| login.discord-bot-verification.xyz/assets/81161.16bd418e776559e11cd2.js |  104.21.10.98 | 200 OK | 5.2 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/81161.16bd418e776559e11cd2.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (15686) Hash3c97dbccfd4e8411ca557fa727fd0a19 f35fea6cecdc989d2850b9a1f7abd2330aff5133 ca76d86c4f5150906a316d1ca088cd09eadbd882971821fa6e030127b81eac32
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/81161.16bd418e776559e11cd2.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3d7d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNi%2F%2FynUMI3DwUoa87tNR9Q8%2FPhfFTueA7%2BrLACUiTCmEcNUrMaKy3kiKkN0HV5pj60GiXzyYg2MdVUE7v6mPgVMwJpgq%2FXNU227KZ7SmsI%2F9h06C8jAR8w89QBNJFqSxfihHqjhKseyvhAZTJSWqDhmz2wf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431eebb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/69628.7b15742208fc0d4aa02d.js | 104.21.10.98 | 200 OK | 29 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/69628.7b15742208fc0d4aa02d.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65519), with no line terminators Hash345efed9d62429e18913d1635c5e90b0 f764667ec4e7eb14802a586c865797dc041e5d87 d9373ccd4bb87c72365f519e305eb5f9c9f5ef347569b34ef08bf3126a9389c9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/69628.7b15742208fc0d4aa02d.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"164df-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRly%2B7ZgaIQk5wEqwtA3zWI4oRfcDO0DbLX2FZwXkR8lQPqtWdvWEaihZE2L7%2BEcxZni8TK1450H6FarpSNWNvLshASU08fxTCux0Kq0Cmhm%2FKOPrLqIG%2FjgWAfPBQ4zxGDIDUbnh9y%2F7H1barVjjPC%2FRcfE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432f12b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/78891.2eacf9854660d1cbcc66.js | 104.21.10.98 | 200 OK | 3.7 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/78891.2eacf9854660d1cbcc66.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8359) Hashe6316733a921697e7ab77ee310d708bf 6877264ab1bfacd94741bf3b580d022c873d2775 82a3fbe09bb9ea57d00ea2b4b6a88eb6cd0b967f888ce5da692ca74456402d65
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/78891.2eacf9854660d1cbcc66.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"20de-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ktZ9vIQXsWJ3GKeyNqjK%2FeGAJPJlDSg5Ffu6VvgaNSsNX9IANxlwrVT0AYThN0kLGm0tCSv94buLZSMK5CboJ2aYwoQ8jXY%2FsmadR1qN0SptuV4fv7UV%2FMeYfVBV%2BGuZDV5R9Xol30YpMIzUPucSnOIk7g7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432f0bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/89261.02ed5e657cba70087452.js | 104.21.10.98 | 200 OK | 5.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/89261.02ed5e657cba70087452.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14959) Hash792d2294c9fb0e7d0a07bff3abbb0d0b e3ec35950876ae2e409e65759d0802c00a91e40e 2d3415e0b866788b07564eeec5035c17ac14645fd13b0bcb9bdf71b5f66a1e69
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/89261.02ed5e657cba70087452.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3aa6-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=24cUcPxmXuogPPK21BrMgy5MkutOlVqtOCxL9TeaC9%2Fc90YLWu8VBR1EWVIXpxXxMPZFUn%2B2vPbvmaon6P1B9SVy2oxvWBeUxrvgUqrGBBtthubw%2B%2B5j%2BFhenRzSZRvm81yevtSoPHIzLRbFNKp1H46mNoxN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ee7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94381.75805595bcb471e9283c.js | 104.21.10.98 | 200 OK | 13 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94381.75805595bcb471e9283c.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (17283) Hash1d9461b1a5901db3a1913721102de7f6 b5aaaaf164bd8d45b150d86ec7580dd08743efc3 8fee5c60698b99ceefb3b9443339bf6ae1b610b3e5df65ef668eb1dbc8643dde
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94381.75805595bcb471e9283c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"43ba-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yq2p%2FYPR0isE9H3XjxgHOZKH7Kzwe3I2Cdqtl4aa%2B8bayhoHpAVJR1Fg0ncD7ziNp3DRZjSciCXcydHAhbV7Q5J8XKplf1zrX7Y5xei2vBIZS1Gs7cs5U0RPKjHWeP%2FYdFLone7GJAIlmPnYpCHa15eTSTzy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1433f20b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/26737.36ed5a81390b304d18a5.js | 104.21.10.98 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/26737.36ed5a81390b304d18a5.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (9316) Hash7604b5a900f3a6037a6b372929243915 0cf8b92e08d6fa7c56b3be292e4591a141c8d474 8d5e4c8be01c4a977240ef461a01416a0bc1f0f4b100226fe1db872102674787
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/26737.36ed5a81390b304d18a5.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"249b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQTrwVuKq9G89Wu1iUO9IjRm6xQXCWe2sthaHeiIBXIvIkyeKwnxXYHHkGs0GECN1ivKmNYnnq6GhZt0jg2IbgXcRWiANtIlua2C6jwGzFtUUz6Sja%2BZMp2iXxDV4QDluPRqQOkyiq8vN4%2Fph6UtuctU163Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431eeab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/27043.105ce50242094adf158e.js | 104.21.10.98 | 200 OK | 38 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/27043.105ce50242094adf158e.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53618), with no line terminators Hash996732862910a2abada4c2402c3f2df2 1dab728a5acc1af56cb3f56d28c1c5949496046e f20671ad205c5aa544f8e6a464928307e8c638469e65a3628506967cdb3064d5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/27043.105ce50242094adf158e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"16445-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1vmjwH0%2FVfKuz8mugA%2B5SWyGV14LhXZ48WiHmh5NH9zT5LbwkSVRcfN4ywqbzcfCIerGrTjqeZ14zklXHJmDxUnIltU57FOFvvV1M7TUwZB8lp5bbQMpwUwCJ3vVe6Zm2doeAh%2FS6j307swztUgLzqOjWQe9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432eeeb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/64612.26d2bf1afbde26a43a76.js | 104.21.10.98 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/64612.26d2bf1afbde26a43a76.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (15643) Hashe889f804c915f5278e961cde93d50e20 25e94c62cca79bfaba361e27e49cc687e72b74dd f3649beebf41954e8e4aceed2d74c5fcc81a61e1123b4190efa9a02f785977fd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/64612.26d2bf1afbde26a43a76.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3d52-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJ5xjdNMjld9ttsRAZl1ij15o8B27CRDrZLsB%2FPsbnuraEr4Tyh0FJMsq3XcYVASK5hRgaHN7wSBiBwlP1mejuKPDqvNTb82qjIpKGcDmEixNfKDpba0tjw9%2BmGDCAskBWlOFPQ6FaWpVybo3cHSJ%2Fx7MJIa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432f06b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/55639.406bee7d3e2064cd65d4.js | 104.21.10.98 | 200 OK | 16 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/55639.406bee7d3e2064cd65d4.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (27753) Hash75d1d4ed4e9080766fea15d7548a9472 b64d354f4c71d5176d3cb52dc7e55e752b48059a 66e11c8abc27f8285a8a7a8179af491f8b5d8e797b92afe6bd4a2cd710b2e122
