK | 774 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/71193.ad9560e90cdc0645a7a0.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size774 kB (773921 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/71193.ad9560e90cdc0645a7a0.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"bcf21-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nljIaH7VMixXL3lDnTuRvz9x0mpAo9thFHygySgfaRYJjjJWEdk2V3kX6%2BGhrkjV4rjEdyJMPqrh1Enq7jOd1DHx0jk%2BBPkhHFZcjLKJbkRKyuK3lzqeoku5ryQrqrIP24AvcCGWh3J0b156NRdjArBu2dlB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9fa4ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/65225.45a68e44217bdc89eb40.js | 172.67.131.77 | 200 OK | 76 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/65225.45a68e44217bdc89eb40.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash5ccb90b22d94fa973ac33a2890fc7929 bb8b8e3a4a475920dc76225e76dad6c1305a76e8 e06633cbe7f25420c71e6a28fd6ccab71404df0d3fcf630e26cdb040e0e0ae2f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/65225.45a68e44217bdc89eb40.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"127f6-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9aQHCx1UHDrea4E5troKibcvli%2FUz8qBUCzZyZn0g1ZxjuQvQY7NfBCl5xDbS%2BAeoPR5%2BfFycBpW79atpJ2k%2BHkicw5wzRNzP886I3UKmB%2FAjxUnGPYDy1LwubTBwc8XdBQppy2PMNekBfEu0%2FHEazMnw%2FW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb86b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/experiments?with_guild_experiments=true | 172.67.131.77 | 200 OK | 37 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/api/v9/experiments?with_guild_experiments=true IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd7a43d72fc2dc715fe66c5f4142a8655 b9c09812351fd59c73c985a5638c1ff8ce379d0b 8ec881badf31988819721b4be0c2a988a2efc0c3e83010b81b3ca434e96cf905
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /api/v9/experiments?with_guild_experiments=true HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Context-Properties: eyJsb2NhdGlvbiI6Ii9vYXV0aDIvYXV0aG9yaXplIn0=
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWtVniQRuAo0Rjnhj6cSoRQSOtao%2BwUeMAlUfF2EAzTns2LpFJYaW8%2BRJf5PgbNQIIV2pph%2BnOX2QjMzvlcere8lAf0guOM7EGChTLWqb3P5C9aaHr3G45nLMTaf"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=f08b5a20144511efb65a52794bd4ffb8; Expires=Wed, 16-May-2029 12:06:49 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=f08b5a20144511efb65a52794bd4ffb8b1bf2e6def575aa0c46039abf844f4341702bcf87b363f03f334f7a9d6623055; Expires=Wed, 16-May-2029 12:06:49 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=38cfcfbe2cae8bee8ef1c1d040a956a2519fac18-1715947609; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=dVrZDpnq42rhI75RKIzeqZyPeMtxChduu.JkRD9f1ME-1715947609339-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"9141-ucCYEjUf1ZxzyYWlY4wf+M43nQs"
server: cloudflare
cf-ray: 88537bcabc35b524-OSL
content-encoding: br
|
|
| login.discord-bot-verification.xyz/assets/6c42b4c506b85fe11a22.js | 172.67.131.77 | 200 OK | 1.5 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/6c42b4c506b85fe11a22.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1570), with no line terminators Hash796ce95e9599161a89830db156414f85 41f12b5d98d20ccceb5afae584a3b799af954d5a ec351bddde8216343d238ba6d768c26173e22e45bbbcbcb50e76b99e1faf201e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/6c42b4c506b85fe11a22.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"5f5-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6HMFJxMwMMY%2B0Xe2kNaGfxxWhuux27FylUvz%2Bw2fGOJoySHxX9C0H%2FoskiBCI4sdxgADks8HLu9QYQkSez6ITdxF9y0rUxlEUZsSEzaodKP87gdeZG2swJSq%2FF0Gj0lug8ec5ha6jxIlDIe%2B38wBm3uLfVV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcccfaab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/1182f0e14eb94a3d391e.js | 172.67.131.77 | 200 OK | 37 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/1182f0e14eb94a3d391e.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (36601) Hash52b599c4aedf6b6ffe9c2ed3d2b352bd 936cdde615c933061158424d3b8ee939c0f862c3 17968598d9e70c9e4261422b17902c0d3cee59654d9fb070842f392d2f760ecc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/1182f0e14eb94a3d391e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"8f2a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TULjyyGYYu3f6KMoXgSeE42vKXWTBe%2BDtgSaghIcxqQem7VLmQcTDBCBbVtkFZip09SlAAI33ivNPEUrY43dIDcNqXYdS5NdX0aYde3jsObkjDNUopkMNBw4zQJYZmvaF11CN6F5Q3Z3p2aZMlBDOrszLr6X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd38a5bb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/adf75861421c2a6a6269.png | 172.67.131.77 | 200 OK | 1.5 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/adf75861421c2a6a6269.png IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash092b071c3b3141a58787415450c27857 d7002b9404799e18bab34e931a6f2e23ab1ba3a4 f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/adf75861421c2a6a6269.png HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: image/png
content-length: 1532