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/55639.406bee7d3e2064cd65d4.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"6ca0-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fM84FPOBUiWKzNJ5QFe0XZXdeGYuu46FAHdd3fsW5FmV2RJg6zbMV8Jnn1Y365RCc%2Bo7QNM%2FhJn3%2B%2F3LepNXd%2FEdehpxJUZ%2B%2BgGMHK99InwWI83f%2FORV7kQ2RgZ7dzsxsSBhEIsDZjbuE415rGvDN3iHgHJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432ef8b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/78033.af8587a9881dd8fba471.js | 104.21.10.98 | 200 OK | 374 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/78033.af8587a9881dd8fba471.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size374 kB (374250 bytes) Hash1129d530cb0a18373835e6a08fcd6014 1a2f63f861c3808eb65ac44064122a45e9d07495 dd97597cd3a69d238d56348ce7161ee99779f99b34185f5458f5d10681090f35
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/78033.af8587a9881dd8fba471.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1567d1-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSXfiIXBEikaidEiR3g3X9XJnb10r3ltrOhGB0Hkj6IaelXMUhE8nsu4uTYPyO6yaM7aU1bFia14%2BW7NYJ4Crq3MevXRKDz909mzPccE6eJ2h1ETav5OR0JLGIXCKNO%2BVaqhziAVGnivpGxgz6td%2BBYKLNZB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432ef1b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/96897.008f2a416a4c547f02a7.js | 104.21.10.98 | 200 OK | 3.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/96897.008f2a416a4c547f02a7.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8837) Hasha3946e3991310d371a3ab4681b4393bc 824e35b8880ae83721ea69a10f21495f10f615de ccb9613d9f9de5681270cecf0c9e81712c5a7f65357f3c9eafe421a9109b15a3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/96897.008f2a416a4c547f02a7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"22bc-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rPCDPOTsixI4gmcMbZmGOrpMvWJkeKlsGj1AljBAGzHxVqBVW4d8NdEZRAnzT4vH7fYUxmMfNJNNYEY6uIDudvILWHiLc9hmjQVXLxNOThcj8t8c6lDokbXZlfoc2DI91TbpCnrHb8Qu1B1RIJgufnmLaFUB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ee8b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js | 104.21.10.98 | 302 Found | 0 B |
URL GET HTTP/3login.discord-bot-verification.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 09 May 2024 18:40:23 GMT
content-length: 0
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wMrY%2Fif2QGNBATcgvpi4fomU3HzKpoETcb%2F2QmQU%2FW7Dcf9I0OX7rMVymwnVINLPPK6rYz8frOWMVi3J7ZJUaRS0nGJk%2FkRMPD882dwVwPioZKQGFX186TiynYZ72J70Hf9WbJ%2FVQZMHhzkvOUaZ4lPsb%2FR%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d155a911b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/48059.86a954da9c9a44ee9dee.js | 104.21.10.98 | 200 OK | 216 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/48059.86a954da9c9a44ee9dee.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size216 kB (215982 bytes) Hash0913b93dc0dd7e4beacfbb0303501b18 e2fa12d63460ad8a54218971c444b085958ced88 9f32de28a06abc9233adf200a94a4d637cd39ab3b3970390175b42e09e5820fe
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/48059.86a954da9c9a44ee9dee.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1d7d9-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZ%2FVOEFwOdFmTy27tSlWVpzYx3zV%2F%2FbLGkQGU%2BL%2FZfi%2FauAJHk7YVqYIwgnFtOf8hAREwqz5NpUkXzqYBr3J9FPvvEA%2BHlwKVZiqgUpWKR3h2qPjgEwpNaFtWIqTR5s1Hdk628mtc8%2FMTqU7fFic4MNgA1E%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432ef4b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/18409.4b935bbdaf404e1ee4c3.js | 104.21.10.98 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/18409.4b935bbdaf404e1ee4c3.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9485) Hash29920b68fe02222e46d03962e1a6b98d 499b49c4a23245d3707d765ae5b580da0b7669db 834dc61d92b2544ae84b60bde591e551fa6d167d7720b4fe8f0a2044ad08804e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/18409.4b935bbdaf404e1ee4c3.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2546-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1tNlUkfKuCypYd6sljnv%2FX724azE3ij72Zk4cCFHuQ8q5Mgfb6l8Tq65beFYP5vH9KcKt4pimBcaMRPoN9vkiElDt8O6mLHZwGMqPgoFtoShqc7BAyha911Z%2F4%2BbOohyf8VZA4g%2FZd8j41hdiM8OXjFC52A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432f07b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/3341.1a1f8595a0c8fc9f99cf.js | 104.21.10.98 | 200 OK | 3.7 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/3341.1a1f8595a0c8fc9f99cf.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8424) Hash3739dd26278a6a2149a5a956ee334367 44d14091495b00f64c5a4b82efcf2912e068a23e 894f8e702cc1ed258b681930c7bbd67ebb41dafe243a1b46766dafe845a357a6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/3341.1a1f8595a0c8fc9f99cf.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"211e-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmqaTZmnAnHlonFW6PVrSzpCBuQYCqbJTz3jfvjtlNNcpejkKMg8CwE38Aw5AiV5i3iRMNEAouwJbY9%2BzxtP%2BNhgNuS2kn6l%2BAbFE2vCUWp0dLeAq65dyK%2B%2FPj0SZb8oNyvKRvazGRM0sCb1%2BzfgIlQKHjzG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1435f71b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/11538.db58e10c3c76859618f0.js | 104.21.10.98 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/11538.db58e10c3c76859618f0.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (30244) Hash7f54de7efa90ea0e15b1c612bad83249 1a5edff4e5621f3f3fe3c536c18cd787872aa17e db01fa5a4d163102243a550ad6e1f79763c2b718a1e4e1261bbbaf0c548f5b2b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/11538.db58e10c3c76859618f0.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"765b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emAuyD%2FSA4DLQN%2BonPYjKGv9SiUTDU%2BJwqxg25A1WuvFjpaJkaWx7S8HPXo3M1syPxF3WQuJyMhkhw6eu4jbR0aZv67UcGZVLJmgxe8MrK2GwMbyt%2Bc5YLdD0bkV4WlQXGD0EesygPPijFpwL73upv%2FJ1Zjo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1433f2eb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/65225.45a68e44217bdc89eb40.js | 104.21.10.98 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/65225.45a68e44217bdc89eb40.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash5ccb90b22d94fa973ac33a2890fc7929 bb8b8e3a4a475920dc76225e76dad6c1305a76e8 e06633cbe7f25420c71e6a28fd6ccab71404df0d3fcf630e26cdb040e0e0ae2f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/65225.45a68e44217bdc89eb40.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"127f6-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIMDNXE%2F25TNOqcGlEKRts1bo1IdHlCTE2TLUwggTP%2BeF%2BWI7TyFJgRiF9%2BdAiMTLqytKcebkqkTIfx3i9f809N1KuexgbkoCMZUtThTQzKFIWFPnms0fIRxnHHRxM7HYiuFF8taj3ffQH6qB5eEfWTqQV2k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432f14b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/web.a572a92ab0a38d32b311.js | 104.21.10.98 | 200 OK | 68 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/web.a572a92ab0a38d32b311.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb97d0dbd751b156ed94ff7be9e299ec2 a7adab0116d09edf46e2fc7ddce04b410cac250f 866bf767de1021c0532594c9493db97ea678bb09641905230423d3276937fc9c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/web.a572a92ab0a38d32b311.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1c3ff-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxUiSiBxi6gVb%2BBhnkssv5Ab7FNpZULcEmsaM%2BQgAqwvB1FRPfVqYJd4ReOpGpMoiNiqHiOMyH5sCjNqV1ZupvpK0%2BBCWFYYV9uuRYAJ%2FEqko4SO%2BYJkzZHeXxmyOaJSk5KorKFTwZxkCDHUmPfRtrEfWEzg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1434f57b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/58409.1811376ebb7f14b0be53.js | 104.21.10.98 | 200 OK | 5.0 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/58409.1811376ebb7f14b0be53.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13964) Hashb04469c4ff1a1e4369a1238f1a6e7e13 baa699271e0bad0d5d568f5d0cb2dac21f5a2d0b 2dc6a1da0d49480f89ccab794ec25a14cab0ca4034039ae26e39faccdda82a50
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/58409.1811376ebb7f14b0be53.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"36c3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Syv%2FFIeLpp8ziCq9QRNvMsJzZ3ira7DchOGvOtIAf58nXqpTwLnekA6WL6UNPycBYo5cDh5ReAGBqjs8Z6%2FCxmcdtiu%2Fbc2XoeovjnONFWUcTxceWn1VojRuiKaxTxUbeuZPkp2g1eKulkkWKZZ6UhX94jR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1435f6eb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94288.dbd73ecb6b1482a870b7.js | 104.21.10.98 | 200 OK | 36 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94288.dbd73ecb6b1482a870b7.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (9979) Hash38d4ac71291ec9223ae33b9ebb5a4e89 7282b3fb164396d9510224b3040a89902c825546 9a8d5847b100e711a41231d5c45682b01b8173438f96c52667fd872976c18cc9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94288.dbd73ecb6b1482a870b7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2732-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtcYutfk1%2BOiJi%2FvjNz4SPM9Nm7Kb2U8l3sxaRsmJ6tqe4rZuWKINcV8T55MLwuFMytzMMeetviPx%2BCQcMpzk4%2FKswoJqTX32CRlAEXtSEsOyBdWNlegI93NMA5%2BQec4eCBvA5EgivdgTdTt6xNdIDQ4lGHK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d144ea6ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/9a02726c2f8410020238.woff2 | 104.21.10.98 | 200 OK | 188 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/9a02726c2f8410020238.woff2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 187596, version 2.459 Size188 kB (187596 bytes) Hashe55012627a8f6e7203b72a8de730c483 4c43b88403ec9c3053d74b4c502bcaf99f594c57 8390503760c8f26556001a28e7d95e4a237a4780e7ceeebf0853ce252fde4ba8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/9a02726c2f8410020238.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:25 GMT
content-type: font/woff2
content-length: 187596
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:24 GMT
etag: W/"2dccc-18d28d992a0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ByJHgkdhlhc1kxdxA1fSapvVrLuzRQgv3RNiUb8glSkW1cQUNLCiQPReYXAlx6Mg04vVkeX99PD5lAoYm6TTqCvCrr%2B64ADOJA%2BSqE8YbKQ8gyQVPtpn2ddPi%2Brrp1sDKK5zZDctPk8ZY%2BT4q8hqhnsS8l8J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15c1c44b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/science | 104.21.10.98 | 204 No Content | 0 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1238198906362265752.9wA1W2JFYqaTj3CY5Eiyg9S8erc
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 399
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 09 May 2024 18:40:25 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvLqZKh3untbSli3SuJZ9GwD0F%2FCHgP7SXnSnhAlrglde8DF2XPwc22AOribC28NqWxhJRnyD0mpyCHy%2FO12IviRxiRfPfCtUL%2F2DasKAH1DhEL3H9DUl3103hB%2B"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=5e882caf6562a24dac142165da693dd7c082cc69-1715280025; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=Q9..b2cxJzFSjsDItiLSkdHTbOkQMXLRb1llGHgiiQ4-1715280025712-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 8813d15c5cb3b509-OSL
|
|
| login.discord-bot-verification.xyz/assets/41831.ad048c0163425aea4d2e.js | 104.21.10.98 | 200 OK | 185 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/41831.ad048c0163425aea4d2e.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (15734) Size185 kB (184842 bytes) Hashaa0f56ed2b08f1029037fc3d27925069 87365d2e6e51333ebd33cdc51cad33fa7aa5fc44 84267bc281052f153133ac0dacddd98dfbf3edaa99aa2b60f0ed645e90d1c0d1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/41831.ad048c0163425aea4d2e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3dad-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nGfNnsLvCEOmwNEJRWWc9JByMRcGwxh8x0U0KU8aBecaSehP0dFX%2BeoKlciiAEffvW3FYZWAk%2B6%2BC8PzJZhynaF4cmuffLyBP1jgy4%2B%2Fw5vIBls73%2BNIkvjU4qeukxvVd5SKUGKC5T0X3yTnPsvU1XkWI7Lv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe42b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/e0ece3c23b33d18f4d00.woff2 | 104.21.10.98 | 200 OK | 187 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/e0ece3c23b33d18f4d00.woff2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 186744, version 2.459 Size187 kB (186744 bytes) Hash05422eb499ddf5616e44a52c4f1063ae eab3a7e41cbf851df0f0962ed18130cf89673a65 c1d71bd80fc3ecf5ef1a97092a456a046d55fd264be721f2a25be3e59ccb8b2b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/e0ece3c23b33d18f4d00.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:25 GMT
content-type: font/woff2
content-length: 186744
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:41 GMT
etag: W/"2d978-18d28d9d508"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pv6LbJkDY2gj6gJWdaUWer%2BFtXFU3TzkBnpL%2Bm6lmEvnlat52PZdjXARvDoGKcoeo3g8Jsk1%2FWj04bURQf80TdMRVktI1wAMiwKsExEDDI4UOhEAv71LFX%2BWTN8dno9wpX%2BlUi1d7QWOmlzUaCUkUtfgCJtT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15d9eceb509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/science | 104.21.10.98 | 204 No Content | 0 B |
URL POST HTTP/3login.discord-bot-verification.xyz/api/v9/science IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1238198906362265752.9wA1W2JFYqaTj3CY5Eiyg9S8erc
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 751
Origin: https://login.discord-bot-verification.xyz
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 09 May 2024 18:40:26 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9VhuBD7BZDL17%2B9eGtYTFOYpbfMaAbONv4Y3eCubWAe9rSIMi3Uj96JLOMoOlf5yUrxC3Cg70ITw4IXssfqaslKJGE30nATzJ10aanYlObWBpEgByZ3TwYgtW7o"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=98037faaa6684e7e2f7e733ce0aacb481ce569d9-1715280026; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=kRNTE.AO01wzs8XFeOaVo3fNsucJ0kvQ0Me2895HG5g-1715280026006-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 8813d1617d8ab509-OSL
|
|
| login.discord-bot-verification.xyz/api/v9/experiments?with_guild_experiments=true | 104.21.10.98 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/api/v9/experiments?with_guild_experiments=true IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hash7e22f6803e9d26fb2d1a2d5782a4a3cb 4b21624f5af4bd554436037183a916a62eacedb1 85634a422e1931d032a5a35bbe01cc766295e145890b7509254ef69ea23573b8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /api/v9/experiments?with_guild_experiments=true HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Context-Properties: eyJsb2NhdGlvbiI6IkxvZ2luIn0=
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=waLlH0nKD18lLqsiJKHNDM%2FLAaWnWmLxA%2FSQNih8ADiH%2BvRb9fD%2B02A%2BRmRX0p8daB4I%2BrwXsaqUyPDEIM%2BLXhNwcISTdscuvbeuOpHMFwnBLShj5fyR5dZFQSlt"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=98b461240e3311ef9b2df61a3dcdf76b; Expires=Tue, 08-May-2029 18:40:23 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=98b461240e3311ef9b2df61a3dcdf76b2b6422230e53071d0ab6f7dabcec495bca11e112d1d351f756d4da16ef0b2772; Expires=Tue, 08-May-2029 18:40:23 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=ce5c375a4d1275f497ada981acb7384addb781f8-1715280024; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=EPLmcWsfXNsTPUbs5F3ZK9jURv.Vqw7y_7aLbQKaPFg-1715280024017-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"9125-SyFiT1r0vVVENgNxg6kWpi6s7bE"