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"5fc-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DrSJ%2BYR0Arlb7zCF0hpM%2F3Xrs8mBuGg9KORr9pPtBor5R7jjtNr2aorvqjjf9S%2FFwxdikRhMGBaqHliZRnVAmzUqSCEiPGFP%2FKNAYaRcKvo1ccKp1hXkcCdpRR4Z9JW47h57YOq1vQ2i%2BHgfI7SMq1ozSSXt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd87a3db524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/14786.f948127b41553ade279f.js | 172.67.131.77 | 200 OK | 179 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/14786.f948127b41553ade279f.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size179 kB (178740 bytes) Hashd69e56d43eca67fdd7b58880418dad05 2c978cf96ee924c1eaf3a8e7f4f7a1df8a67bde7 1e625e5053b23ddf6c8c3c0775e2b7f865ad1fd8e34a3b67b0b12b714dafddd2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/14786.f948127b41553ade279f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2ba34-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FWkA8irq5FjVX89AFUmIAvoS2sb72s61WjvfLUVfNwhaGjB5nudAewDqnJXEZZ5df5rKAwOD4VmK8xj2yOf2atybtqgIx2W73pXyjH%2BHOfMSyoDYk7xl7R%2Bif84FQ1Tg44hhOBKzKZIjkwg5suA243Wpu4HD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b59b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/46541.c33eae8d471e53d0e4b0.js | 172.67.131.77 | 200 OK | 11 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/46541.c33eae8d471e53d0e4b0.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (11221) Hash5ae0a08a3f12c1e8188baa3c52edfdd0 f557a1633dafe82e67dc1c79430a29e8c2770c1a 8c9541c705b78af92818361f371dffe2932fe667fe5bddfff23a10a94b0e9491
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/46541.c33eae8d471e53d0e4b0.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2c0c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dzCSc%2FSqS8mkdnr3pnmT0jivwNFwkE%2BDHpxQD9Gk2a5X2davrEGBmBOUkQ18OmSj4tsZhBzt%2FNefaqxytf3NhfdEoGOF%2FlMcqu2CJ3AyPy7URW9d3KZsniLwqc1xFKcBLts8mXhJENue1Obybbbm4Z35IlD9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b4fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js | 172.67.131.77 | 302 Found | 7.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 17 May 2024 12:06:49 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuA5V47gXFhW0pU1pNRvrdBVRiu9Iwasen9QRWodP79PTNnj%2F1Jf05O06ZmOb%2BlW46EbGfUmd8NeNhIN%2BwkHDCgSBCDDVyIACb1fWpoSa2wEUnmwYv%2BeRR72bUCFMxes6SXTdcSBDhhB5%2FqvqdOpV4E%2Fz%2BLP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcc7f43b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/27043.105ce50242094adf158e.js | 172.67.131.77 | 200 OK | 91 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/27043.105ce50242094adf158e.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/assets/373c25761d0b65dbc8a9.js CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/27043.105ce50242094adf158e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/373c25761d0b65dbc8a9.js
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"16445-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGaINd%2B0t8TpU2%2BOPdTCxH%2F1pwc7ptlPS7XUPFglftL4fTMZjxO5LXYbppIZWiiYlZZ3hi3Rexl1W%2Fu1FVoVSE5t3rzV2hBx0qYvoZ%2B7Xpociqj4vNmkWjeuf5j%2BgTJrKjKGG9VmkhED%2FzWYzU9tBeHMUJ%2Be"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd55d17b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/25653.f1981721227784f0166e.js | 172.67.131.77 | 200 OK | 164 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/25653.f1981721227784f0166e.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size164 kB (164235 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/25653.f1981721227784f0166e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2818b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RpkA9kVV%2Fh4Sc8a4obqLTfa2DiFeyP4XHrV2qUO9qNLRgV274raV79L%2BzxURCXv4wgMU53opHBnPI4CMP0Jq717d8IpcDA2MENQH06%2FZyAx%2BOpo2vhhCj8jUCjrP69jPSYmgnG7YRCMMssDDcqJ30qurkQBQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba2a96b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/60499.862663374dc7b2606eb6.js | 172.67.131.77 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/60499.862663374dc7b2606eb6.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (17610) Hash4ccfa2e22aa81b9717908bd2e198c04b 77c537671daf78c65664c86b2348a8901076b2f1 b7094a75dfa107fdacecb7d4de84339c5bbbdd4f7d138de620e58fcacae645de
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/60499.862663374dc7b2606eb6.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4501-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BAJNDXVvYnbjuihjyWLcpEH7sFjXXPTzWgEsFmPGkNji16VKS9a7WouUNz6jMj%2FhTY3qB9S5hQg0SeuAbLJ3sQs21a4lMfWFFs1k4%2FtIP8jcsy9t0fyRmUgwvbpiOtXOHAKKqPykyG49hB9Gi1R7VWJ6cFNn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b28b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/auth/logout | 172.67.131.77 | 401 Unauthorized | 40 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/auth/logout IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash38d40c65f5aec315354932331ced3917 4cd617dfe5fd6cf92e8768be47285b7cefdf2c1a e3fd6ad817780810ad071d7576c6221115748ea3f69a6b136d62840eec018ad9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/auth/logout HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 38
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 401 Unauthorized
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/json; charset=utf-8
content-length: 40