server: cloudflare
cf-ray: 8813d153dd95b509-OSL
content-encoding: br
|
|
| login.discord-bot-verification.xyz/assets/98106.5d0f74b94113ede84656.js | 104.21.10.98 | 200 OK | 59 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/98106.5d0f74b94113ede84656.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash052c17e11e732de852f587cb1fe2cda5 31a92c74ce4c31c741d43570106a7086c94362fa 52bf56ddfb5538d260a9163c9fa4bd213fb2b79ee3da2a2cda4de6c37ed53ff6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/98106.5d0f74b94113ede84656.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1afee-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RbIHsTUV5423msAA72RNgLJJCfxVbmQKsUtRAgZXKjz7hFE2%2FUHXPGDCrm6IoeWnP3JLTZNXFEa5s3N%2BMoqk6VWAQS18CVq8KwELVtBSZmb9j9OV%2BybQVfRdL1oaxQ2D2omme4H6A%2BYFBy5VjagXcodRSNHT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d155e98fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/8e64227ebe6f34850334.js | 104.21.10.98 | 200 OK | 101 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/8e64227ebe6f34850334.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2138) Size101 kB (101240 bytes) Hash22e992f0628b3d94ae2c99ad0e437656 f18568913acb85bc2c740e9d619d2ba7f5765d78 4364f4990adfdfae452760d6adc89de0ca942751ed196160c1196c9602145169
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/8e64227ebe6f34850334.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:23 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"88b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g1muFKL1ms3YwE%2FeOu8mIxCoUfWrLotevkl9Tzw0tzSMU1pWgdWn%2FTF%2BBq9HeB68IFv%2BKVtuULbBGmkwPgsKb2IcCEz4%2FME2OX9N2dKzFvbT%2BMT08uO7pWa0kDw6lDM9Dm36%2BAAXMLAHdqAucVSkGzZ9GfY3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d154af2db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/40413.ee00763112ee8df65f08.js | 104.21.10.98 | 200 OK | 3.6 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/40413.ee00763112ee8df65f08.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7852) Hashf0986fcfdc0641a2f3aee655efeb8a6e 761bf94f6be23c58d5635cab8c3bb6931bba4ad5 e491218f2b01660c8ce2cd1be5d7681b253c644b57e6a392fc792449415f2187
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/40413.ee00763112ee8df65f08.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1ee3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGxm2zGL7qprBNdegJbXL%2F1ckKOo2GOHLfolu3aRnN0NW3Cbt4FMEsxKVYs9tWYkLVf9%2FCTAaVQRmo97wyOF0lAdGXlaKbngxYDhxSels9bk0p42aV7ROlvtKay3TLTm5E5IBuRUnjZTtYpFcDG7%2F9TVrUsG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d155e9aab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/78995.c052e63a7b5574176cf3.js | 104.21.10.98 | 200 OK | 164 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/78995.c052e63a7b5574176cf3.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (19290) Size164 kB (163636 bytes) Hash2d6aece212c2364cac52e5884f3b6994 8454cb25556f9d237d0ddcc1d4fc2c90b08bb2e0 bccc5a78b19ee8d6dd90c8d09b30acc8ca46e0114cf9584eb5cc0b58ebd4f86c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/78995.c052e63a7b5574176cf3.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4b93-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GTKcd9ZwKMYW1FFvwiTSxMkSAE7qpzJkvA7o0PnZm4N5CbffzmPtkvDmx%2FZnlnDEIFCPVcy83iotEf4VBOo07H4t8T4hvAfpUn5wXAuUdeZpgrQwErANmYXoREljWEJpaJfuVewG30WIFsSwa63gsNDwfZKC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d155f9bfb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/6086.2af42e57fcf6739db519.js | 104.21.10.98 | 200 OK | 177 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/6086.2af42e57fcf6739db519.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (19374) Size177 kB (177249 bytes) Hash6fc5e9f209e47dece5d8e86354e38916 78a29b4cf26974c725b5952e0b65baed2e3309c6 014e1cfc914dc362f3a55113e3aa27163bcd88c8323905e7d8b43c7b16ae821d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/6086.2af42e57fcf6739db519.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4be4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMtwWWN3WVcBuLvmb6nqqXrSMeIJfluyeiEhJUCDfIBTp%2FrPsrN2ttXYxxocXJmuQ4AnPlZBSrWVDIaaYJekUaSDU%2Bm1Wj9I%2BCU1mfK%2BFXQdSMiwqjWGNnDo8GPi5Z4f3hdbWcRO%2F7tCwDSs0YFuQxh3SGvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432f05b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/18667.a2153b412864bc0484ff.js | 104.21.10.98 | 200 OK | 11 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/18667.a2153b412864bc0484ff.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (11075) Hash40ac4831e99b9248bfcac7f7dc820c49 ff2b273c92b32ed9a0849743bec41a5af5b9d3c1 b47a9d595f8492f38ccddba2d47641117fc6a8426d73db79218259717462518f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/18667.a2153b412864bc0484ff.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2b7a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tq5p%2BHKqCNkx6wQUe9X87lR6LZ6zVil0D7xdICuAp4xmPr%2FmnrSK3OSYvZGdcEtfOzLfd75R%2FVmU4g1qbZwX2EkrBWqL5x1pr6F5S16owuHspxl1izAnwUbxwbEqdFLvJwnFxXxD2kf9GXazi7uHMVxT40J0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15619f4b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/62783.e18caa1168cc95380ff7.js | 104.21.10.98 | 200 OK | 100 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/62783.e18caa1168cc95380ff7.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasha98ad4c95668e7f4c84026bb92b67cab 7491bc769395414fb0547fd10164defb59634ee3 68e24e65cc7a6af0a0d33cac04f39aca1e1e670d0c137724abe4a917975ede8e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/62783.e18caa1168cc95380ff7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"18608-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhUo6c8A94OgbTAtxxSPIn%2Bo208BK48cQZabfUrv6eQlyFLRQpvHyIabidmnQcB3Vr4nDTHChymEl%2BXAI4EfoMJzjvTSM1KRpwNvKjYq1bKcJYX0FlFx5wxsRibu0zJ%2F2%2Bi30KfbBXX1RS7hOyzwuIRwRhxo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1562a12b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/7442b576347c1d02886f.svg | 104.21.10.98 | 200 OK | 395 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/7442b576347c1d02886f.svg IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash3e60ff1de94af19ce4bc825b9d2fd18a c5a4ae459f6596bdefe85021f198826e316b4198 8a32440759eee1d213b1561c980ebe7856fcaffa11588a4b7131cf83fb1c2092
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/7442b576347c1d02886f.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"18b-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqVm1azTR5LruD0xR9zXeiLl2o%2B5FhHCx7%2BUoRCfhzEbIs%2FYm498H3XXCsEy%2Bk1GyjB0QARj1%2BwjI8zQ09GghkHCuFfkXgcWKMMcfakoqb9X2LXPIHhcEn3QBDmMk508u1P0CE8jnM%2FEXhLM6uJze%2FtBS%2Bw6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a60b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/63550.a619020e4c7b3d5be7ac.js | 104.21.10.98 | 200 OK | 8.0 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/63550.a619020e4c7b3d5be7ac.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8041), with no line terminators Hashb03a74e4793c52da60a440f2b73aea20 a845f9c25a2f8fb2a10e67468045286a3f0d5851 d64c4d797460c5e849a45bdd00b59075f1a415c2be3a2de56f719e7372534101