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKrw9vb%2F6MfeNPF1jIiYN3xp6%2BFxi1b9AaZ86ne8noj9VybrtpH6NbEB0X%2BQVs9oVsuZeh1akG2dI%2B7nhrbWBltYW6HWrkcH1Pt00UPGHOrldSBBSmO89l5LaDOP"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=f0e7ca26144511ef906ada6ef8b8dcb5; Expires=Wed, 16-May-2029 12:06:49 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=f0e7ca26144511ef906ada6ef8b8dcb58455e1065dd372b531fb95589ef4b36490914a88fbfd356f1f6cf90279814c36; Expires=Wed, 16-May-2029 12:06:49 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=91f6dff938c8aea347d219e6d90d39d592d0c3cd-1715947609; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=7IYjAosM4E7onPQiq632h7fQhYGDsRsypzIjBihkAoc-1715947609933-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
etag: W/"28-nAT+1dRCNxqZHZxcYzWCdF5hQf8"
server: cloudflare
cf-ray: 88537bcebaeab524-OSL
|
|
| login.discord-bot-verification.xyz/assets/68291.687557b9b660607399a3.js | 172.67.131.77 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/68291.687557b9b660607399a3.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (17615) Hashdd0045a215121572125a5304c3133a15 3ef4f53e521272322eac0952cf5b9b7f7b01ceee b491a88ee2a3533fc0c2eaa6a9f23a5e5d8e431a06aa9cf36e4c36fdcb0c699f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/68291.687557b9b660607399a3.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4506-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kqyAGUSjwZcmPGAZxBaB%2BnjfXltSLeJF5uqfLuAzBSzIJrVsKbJ2qY435o6r6GCsyGXNlKHTqeXYiZPxa4t9c61%2BFVi9LpTXzfzgAsubRBzmHI2j%2BoQ0RA2cxh2eQjUVY3H%2BSNd3dtMzWO9yXamyG81DIDtt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd34a11b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/20117.7c4ea5cd4685b0442b9f.js | 172.67.131.77 | 200 OK | 56 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/20117.7c4ea5cd4685b0442b9f.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (55750) Hash3a328a58679dc7c65aede3025f694875 2b46354311cf752e3c734ac9e5f803bada1eea8c f6cee9961dcde12c0dbd889adb3579ab836fcaa34c99828f36856b5f1de9bb90
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/20117.7c4ea5cd4685b0442b9f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"d9fd-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzW%2FOwLx6I2eWfXIHO0wo1Ada2JRyb93XcBuCB9meXzMqFeFfPe%2FJF0%2F1mgocQ0k82XGSrjtoD%2F1opVGDJ47kWB8E64QeIW2EheuIbg7TuqIqRf02fYWRbYlYU24OSt3M4KoAYmpQmhX8rmFVmy8jfLN0Mpq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba1a68b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/41611.7d797575820892675652.js | 172.67.131.77 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/41611.7d797575820892675652.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (20820) Hasha290ac62b9753650e23d6e78ea4af855 417747142045ca3f2e616d389c0e678c3d6bab48 7140411b3e59a097ef31914fad63941fcc863cbc7fdf7f8aca5ddb67f9a6388b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/41611.7d797575820892675652.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"518b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTU2pRa0S5BQlxqx%2F9HykMSDbeQ%2FZid5aWEe674TJy7FH4Wc7xZsEVI1r55MAWvKigf3nNjDWeV%2FHkdXM57kVL%2F0sofkI2bDOyNT%2B7JGoWZFNWd6F2JgShR%2FCWJ9E%2FsEnNHfD4r7ga%2FMrTLu7vKsbzv7Cvps"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b33b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/67079.912803f13064d4c3677e.js | 172.67.131.77 | 200 OK | 23 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/67079.912803f13064d4c3677e.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (23306) Hash2a521f7bf2072b4d3eabdf38c0681157 90cfe120f3d79aa5d4efed7a5b458ec27e2d9af0 d7cc40cdb7b530f4d0050c5354a295361f1550e1e3f3092b8e2758fc26006903
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/67079.912803f13064d4c3677e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5b41-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIKpISRFw2A59Bpfbkbzkb0zD7mwHMtLxGjf%2FfGDcbd5ffdnNBvuZk0no%2FnKiOj4LRXvdUmzI51WeZbU8StNYjUoI%2FqS2ouysb4hWdFyG6Rmy%2BThdcCJJB2l1UZKKBWIGNsMu2a%2FiSOUudkE4MN0o10BExNc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba8b38b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/web.a572a92ab0a38d32b311.js | 172.67.131.77 | 200 OK | 116 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/web.a572a92ab0a38d32b311.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size116 kB (115711 bytes) Hashb97d0dbd751b156ed94ff7be9e299ec2 a7adab0116d09edf46e2fc7ddce04b410cac250f 866bf767de1021c0532594c9493db97ea678bb09641905230423d3276937fc9c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/web.a572a92ab0a38d32b311.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1c3ff-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCxCzFyb4kYo5trTEGFRuFlE%2FzJwAUUusgKQSdl9mUx6i4oxSdiOPvsIv7GHxy%2FgkUfouxSBzPvGeFYiUq13A9C%2FkHphibCeZWZN3nic7lT06AVZkQGzM0xb8K6bVzt1seTs%2Fsmvtzx7Kc9TrO7Vk7ZJcPfH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbacba4b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/6eba4b5678bf2ff1c053.js | 172.67.131.77 | 200 OK | 45 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/6eba4b5678bf2ff1c053.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (45008) Hash837a213770a91c0bac5bc9e9c90010f2 0607bcf00f83d5529a1948a9214e8926dcf7348f c615595bc0fca0392ff1f30597dc0ab1cc6bf06493ce2f283bc30736a3083c30