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/63550.a619020e4c7b3d5be7ac.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1f1c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ppci76yO375FhPPUMkwAsizCV2pfSYCtw1vbo5ldxxtQwn5OSK8MTPhE3C3vQ5w5Qs4vj9XzWaJocdK9p3a%2FUAbEB59AKpzYuGEN%2BCjLFLGWrVbtzD4nKQH6B1Qm5ntrghkId8BDaJb7x%2Ft8XlCQdo77Ome9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdd3b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/75676.8481ee3ef6c0d7c670c6.js | 104.21.10.98 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/75676.8481ee3ef6c0d7c670c6.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (13527) Hash502ff8e5505ed7ca0324277b0bc89a44 d72fbdd0644c128b92e705195be59364fe41d03a da6f72756a57cf6b4ee7fe8d1ffa539976246470d740b0434e62ce7bb3d4a60f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/75676.8481ee3ef6c0d7c670c6.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"350e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0bppo8E144PJCg7nuS7zNJRNDiPi5rWSMociF3S3wJyBWujcoVor7nDtJ9PJly5SKMosNmFRk6pt1BA1jrCLu%2F3tJrtPg8Lgz3TsUZi6U9%2FwvaQVA4G%2FYT5u%2BGiBkY48LHiX1TmoD6a7lcJLzk05BY9jPFh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe6ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/58166.4ec31e1810af6eda852a.js | 104.21.10.98 | 200 OK | 38 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/58166.4ec31e1810af6eda852a.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (37774) Hashce66262030ddf4d78cd0600c1706bbca 195a3af6bbcd112990859fffef3a9b92a777788e e8d1036a715eff98d533a5edf5e91f079e9eb7482fe9c2eabd6df44d51d3eaf7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/58166.4ec31e1810af6eda852a.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"93c5-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0BReLAGu2Rb%2BCvXngmuqsDgQE6Z5PrqmEXFQQHDftaVfO4QQgLavAZ3c9IVgXC082AtOQB4oXb1qEOFvfVz6zJp3Wc21wM%2FwIRW8sjuGWki2qggtwLpgRZ3Joe5gWyD5bjVg4zkCoH2OMNw6Ua7qa40GcGdn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1434f46b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/75851.82c9a7f8176d778029e3.js | 104.21.10.98 | 200 OK | 9.7 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/75851.82c9a7f8176d778029e3.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with very long lines (9810), with no line terminators Hashac6ef2a39ee1dd9bfd9906c593a8ffc6 0770b44a9791f7bb2d95b3c44c79a96fdf08ac4f 99c9f93237bec55428a7d0199a1a1c33239ff4f3afc72f09a03c860961430ad7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/75851.82c9a7f8176d778029e3.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"25ed-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcQtyz1csEviTkZqfKj0fMfZPxRABGhwJBfzbsf7z7FCtgRrOqLiMIzSaerfM%2BKx%2BMCCV3yC0kY2qK8ImdrIAASM3XMQl2iEjtMIs2XBqCZnxrdYvq4DJ5xeSKKdWx7%2BHY5JMcoS6ofMdKpzEJoN7TdORDv6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ee27b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/25653.f1981721227784f0166e.js | 104.21.10.98 | 200 OK | 164 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/25653.f1981721227784f0166e.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size164 kB (164235 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/25653.f1981721227784f0166e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2818b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPld7ommX4Z66T28KCOtutg6ixji3sOlNaKoZN9BuwuMm82UwEVNVh3H1ghGbsFwAnfxVjlZySlrcG0pEUi%2BRdT3LZ%2FkvHMRJIb0gdSewZQD4MqaKaV8XXh%2B31fEWPXzl%2BQbxtFqJ8xs2TWVBUB3JWqKgq3i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d144ea70b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/3c723e3c991fcd7cce58.js | 104.21.10.98 | 200 OK | 164 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/3c723e3c991fcd7cce58.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hashbb871017dfff7157e3481a5dff8e4529 36e5c0824c189aef00bbd5f35387a84b7010227d 55aacccdae49dac44e6d8fb3cf3041ba4873558d2d851d0abe9ecdf99dc1e0b4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/3c723e3c991fcd7cce58.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkTa8Tj0KXUjjgQHlkxnTNb%2B2SU%2BONA8wemrXGF6PnFVRqPGfwuVdt0BcmFFVeGSB%2FSxbPqbv3eZcQgsWKA74%2FKP7kzFDJusUesq%2FSGc9JDf%2F%2F4vLqSOUBKLAuEh6pFKWaWDA1%2F0grgJLBiAxgDkhHKaj6B%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a50b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/20ac37ed2576dd48d7dc.woff2 | 104.21.10.98 | 200 OK | 65 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/20ac37ed2576dd48d7dc.woff2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hash84b7416cff14fd88e25c7a5e808f96e7 141dc0f5c13044dad660a2add445baf5c472dffb d8c6f38967f6cf2d568e34abe3e04c2c2c195becd596c1cee7b9b83822dd768c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/20ac37ed2576dd48d7dc.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fgwlgvPpk69Fh3dg%2BBlY0J3GLYJDGXXvcrMU7h07S1Q7YEnvgG7KJE6e3pj89jYJCKle1srEPva%2BuxXtRRIL4NAHwxlk%2FHL3xt71bcQuBm7Pb4SNBU9%2FNQOPI9QZRmPioE36dpvdO8THOAWnbc3%2FXyQmZKO7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15b1a8db509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/21396.259a270b7e3f8803a333.js | 104.21.10.98 | 200 OK | 15 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/21396.259a270b7e3f8803a333.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14756) Hashc74d5b820b3ada88a22cf587816c396f 6234d885e01df794f61cb4f40f67b2fb9f7adebd f693e1a4e6fac3c7d5a97cf8ebc5e28ec4c1aebeab83580734ca143563efdb14
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/21396.259a270b7e3f8803a333.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"39db-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKxoNfddiMjm2zUXQdeuYhZktMPE%2Fa0AzVdjjxN4eLeH4IWSSNCpfWoT1UUXpWX%2BrJeQSlsbG941XUkkBIFUSKH2GJ0ihNatlorWmrHDZ8BcXuCCIvZvcZl5Dg2zeXBZcYe1q0WTqQQxvsQ4WLvX%2BCqjUq%2FN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdcbb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/49191.4c47aae235ac3c0cdcd4.js | 104.21.10.98 | 200 OK | 13 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/49191.4c47aae235ac3c0cdcd4.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12692) Hashd4ce6646e8d5ffda699497912a3eebd1 4a805ee77c49b82538f97e189c6fe64763b596af 27303c6d56e622d841fdf0dbe19d3b61ba24b4d9ed0f0063554d40d051419a8f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/49191.4c47aae235ac3c0cdcd4.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"31cb-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2Braf5%2FgsB698Ed88P2TMR1u39lsy3ckGxLK5xcNRBb08ZirKtB9jC8q7r%2BPPG5rNz4ec%2BedggWV0pbFtW5uSFYfFrRErBqUOJHDPsEC%2Fp1kiZnN075mkcVDi40sJTVMo7RkrLpKpsOqF%2FyymKiUZgPBkjU%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430ea0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47498.38da6b2cf2f487359536.js | 104.21.10.98 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47498.38da6b2cf2f487359536.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10010) Hasha4ff99b0bbadc5f521c2a07f0f1e3f93 30b17f14702fe71f825a3966b652f65705ec3c93 6e2b1b73e8b8dbf90920572224e0edfbf56fa6e20d0cede00321cb2ac91c1254
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47498.38da6b2cf2f487359536.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2751-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BJnVUhYgw5%2FhukFke2Avxt2O84xe7WYT7%2F%2B1kFXJHgaqXUDO0iyWE2BZRez8%2BcmeQnIu0lAn95dMYhytpwTeuy%2Fkj%2F56IyKmV7Aktwfeps1nN7kzyyfLYHYAPo8qGFObk1CqfPDepjiYBBmJx9vcvXUOeZo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432ef3b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/10991.d742d0d238c0d99e96ae.js | 104.21.10.98 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/10991.d742d0d238c0d99e96ae.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10475) Hashfa3d9476408d24313aaaa8d6794932fc 4ab50205305c760862e0892cdf69e397a73fab7a 1f9dc95a0409e1d5a703e72a1f03578ba3b0c28cc1e7177a2b7f46cd7056cd2a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/10991.d742d0d238c0d99e96ae.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2922-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FEsNBaPbLNmI7kN5NRTaygteQE0WguORJs19ktLQt%2BdzC5f6hIKDZ2k5vCNZ3%2F4j%2FoSGWEfFXx2zbp4XeFGu6%2B%2FYP7HX4p64WLB3XIK9QGG1Fe5im7H19SLVoN%2FyuPmYt2V7ovpC4Xs03ZADgnCYqPIC8M7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142dde7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/46318.26a20b3d6c9d947ee7c5.js | 104.21.10.98 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/46318.26a20b3d6c9d947ee7c5.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14296) Hashc31c995e6b740c207b3c24a0d1145425 922fd2d139a1ff8bfb89dfec828ed4e52946f359 8faf3e169db9dfba36885821526edddb14b4e0c3feeb1f20786c3f2c51115831
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/46318.26a20b3d6c9d947ee7c5.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"380f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOWu4NN4clNxPsJgFFVnMhQtwNKK%2BHvV33wpIXEnLM166SD3Pcz8bDCNEpW%2F2A%2B8USnyuISz83yR%2BcFFudw8pkrbx5m47d9riPtmsvV1M9VlNCAoyaPcCzRBEPgZYWwhO3hMwOMMhbigg6NxVpAOz3umtn5n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ee1db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/f84e3e81b8d0718cd917.woff2 | 104.21.10.98 | 200 OK | 65 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/f84e3e81b8d0718cd917.woff2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hashc0caa8227e2754f8440029c42df9f7e9 cc2f0e3655002fdff933711fabb53d63c23cbfbd 89a8e6fe1c595fb5fe77edd74ee8990458ecbf2941bb44e60ce8d96b6fde660f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/f84e3e81b8d0718cd917.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:25 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYfB32qAtNwMDUr467vGhfWkZV2MLyBsur6%2BLK9fnNsO4O9PlxhqD8Z6oX0KsFDct4k02Mvj1BN7e893OfdLwYdH%2BmO%2B4lCBT1OG5O0jr5YSjlzBh4rZw%2Flw8t8y3J2CxwINgsn0yQKXdrsXiDM04sRcUfbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15b1aacb509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/66888.79756ea63981ab2a6341.js | 104.21.10.98 | 200 OK | 15 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/66888.79756ea63981ab2a6341.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14863) Hash1d86b77c518ea58ffd94ca73f4ecf8ec 46fdebd87f50f9aeb25b1908c92995e8d39212e1 a2740f55ae9c5911162e7891dab7a0a23ceed7ff351fb7956bf02f2a46e68f24
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/66888.79756ea63981ab2a6341.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a46-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mD2L1mDOHGDsN18qQGiFnupU1svShIKj6Liz7INtjekBKr%2Fam8K97eyKXxn9kfenWHsOs6U8QJrorT7w%2Bbf%2FEGz%2FpVMZtUTp1bibz4BS1utMxiN0%2FlNvX5M%2Bq8Xpg611JzVjQFNbKgUcCG3XjTSCgir4vPtU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431edfb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47470.c4ab7647d25b8ac58ca8.js | 104.21.10.98 | 200 OK | 312 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47470.c4ab7647d25b8ac58ca8.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size312 kB (311789 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47470.c4ab7647d25b8ac58ca8.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4c1ed-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OlnZQUmbE8%2FvMc2CcgzaMMr8Zg3HUrgxCuM7aqeNkgSrJ9ZYOpdj6PVbq9J0vC5qOz2ipdNAYGCRFLkUV%2BRq3nS00TBO%2FHlaTke7oXF6j0MZc2VFu5iJ7ZQGeQOdtmpm4TRnRkzC%2BujljGQHaO0SDOKKPwCB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1436f7fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/fd3f659b46061bd95594.js | 104.21.10.98 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/fd3f659b46061bd95594.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12472) Hash1f26d0370e5e43ea29dcff7c1c53d661 dea8cfb895f9081bcf0b5c6eaa2608c0da58393d 8f23b16a70005926318364b1757e80b28978294775227047866f5a64f1683fea
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/fd3f659b46061bd95594.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"30e9-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31Hv9xCd213zkKYimalLklcJ4UiXzfrnB95JAQnQCx2t169PltUIC7x4NSgsW5Cw5lqjKRGb%2BjdKeyqUynanK2E7HKorsOu0lel0%2Bh8e7aq%2BCVVxDoGg%2BKw8CfmhMNu4WEHUaQurhD%2FTRyj6ENGoW3TZvv7t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15609d2b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/8f581f91e7e650ac87a2.svg | 104.21.10.98 | 200 OK | 137 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/8f581f91e7e650ac87a2.svg IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash897482ffa8de9752445d3eab06524d8c be0afe5b3be92b25fd9baf6c4a98e30a8b4e831d 071d1d5a1ae9749fb0b9175ce5f7b74e994c97cb33f38e2a68bd717b32518dab
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/8f581f91e7e650ac87a2.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"89-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZ9TObNexR0G4wwtlIqjUchaugJstpJy986GBzNUraFCDA%2BUvgGxXtChkD7%2FLQq8UDSzdfgtRdswsNkJKV%2BXKV5gY68I2iBOxV%2FKVMoAmiuF25C5jnrlNpzuiM0Beutx115FFZvMuQXy3yxCNZ6fvQNlSINU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a63b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/5486.e277dbe0f48aff03f253.js | 104.21.10.98 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/5486.e277dbe0f48aff03f253.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (18439) Hashda488d066f499947444eb7a2c835e1fc 378be16a36214b56e040795885974a4e7d5635f9 1dfc9020a696de7183246e819d88bfd70298526c4bbe9042b5b39d3628cbaebd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/5486.e277dbe0f48aff03f253.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"483d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7BcYUuQHNmyIHKQjKNdrDss%2B7us76GRbS50lTfP2LNe%2FkctQCqJ7%2FBTr9%2FiKUcYJXTrtwJtJdiDLy4r%2FwnacZTyoI8jZIarhv0QMhD5q%2Be9G4rsd%2FgKKlt8oVzggNekrrW2o7RXbCSxn6ZVJpJZxOeT0BHU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ee2bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/18407.d0257553d76c1da19de7.js | 104.21.10.98 | 200 OK | 63 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/18407.d0257553d76c1da19de7.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (62630) Hashc6070a74fc7828610536a88f4ef0ac00 58ff20e6b81343ce9fb04c9a3b98e96eeaced06b 5a52fadd5efd62ecee80f803d600055810fb7765497d80e95e8f61aa27286cc5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/18407.d0257553d76c1da19de7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"f4dd-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8Ic1Zgn%2BVhCczyQ%2FSs%2BH39hTNx%2BJUGd6N%2FgjHJHBNrDt540JzMDhcVzpYtwadhsazjISTY9iQnMfo5ti%2BNU6wBxD%2BPMiRsgEkG2h5C9jAMI43xtSBgbz5DXg62vkW8OhOa2kxoevqZ0mVxXlz3z1Q1ETg1M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe62b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/23777.2a4fc059cb5b5caf5307.js | 104.21.10.98 | 200 OK | 60 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/23777.2a4fc059cb5b5caf5307.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (59652) Hash264bf832f52128869c50c91968264bb4 95a54d2525f093719198bfa0aaa1c7ef8574cc4f 515cb4b2b1c5a8190e7a9f74c13a3539aa2f758af17a50a71b9832fe53a88f9f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/23777.2a4fc059cb5b5caf5307.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"e93b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EmH4OmEnhtBaMcVIIJDTHwe%2F4EknhynMrNmqKHl4YJq6E5Z%2BeIeAr1bMpfZRSwVFkbA6c9NF6ypF9VrA3qzL6JRVik1z7KRAYTjGjxPnt13Jzfk8Ml4gs6bB5naSCyfjrIOGjz7ftAmTUCURKhAxCWH7ZC8a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430ea7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/321a07cbc6f5919dbce9.svg | 104.21.10.98 | 200 OK | 139 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/321a07cbc6f5919dbce9.svg IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hashd8307f61f76f425f8834fd27a04c1b3e 5fd275de4826b418e24dfb34abca1dd2d6397b78 e05e223815347635e74c037681ab5036542fbd6c1a0f08a9c923153ccf837441