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/6eba4b5678bf2ff1c053.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"b001-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LnOdq36FsUEb4s7FkL1Agjb2yN9BBaGCLysZsgpHwjwCKFdkjuYtGSrtzQaThu4eVh9ZHOZ8gvJlwfT8mmzSuVj1KIY%2FOV0ahzkvJ4yInXUBO%2BmDP8sxo3lx28o4EWRRWM%2FlmyUn2Wc19gHxLdB1FN77E2b2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd38a62b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/373c25761d0b65dbc8a9.js | 172.67.131.77 | 200 OK | 8.2 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/373c25761d0b65dbc8a9.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8384), with no line terminators Hash67b3dae3e035f4b66cbdcbe9e2b3db06 ffc03b001a0a34c594168201310b4f026e43c3e0 9f70c195e6580956664b7805a511d15c3d1aa59353302cc02180492af13a5ef5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/373c25761d0b65dbc8a9.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1ffe-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2B9w%2Fmdm3Z2UkplsId%2Btqc49jlCbykPOJ%2BBxmVuP8GU9EDh2N6braikfMKShpewQz%2B9TfdWKAfZf5mvAUlnYpqdh8UfR%2BsH52QZrrJLI%2FAKImAmhZ6Cjxg2bftdz91Og1cuXgUNKMBUv9uG6gR%2B7PwTugiZk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd3cab8b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/89261.02ed5e657cba70087452.js | 172.67.131.77 | 200 OK | 15 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/89261.02ed5e657cba70087452.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14959) Hash792d2294c9fb0e7d0a07bff3abbb0d0b e3ec35950876ae2e409e65759d0802c00a91e40e 2d3415e0b866788b07564eeec5035c17ac14645fd13b0bcb9bdf71b5f66a1e69
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/89261.02ed5e657cba70087452.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3aa6-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FDfuy%2FfmDrV6CAeE2tbjmXhTppYMHY5cHciHWCMglO%2ByQYtH8MGUS82vPp1oqo2wr79Q2FfMRAtP%2FqweKMINlHhznGlCGbLE%2BhcqgnZ8i0rersU46nHEZhzsV%2Boorrq1y0oV1mOLSxsdtwNaNnIWk6V3EkWh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b5db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/6575.507fad3ad28f9e5198cf.js | 172.67.131.77 | 200 OK | 1.8 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/6575.507fad3ad28f9e5198cf.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size1.8 MB (1792121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/6575.507fad3ad28f9e5198cf.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1b5879-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7W9jdwkthf8aSV5oAydx740RHq2ZmH1ItdRsyBehtlM5GqDn22nxBGxckDnkUIp1L6tC0NgGnvNjCNlSLZRnGtsFEy%2FFWH57yDKc15lJsfw9cL7R9LZ3Djn%2BGEbmwq%2BIOranGAqb8RQInH%2BZW64bXfFlernQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbacb9fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/b9811218b3a54ad59fb2.woff2 | 172.67.131.77 | 200 OK | 65 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/b9811218b3a54ad59fb2.woff2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hashc7621ccdd6a8ca9b681b2def747d72a7 61c3dbec477606bebcf5d6ccb58f26659651d0e2 135667d8b38dcb9372bf4d65eaa44fa5438d0b06831a2cd562eb82b8d44f4098
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/b9811218b3a54ad59fb2.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:48 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fYcmc2E7mwanEYC%2B2C5S913sEbWoxclppmmCUiP7AMGuv7MgTESHp24gkuqWqN2nGGN5l2XrTw7uAqPrwbGZIk0Ekvoq70vTcEbqKTIsY30bNp0%2BMsKnbPaEfY1r7pmqaOBh7bbNB846knsAj1GDkMcelmUQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bc939d6b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/8e64227ebe6f34850334.js | 172.67.131.77 | 200 OK | 2.2 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/8e64227ebe6f34850334.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with very long lines (2248), with no line terminators Hash4000d28d0f8e4feefa8883aec22cf353 f8f67e124e53daf7414e941168e01d2a9c812e85 817abe560796ce849f16ac01eaf0f4ba1ce40ccda95682cf3433dbdfc80db071
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/8e64227ebe6f34850334.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"88b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SbnJb%2FK5vUs5KnF46sO8e%2BcKR%2BuyQobWkiA0N%2FTEoBbzz0IUAqOHPonTbbmeQDwsI9wvHg4f9SO0tpfrNcXoSalXAgSvkDCBS5hHBz9ZgS6zRKNK7XofTDdhJPKVNz15QWsZlWvkwNtNLSPMvO26xmcnm7rR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcb8dc9b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/1f3e315f020ed5635dc1.svg | 172.67.131.77 | 200 OK | 180 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/1f3e315f020ed5635dc1.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash7be3d705f8fd758f30fdb6d593364954 469caeb23537d7152c40fca8e5a8c9a03013eb07 907d7bc2d1af895ac583237f9005822ad480c51fd03618f5a7819c3d71b62424
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/1f3e315f020ed5635dc1.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"b4-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJDchwbmJDGbvrD63bK3cuZBPm3GHDgkibAxXsoWLFHTXWIf08i87Gck3KTa3OSqt6ssKxXyBmihyjkUu9HcoV20jYZlHIS99JuS8PHXWnjXAO4U7ccVMErSvwapDxmLVm8%2BkEYB8YpeqfTGaMK3DexdN3lj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd180ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/98106.5d0f74b94113ede84656.js | 172.67.131.77 | 200 OK | 111 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/98106.5d0f74b94113ede84656.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (110574 bytes) Hash052c17e11e732de852f587cb1fe2cda5 31a92c74ce4c31c741d43570106a7086c94362fa 52bf56ddfb5538d260a9163c9fa4bd213fb2b79ee3da2a2cda4de6c37ed53ff6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/98106.5d0f74b94113ede84656.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1afee-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kD3rk0gph2Ca7C6Zs6R6XCDXP9CBzE2STQrghyhFkJHktR6fKS3tMa6UNnwNztIRjTkJeCULXOPbEbKttb6OpjpnupnF3VWNGhMQfzsS96ezNkkPTLayUaY%2BtixKxVjAx%2Fp%2BeBeKKrevQokMzMdjM48Lz44%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd34a0cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/13798.6a2a5ac1a86675c94b6c.js | 172.67.131.77 | 200 OK | 7.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/13798.6a2a5ac1a86675c94b6c.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8182), with no line terminators Hash81548497b4c074d04063c9f226154ade 3548f8053d9df0534168b499bf42407d8e573e2e 13ac083b959b6c894e5118fd5a686a4985575125a984190c1f7454264cfedeed
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/13798.6a2a5ac1a86675c94b6c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1eb0-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2FCcmLmDWTyLNdz5l%2F1FwIt7GIWK6TNlGztzbNFUY1ZvvaWFsjkHiskLobmdi%2BF8tTdHxEamYfmBt%2FFNnrbK9AY7irwssgyIj6hYFOUx9pShRc8UVad%2ByOenCtbDdFe0TTBoxMS%2F5y9vPKvUBR3JqGg%2FOioY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9fa3fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94751.a83f5d49f2a33eb3efc1.js | 172.67.131.77 | 200 OK | 1.0 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94751.a83f5d49f2a33eb3efc1.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size1.0 MB (1006633 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94751.a83f5d49f2a33eb3efc1.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"f5c29-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMjcicRv9fnJcWtMhgZeLWiXsY2b7KSaSzRLuDsDOlvq1irQ7sLtUzNC37LDix4mFSPjcCHywLplpZ8vcoOujCPRBsJrYreq%2F8AOKIKqvqiy7anjP%2Foq5A1HWh2UxtimizGmPpBTn2prcrzLYIdLOT9LV639"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba3aa8b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47498.38da6b2cf2f487359536.js | 172.67.131.77 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47498.38da6b2cf2f487359536.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10010) Hasha4ff99b0bbadc5f521c2a07f0f1e3f93 30b17f14702fe71f825a3966b652f65705ec3c93 6e2b1b73e8b8dbf90920572224e0edfbf56fa6e20d0cede00321cb2ac91c1254
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47498.38da6b2cf2f487359536.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2751-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VD79IJiXZNa2BJcxxtCCSI7FT2SqR9K3Ua%2Fhr6EbeiDU6IglxFrIUUaN%2FsTxaa7bhj8TF5rlyMPeOk72%2FhNOBzspFsZRicBiWR0uTDxe8H7Aac9JNcnIRKuJt8u8kkqe4E2CDyQ3LcF4629k6ClX9460n1Eu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab68b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47470.c4ab7647d25b8ac58ca8.js | 172.67.131.77 | 200 OK | 312 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47470.c4ab7647d25b8ac58ca8.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size312 kB (311789 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47470.c4ab7647d25b8ac58ca8.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4c1ed-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mbQo%2B59R0K2aHRclBcrBN%2FtkBxDx3gnxDcEHBOXVinLWXKNiW%2BGl2hZHSSarFnR1g8g9Hyhaaw29skAtg9Axt%2FcuxZtabEmIFRaueBFvYBSC98YbeZJYEN8m3sQ2qZTDsPNa7nOY9PeH5nFBFBXQqqu9bgrl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba2a84b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/38081.229b2d35737bf3f84541.js | 172.67.131.77 | 200 OK | 22 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/38081.229b2d35737bf3f84541.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (21630) Hashc20b5e9bd89cd932aec62501526bc4af eb2f709ad66bef7b20d4ecce454b827cb5758391 b4c9960af0c70acf545990b29eab7e4465caa262df425c820907bf259da27441
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/38081.229b2d35737bf3f84541.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"54b5-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehno2EnfIWIY67So1tnrIng3KYm5j%2FLNWNQDCMkkUz5vWKFP6WDe%2BK47QzEfM%2BSqL3JSDaS%2Fb9KAIGCnnw8MhSXQ1793WfQSXYPbgnFyFUg1BGMnnoGlVYrixqK%2BksXG3BXJ%2BD8YNpSTBSUQ7W5c96tQCnFI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b56b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/399f7f1238d1fe8b2b51.js | 172.67.131.77 | 200 OK | 109 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/399f7f1238d1fe8b2b51.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size109 kB (108609 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/399f7f1238d1fe8b2b51.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1a841-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BuPsRGL2kkW%2F9cMrxJNeh8bUSRe0gc1Yg1Zl9GQn%2B0M1O%2BKqgu9jFqRB2kJe97iDt%2Feo7fvM8k7QcHp9moArWNPNKRP0aYYSFW1TUGlmc4zNMS%2BS5W72lcaR7MOVDjbN0c96TPHsqJw8bXJaK4rb97EDVncu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd3aa8db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/75851.82c9a7f8176d778029e3.js | 172.67.131.77 | 200 OK | 9.7 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/75851.82c9a7f8176d778029e3.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with very long lines (9810), with no line terminators Hashac6ef2a39ee1dd9bfd9906c593a8ffc6 0770b44a9791f7bb2d95b3c44c79a96fdf08ac4f 99c9f93237bec55428a7d0199a1a1c33239ff4f3afc72f09a03c860961430ad7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/75851.82c9a7f8176d778029e3.