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/321a07cbc6f5919dbce9.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"8b-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qTwEkjc%2BfeJt6SklQE61Yk5oudxfRMRkyjo%2FYMh7kO3QXA7oQJAybgjMWWc5e9T%2F0F%2BXfzpPJblrRFJhAJApKGaEqCQjI5O40yDYV5pNKsNphXJ%2BYRUkdE%2BpLy1BH%2F5ibWqv4VLskfFVC71G%2FAtwowyRKgEK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a52b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/3f46bbecb4287c0a829f.woff2 | 104.21.10.98 | 200 OK | 65 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/3f46bbecb4287c0a829f.woff2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hash8e0185b3d3272056b90fa759b629b4a1 f80ecdd55cf374b1f5520fcd64e97883c1f514d8 7f2fc9c03ac5cee4e206b61d510b427ba6e8f5c7554d1b5db42c5caa7cf2307a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/3f46bbecb4287c0a829f.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3vfYn%2BvBZavmTSAqEWHdJFpNmuPfL5AS1ONelB1yOfodhkIBpy0lR2yQzC82IG9%2Fx1YtI3qCL2seMvk6MvQJwhpq1U38AtFZCo7Zg2My4678trqVzh6BGD5%2FvaAefGH4CPZuQY6za1y%2Be6RXKvDe1mSZA1x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15b1a9fb509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47470.c4ab7647d25b8ac58ca8.js | 104.21.10.98 | 200 OK | 312 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47470.c4ab7647d25b8ac58ca8.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size312 kB (311789 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47470.c4ab7647d25b8ac58ca8.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4c1ed-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbQPPLjJgDiUEsf4LuAw5SFqsqqNA2FkFIc%2Fw%2B3fyYhKTKPGC701CZcrMC36UBcsunxyaok3qV9zzQvGBiu0ZLmFbAmCeh6B6qX9H1ObO6Q7BCnDHReOJInFhj0lGNaGJkPqG0VtuN1p65HjANPtmZ50Lrvn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142de0bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/14875.31e886d6d1db8a56b5df.js | 104.21.10.98 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/14875.31e886d6d1db8a56b5df.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14036) Hashb73ea7c5ff12b5ac922cf837484b41d4 ecb0e464f4dc99dc4c2a88a0af3a5e80c8cbb0a2 558da14d878234c5150f3875e25a8049954a5ac6446595d3f58ac828620a6389
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/14875.31e886d6d1db8a56b5df.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"370b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLa5rrFZCb6RUYU%2FoeARX4rY06p6nNC%2FlQepJnQI09mHGGTr5uknlFn2Hu5CiHe9KiinFOLln5rRiXTs9OW%2BuJQ5zYIqpJPE%2F7KqluQqMq7mpmzNwBn5MaMy9xbvdEXbVu%2FV4ab83dQahHM%2BIzxGIruYGM7o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ee23b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/46541.c33eae8d471e53d0e4b0.js | 104.21.10.98 | 200 OK | 11 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/46541.c33eae8d471e53d0e4b0.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (11221) Hash5ae0a08a3f12c1e8188baa3c52edfdd0 f557a1633dafe82e67dc1c79430a29e8c2770c1a 8c9541c705b78af92818361f371dffe2932fe667fe5bddfff23a10a94b0e9491
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/46541.c33eae8d471e53d0e4b0.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2c0c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGSs40pelvsSf3Jkl3ri0fQljyJwY9TqWb8cG75UlBUvh7UtgHwn0oLSW%2BwMV5Eib54e18q%2BzRjTtvAx1Ye%2F1ppnA83aFDdWDIeLbkMT9eKSmPjg4glGKsb1cIb1xPjQd5r9hHAx2hDt6OYoh3TEODUHAwPA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431edcb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/ee6b51adb64f6365352c.woff2 | 104.21.10.98 | 200 OK | 179 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/ee6b51adb64f6365352c.woff2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 179380, version 2.459 Size179 kB (179380 bytes) Hash7cf1be7696bf689b97230262eade8ad8 8eb128f9e3cf364c2fd380eefaa6397f245a1c82 a981989aee5d4479ffadf550d9ecff24a4ac829483e3e55c07da3491f84b12ba
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/ee6b51adb64f6365352c.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:25 GMT
content-type: font/woff2
content-length: 179380
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:32 GMT
etag: W/"2bcb4-18d28d9b1e0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7Htq9dcuoxF2YLWQc1ARsW6i0Cp8RKBRtw7mNxiwzfuBvGdjJ8Miy%2BxRD7tkedpjghR2JRazl8umeKmTSFS1gbayG2aDoNvS11xv%2BZ0bhl%2Fv9LU%2FxDPP7Y%2F0Rw5WRDnYPrD5OFV6HWJKMhLCfH%2FKEj6tDd8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15c5cbeb509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/6575.507fad3ad28f9e5198cf.js | 104.21.10.98 | 200 OK | 1.8 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/6575.507fad3ad28f9e5198cf.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size1.8 MB (1792121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/6575.507fad3ad28f9e5198cf.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1b5879-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2yHWVjPBobId12IOYuNgxe3pigtzJDEodj%2FCDj55RF9rppOOMEZqMlfJYKcK7cK0arPnK6%2B2S1xN5jh5t7iKeAwFtOBcuKjRMX6OnxYKszIy4VF8MvnVOkaSnSQ1TSrZWOhzAh%2B5SwqmlaOaQvKU%2FEMHUrAq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1434f54b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/22843.1bda3edd4dd152273661.js | 104.21.10.98 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/22843.1bda3edd4dd152273661.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (20995) Hash3d7d3c6641376eab526dc37c2a3aea87 9a4405500ec4685d070b940e3e58dbe95ebedf94 8bd28e45bdf228abeeaec72fec246300bf1a2d85ed2bec3710889cb3ad8b72dd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/22843.1bda3edd4dd152273661.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"523a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGHxbh0zSNQWysqPcGxh31qYrnPVxRTZo3DOz%2BsglCjzeFM9b%2B8srd83BFvjWVEByxYt52GYY6Q%2Fhclzh26%2Fw5jQ5r7Z4JeNezQF8iiEatXkO2%2BFxszpqCdyqTnqGcE2dVj5XYHjLLMEFaKHbjEZdlrfN%2BFg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1436f81b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/68560.e27fd85667a295676749.js | 104.21.10.98 | 200 OK | 49 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/68560.e27fd85667a295676749.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (49324) Hash264fdf0094b5d416ab5fcb70a1f52ca4 f76c8aafe7d2ea911de8ce22bfbaa66d974cd348 73487f57bc5d9a1a20ca844eea8d8e14799184ce34fdf2e31c70a502955b0380