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"25ed-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khpYf%2FsrY8NlhzAgS7OBR%2F%2B1ejO9ZuL0dVpArQKjaDGcpZ8cPCXqikXoJrU1Q2JKdRIBp%2FdfwiPPJm9%2BxETA1%2BDYMiJU4a4dJdGZYYz6WfhOubXeLoBsk7GxWSUMv3lMglXKWGksGDfDJdULo%2BfQyEqaiPNR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba3ab7b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/62768.3bd3b009dc2945b07d60.js | 172.67.131.77 | 200 OK | 40 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/62768.3bd3b009dc2945b07d60.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (39620) Hashb6b6813d1e66352c0decf44454134375 95a172f9805fdeee7bf82568b66c493972b35ad3 b07bc7d7d0a9086f1b02065c938b99544f7d651295ca2c860b22ff02c482a239
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/62768.3bd3b009dc2945b07d60.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"9afb-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FS%2B2eq6xwwCtaYsidJA2S91Y%2FezlqBMS0YSwR%2BoosmQOK50QuyflAFF%2B3az2cwDHVDBS2OZPv0srvIFZhZ8L7IuTHQGo5fy96%2Bl8f2YPmEPjJjCefrOjj87Pw1BdDsM0E9OmeialLqLX5DFD1szYZMFlxXAA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba9b45b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/58409.1811376ebb7f14b0be53.js | 172.67.131.77 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/58409.1811376ebb7f14b0be53.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13964) Hashb04469c4ff1a1e4369a1238f1a6e7e13 baa699271e0bad0d5d568f5d0cb2dac21f5a2d0b 2dc6a1da0d49480f89ccab794ec25a14cab0ca4034039ae26e39faccdda82a50
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/58409.1811376ebb7f14b0be53.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"36c3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BhM3oKwUiW35Tvrx4qALwLfPJphXUwS%2BS3RNSZ9PjEDL4YGkwDNpfShLFvaaGvg%2FATaBVMDv6G0G%2BwHwbWUj6q%2FJ%2BguLNKxVNufIcJw3j16e5jichCJcxZtYRoBtpY2Pls8Y5tYgghCpiftqQDRSlsPDq7%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbb4c44b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js | 172.67.131.77 | 200 OK | 7.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7862), with no line terminators Hash625902fa44a404e6a8ebf4121ff34969 ad63637405e9c201a9d659bcaa0bbf2066d5ad14 0eb113e02582cd7a1158c377d64ff4991bc5b2cefdf08d664d89871e4a5f777d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CY7sDbCzs%2Fsm%2FRBACmuFaXaOB3uXLOl5SxB9kvj%2B5dw4czZqXxeLayQmhNS796ooi3hb5XikJ%2BNmRgePrDredltmt2HIRRx3U4BkUmec6ymL78wnPLQ3oeYcAnAlHaB6lrjixAxD7qzq5PZSLjnhvDdiFKg9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd487db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/auth/location-metadata | 172.67.131.77 | 200 OK | 112 B |
URL GET HTTP/3login.discord-bot-verification.xyz/api/v9/auth/location-metadata IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc01b8794c2578db83a624677863637dd 12f43acb250541e7b2f85a7ab1d21499ce354a69 6b31181fb19d9d5f68d14597f7fbd1dc0d07b6587784011d42f109a2854388a8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /api/v9/auth/location-metadata HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1240998966452027565.VD2kk94DbCNzK42hAMfMmwgHp-0
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNKzKJvaXKX0S5rBzgCu%2FWRlbqVNmngT3QHlPcx49TF7tGOLLvf6W8p3C1qdw0wE9HUAlAMDbYnqOgOLdgxWJsognvpKZHJbNgEnHD%2BgK7AlQPDXp4gcnnhuJhli"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=f1dbbc80144511efb94d1e582caa78a3; Expires=Wed, 16-May-2029 12:06:51 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=f1dbbc80144511efb94d1e582caa78a3dae756e46fbfd3472758478a96cf1a803cdd09042784bf4f74ed4a4ac76a9ea5; Expires=Wed, 16-May-2029 12:06:51 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=7bb340281815eeff3aebbc6d39bb6d50bd2a60a7-1715947611; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=1X4kISJvIW8RY2kQC6oDQA.0V_VQMpL2A3dpYLEurJY-1715947611540-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"70-gqIoBQ3hG3CLbAcu5S0O/xQbm9A"
server: cloudflare
cf-ray: 88537bd86a27b524-OSL
content-encoding: br
|
|
| login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css | 172.67.131.77 | 200 OK | 2.0 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size2.0 MB (1982257 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/app.efcb8c8bc767b60fbdd8.css HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:47 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"1e3f31-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y5Oer%2BVzxkWE42W5kNVBZw%2BzArAQqXQwB5HwsdIrHAiQaizmFoRnv3JBVSZQ0eyxEmFUrZvewb1547fEt1fe0b%2Fb9j8xXGHCQbx%2FY7l46kuGEH5nC2A7CghDdHNuUgqKQmmlTDofuYZf%2FhQ%2Bwhi0igsbIeER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bb9ea33b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/17820.e883271a8a21d461b3cc.js | 172.67.131.77 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/17820.e883271a8a21d461b3cc.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14165) Hash3eab1ae6e3a0d5dd18c280bb01fc9426 e09de192241afa3b47cfd3420cba919f5d5bee7c a7400219aa005e47acfbedf2ca55d9da87fc8d4386888f6c995c03358602793a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/17820.e883271a8a21d461b3cc.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"378c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjtqHS8ZAn3My5p9HGFfvJHhSVVwBC2a0fstBlrrMCK8mDUd3R7Kl%2BfL20bEvyXzp8dCLHBu3Nv2e1R%2BW1FRf9VWHO5nprUBEqFjYv6ArS31p7Kv2ohSC2lLgW2c9sEJqhYfksM4h%2BSC%2FX2ciC06NeaUOBFH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba0a5ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/1af9bdf041e000508e41.svg | 172.67.131.77 | 200 OK | 137 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/1af9bdf041e000508e41.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hashde7079c084523cbb534e908927ab5519 cd4e81dfbcc142ff38ac775c9302f26d3bd28fa0 b5d51114897461dedb697b36086385bdc8b62f56da6914fcec198644a96aa65a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/1af9bdf041e000508e41.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"89-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gL2%2FNxP3SLAVxihJ8EHvQYDmcKYF1UMqfP9eX6itE8Pom1B3A1XeA%2BOFNAMG7d0AkjlFu0wD8U0DoA5gc2p%2FWNp0Qvydc9480wyf5dw%2BItpAKOqTK4M4Jmqnt9zV%2FEtuFU1p5BUsRMM7c0THAfSZLDnhlO2C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd1812b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/8f581f91e7e650ac87a2.svg | 172.67.131.77 | 200 OK | 137 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/8f581f91e7e650ac87a2.svg IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash897482ffa8de9752445d3eab06524d8c be0afe5b3be92b25fd9baf6c4a98e30a8b4e831d 071d1d5a1ae9749fb0b9175ce5f7b74e994c97cb33f38e2a68bd717b32518dab
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/8f581f91e7e650ac87a2.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"89-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GJnGYWgQNcd8Uk%2BQd79TiONE6aHCF60nZUY3OhQPty0x%2BbropmxbFe2voFtlLBlhIeB5qJTnPKRYJwexNJjBOFkwz%2F17mQ8ETp34NW1Ym%2BK4JPE1ua%2Bs6Nrl4b9zvyo%2BjMP4PypUn%2BuhIlnXdjTVPfUErY2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bcd1826b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/20ac37ed2576dd48d7dc.woff2 | 172.67.131.77 | 200 OK | 65 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/20ac37ed2576dd48d7dc.woff2 IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hash84b7416cff14fd88e25c7a5e808f96e7 141dc0f5c13044dad660a2add445baf5c472dffb d8c6f38967f6cf2d568e34abe3e04c2c2c195becd596c1cee7b9b83822dd768c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/20ac37ed2576dd48d7dc.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:51 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3VxDWK6Kg03LNzgu1nykKX89SNMGpcQTD7ZxiT98RMafOdKbLSbc8tVZ%2FRYWa4sffBDdEx0Ap%2BUsSYh1Y38ur3jfDY2dZkaxky1gPEl06Q26oaow4QPLea%2BOTVqV0rGJxNd35u669dmZDLtz8NxRP5JEpQkf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd849f3b524-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94491.6feea119a246906e42da.js | 172.67.131.77 | 200 OK | 30 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94491.6feea119a246906e42da.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (29770) Hash2b097f530ff3ef39552a90e18a8bd883 326b60321000b059a090e4ef046b9421d64962f5 dd4f80fbf943312c9ed47c07c0cd767cfa20d3657f0b50a5787704991ee85f00
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94491.6feea119a246906e42da.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"7481-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYVtaqpG%2FYGzwJz%2FYW3%2F00spon0ET2i37yoChy9l5GaPOojAflo4AtfVcFxFLT64AI8BPUNV71HRT9EKLhijjxiKcyqPV1%2B6t2XE2O%2BHnE3GOTTuQ%2BgwX1nq288jUQUejEsgvdaDH9KeZOj86wi1ODwvNT72"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bba7b17b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/images/favicon.ico | 172.67.131.77 | 200 OK | 25 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/images/favicon.ico IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeMS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashec2c34cadd4b5f4594415127380a85e6 e7e129270da0153510ef04a148d08702b980b679 128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/favicon.ico HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:48 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:48:45 GMT
etag: W/"5ff5-18d28d8fa48"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JoB7gWHUOnXmBIHejLKLIOVnA9KJuykXTa6UL3VkRivPHZvpAXVP4JxNVUreUx%2BDyUj41LcfRCWv%2F%2FS60euWCROMFjFAnlFV%2Bsm3ZsydVe3awPK3FtQDZr%2Fejuo2SN1fa4%2FA7XBOsNo4UXm8FJh6fsfOhDJa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bc888adb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/e9e649f003bbece806b1.js | 172.67.131.77 | 200 OK | 16 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/e9e649f003bbece806b1.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (15715) Hash6a513e08bb57247ee2a7f7f28392d957 9ad8a8814f81f63d7e6302f913b45a047f2e8985 e6a791274ec54c4a3ac6c8b2f7a2689d04e9579f00b218e9e849abae247c0fc6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/e9e649f003bbece806b1.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3d94-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVsUFtOgRZqCvQh0r6UNP%2BiOE7RsKCfjlyMVT2z2QiFV9uYZxu%2Fs6B0qVR8rtQZmtvX%2Fkvha%2FEQAjWOiZUSxjFpuntYcICGSGYK4NVHTRgNJp8Tg53o%2BhVJTvRc0h3Nh%2F81ALew6ZIkCU9XuWiXklKUbg%2FVt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd39a65b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/experiments?with_guild_experiments=true | 172.67.131.77 | 200 OK | 37 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/api/v9/experiments?with_guild_experiments=true IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hash429bd73e96541f21c64ea117b860a208 0cbd147694454ff01b8ef59b1f722dfcdfd4f79d 1a4478ad9c2b92e3bcea5ab1fd69977271f33c46705ef78e4e629f4e1509edc6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /api/v9/experiments?with_guild_experiments=true HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Context-Properties: eyJsb2NhdGlvbiI6Ii9vYXV0aDIvYXV0aG9yaXplIn0=
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MqLZEB5%2FWAPzo8he3IbQ2VjtP19t4ChIALcKi8Rm84fslTGbxKu0lVwcwXn5Khig7c%2FHk68BFQdW%2Fxihhkt0Mm7WqOEhOvjdNZTpZ30o8LN5V8OizpFe2pV29O15"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=f123f1cc144511efbce852794bd4ffb8; Expires=Wed, 16-May-2029 12:06:50 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=f123f1cc144511efbce852794bd4ffb835840e965d92b5d17c008512fa2373007947efe4f1dccee29a7c3b66cce4e9a2; Expires=Wed, 16-May-2029 12:06:50 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=12541377fe5ed64425910d68e711ba90cb5a08fa-1715947610; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=PlwcP._2uubX9Y2JQyua0850P7oFAxl8Qm3U11sILGM-1715947610291-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"91eb-DL0UdpRFT/AbjvWbH3It/N/U950"
server: cloudflare
cf-ray: 88537bd319beb524-OSL
content-encoding: br
|
|
| login.discord-bot-verification.xyz/assets/78995.c052e63a7b5574176cf3.js | 172.67.131.77 | 200 OK | 19 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/78995.c052e63a7b5574176cf3.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/78995.c052e63a7b5574176cf3.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4b93-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIAjLK6Ys%2FRYKoT6fxgDOaSk%2B5U3ErFuyuE7QTqAiGBWh8T%2BCdiIN4toL2DHNLWE%2BJRHmrLQEvGX4onQxp2S2LNxvhlaM5eWG3oCGhTph%2BuOPEW7xMZfTs4Y5VmoNBV5WN7LhFnbSkckNCn9cYM%2BIPkKBDWJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd36a30b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/55639.406bee7d3e2064cd65d4.js | 172.67.131.77 | 200 OK | 28 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/55639.406bee7d3e2064cd65d4.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (27753) Hash75d1d4ed4e9080766fea15d7548a9472 b64d354f4c71d5176d3cb52dc7e55e752b48059a 66e11c8abc27f8285a8a7a8179af491f8b5d8e797b92afe6bd4a2cd710b2e122
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/55639.406bee7d3e2064cd65d4.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"6ca0-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJM%2BiVOhq92HyTy0WpewexGZqLIV1Hzmle4y1CFs%2BJZSkp8rrri5sJ0cgKn6YnVZpjA6TCrrPZBC0O%2FypjZjLCr%2BS3YgqBip9YJtJNbMlrm1W3ne3FbQyicEPq4L23jMzhtZeEp6Bs8PNv%2BN99RFPt6Bo7nQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbaab70b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/40876.477d9a39902b14c7bd0a.js | 172.67.131.77 | 200 OK | 39 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/40876.477d9a39902b14c7bd0a.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (38897) Hash167366b2e3d129cc3dced1a4e7dbd82b 62a0800ba5389dfb92136e31c08cfabacdccb8fe e943c9ed5fd4c16dc88029340b62dccd9afb900ed4501c7bd14e6264a34df983
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/40876.477d9a39902b14c7bd0a.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:46 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"9828-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uvLcBRAyEKvMw3hC6YM8C%2Fx9PJhz%2FsadJC6eGr%2F1bOdTpF3BSEkrYpSLeAqDSsHnxMc76PBRpPM3LfDfIhiPkVDg6lKWfi7nfONcTBIBDZ8nKERT7km7Z5JQaHsgKmpXf0%2BdArHd1Ql6ZkccHpA5iXgd6zII"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bbabb8cb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/96634.06d9840e14d8b8f41b43.js | 172.67.131.77 | 200 OK | 16 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/96634.06d9840e14d8b8f41b43.js IP172.67.131.77:443
Requested byhttps://login.discord-bot-verification.xyz/oauth2/authorize?client_id=1237051281697275984&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state==kjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (16229) Hashb924f4be14a3e2330a86646c12dd033e fb8f63674d6d1b4a937d5e293bb46a10a384bc03 d65f5776f04bea788fecab1869863fdbd743604e16b45c40a3a5c91029b80057
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/96634.06d9840e14d8b8f41b43.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=%2Foauth2%2Fauthorize%3Fclient_id%3D1237051281697275984%26redirect_uri%3Dhttps%3A%2F%2Frestorecord.com%2Fcallback%26response_type%3Dcode%26scope%3Didentify%2520guilds%2520guilds.join%26state%3D%3DkjSpVWNo5GT1lzVhBjRykFcadVY5ZVbkRXUzIWaxMkW5ljMZpHbHpVd0cVYulzRil2bqlUdsdVW0lzRal2dplEerRlSFhGVKdEbUp0dZVlSGxGVKBzaUp0RsRlS3lVVKdXSUp0QKRlS0UERNlXVDRWdWdEZ1ljMRdXSUpUdWdlWVpUaPlWVXJGa10WSzNmaOdXRE5ENjRkT1UFVNNTRq9UaNhlW5x2RjRjVtl0cJNkT0sGVONTS65UNZRVT0kEVNFTQ65keJRVTp9maJtGbFRWdWdVYz5UbJNXSp50dnpWTzcGRNlXQU9ENVRUT3VleNRTQU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 17 May 2024 12:06:50 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3f9c-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NX8fxLBG1%2Bbtynk%2BuHlsrQnEPSs7V3BbyDaWuRwYGHXKlYRz7K4eIJsXckF58XEl%2Bu4HlRsOusepLYRwgU7BCODr2lgpTr9JDyMWevuH2e6t%2FEmJJl7CIZrnkHYmHxUIq2JiGYt80nmRP9AmHEHWdEi38g%2BZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88537bd39a72b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|