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/68560.e27fd85667a295676749.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"c0e3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NjUrL4hWKfgul3dyvWOcAUrecJ%2B83bKDd3ellaaGePCVUO7HRrSU%2BbE0fRlcddP28uBoe%2BVWXO4ZgMU6wDslX5LOnqkgEH%2BGhBceR%2BcpLPGp9i2MK0KoxpT82MPv6uwss6dqwxXycG%2FqKFa9SjvZS%2BEeEKn9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1562a0db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/22918.9f2b9d54bbfc371a4d92.js | 104.21.10.98 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/22918.9f2b9d54bbfc371a4d92.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (18420) Hash5c6249fadadcf61985346cfe7e1b7245 0cd8c3cadd55dea165b09b350937732c9c63081f 79f170c6631891285f067a393d02bdc4aa9e270c83c2c0fc144882faeaeb71f2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/22918.9f2b9d54bbfc371a4d92.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"482b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKrTUhEfXYXF2CmIZEaZL9WrdV6rDJQznD6hvrHtXMCwCKymSCVOqQ20CiBWIoZX3AJ%2FK1lyOFJuHjhmZvXKPWlL8VGBz7UgwT8woCdd9d8U3rCl5oob0pdnH0l1SvcVgf6WQpn23iJWtB3imzWb3EiPlZAG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdcdb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/41611.7d797575820892675652.js | 104.21.10.98 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/41611.7d797575820892675652.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (20820) Hasha290ac62b9753650e23d6e78ea4af855 417747142045ca3f2e616d389c0e678c3d6bab48 7140411b3e59a097ef31914fad63941fcc863cbc7fdf7f8aca5ddb67f9a6388b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/41611.7d797575820892675652.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"518b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F87rh9WO8lq0jfbtNRqGNVLRTCOXzl6sovilwEaNsL9Sk1nVFY2ZQZ1HPY%2B74wJ%2FDEIJL00f5TOC5x6KVxibJEdOZ5riYT77Oj9Yz4vAb8kIKRFL%2FxXzWvqftw0Sc6eXGzc27l0mxPoA9XTYgyUzrlRgd9qf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430ea4b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/33547.5c46865f95647d249cb8.js | 104.21.10.98 | 200 OK | 61 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/33547.5c46865f95647d249cb8.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/33547.5c46865f95647d249cb8.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"ee2c-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BKW0uGdmtdJ413pYP%2B7n5Ts2AxpnEn46XZ2mAVdc%2F5Hp9EPqHt1EnZMZx%2Bm5k5ukGeG%2Bny3QrZ2gkwBzo9vlZd5Fu0iKJ7qvlApKqVDsOkNlhAHuHok4x16LEDP9adX6q4B7TRh%2FU52JjrlR1IMYfudENu6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432f16b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/37102.04489c88475d6b93636f.js | 104.21.10.98 | 200 OK | 19 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/37102.04489c88475d6b93636f.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (18523) Hash6a056d7583533ca1f6f22eb59c25f71e fd9008c3477be5b59118cec1d51e0d5942e9511a 93ac8375ee2ec8788c40ffd8afb828f87d2e3b7a718f346cd92d353f32cf3754
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/37102.04489c88475d6b93636f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4892-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOLrNpgUfNarw0AJmETyke9C5CbGu16Vj3Dbytl%2BrTklXD8MuX%2FT7y5fdCtM30ikRHrgvQE4dLprbsiWlXtcpfmVmXC9LoFqwH6opeUrz3CJfW2%2FNGU18W02yqalXL8TGbWgqNPDT9HHEf3Bh2FudnRsSAXK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430e9cb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/18814.2887004806e3f2dcb541.js | 104.21.10.98 | 200 OK | 17 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/18814.2887004806e3f2dcb541.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (16511) Hasheb44fdac0aefca117662f9db435ffc09 bf2224f54fd833cad9374ec73e35425ca7850d0d 8e7a022b3c6e28ed485a3e73ea49864a44b188c56ff7f3be7ab7cd268662a33a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/18814.2887004806e3f2dcb541.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"40b6-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6SYskcvKUeYpUNiV3eeJ9zokbQhzydLCEx4akg25TZRA0M8ZerrVRdV1tsC8lUGHx3L%2FX9sCiGm7oG1nnh1WEEi1B03rCloozlaMV9j3tY2Vn7SQwa3SbPVhR%2BLr%2BaTfIVAMWqIZwzv18X82ypoYN2DlGp8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ed6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/38081.229b2d35737bf3f84541.js | 104.21.10.98 | 200 OK | 22 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/38081.229b2d35737bf3f84541.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (21630) Hashc20b5e9bd89cd932aec62501526bc4af eb2f709ad66bef7b20d4ecce454b827cb5758391 b4c9960af0c70acf545990b29eab7e4465caa262df425c820907bf259da27441
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/38081.229b2d35737bf3f84541.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"54b5-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Z2lVQ6if7mH6cjKd3LfGq1pQzWz9LkGIFAXfLGr1%2F6xSfg8Knq%2FTk6ZV0c7%2FtGK5uerILI2ldP6YktoAAx4XyRD4uYSXXGSz1hll0POUkoaVzr2S97w%2Fe0P6Hw879aQXVh9jYVTETgftlRsc%2BZbTSCqKq6w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ee2b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/68291.687557b9b660607399a3.js | 104.21.10.98 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/68291.687557b9b660607399a3.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (17615) Hashdd0045a215121572125a5304c3133a15 3ef4f53e521272322eac0952cf5b9b7f7b01ceee b491a88ee2a3533fc0c2eaa6a9f23a5e5d8e431a06aa9cf36e4c36fdcb0c699f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/68291.687557b9b660607399a3.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4506-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EHEEcEVQLY%2FnkO3jCKwRDnmgfUqu3IPJY0hOCO8GklUAaDqxR6r5%2F6fF7U1Dy9kJA5skARWip59oz8Ko3p1xCSBR%2Bc4jrtEZbA6B3f9dVUOLrxYoCaVrQcEI%2FnE6AuLsSP8x5Rb5mItN6CD5YSE85uGzpjVk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d155e994b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/13798.6a2a5ac1a86675c94b6c.js | 104.21.10.98 | 200 OK | 7.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/13798.6a2a5ac1a86675c94b6c.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8182), with no line terminators Hash81548497b4c074d04063c9f226154ade 3548f8053d9df0534168b499bf42407d8e573e2e 13ac083b959b6c894e5118fd5a686a4985575125a984190c1f7454264cfedeed
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/13798.6a2a5ac1a86675c94b6c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1eb0-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c7JcZzFerTBKKjVF5pXIzhhDml2omIxRk2IgAUrRYsXiOo8xR7%2BxMf5o07bmKxYpkoRy7NGIr%2FMAVk5pyXUakO7RlGzxgc9GJWhWKvcZNGakDdJbOOipmPWyHHXEqTmYt0tA0Y%2Fu7OkJVduGLVtuPm497HJQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdd0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/21251.87af35fe00e980d9651d.js | 104.21.10.98 | 200 OK | 22 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/21251.87af35fe00e980d9651d.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (22100) Hash87ae3712843239cfd30ac976bd99940d f94f35e5ba76aa102c14972c75cd67728f6efeae e4f129ecb25b26e3644847541c531e34f3e0848bfdbb9f0f00fe97347bbd9db9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/21251.87af35fe00e980d9651d.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"568b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2c7HoezyWVEm113I8GxVfMvQgmBQFa8Vg39FXIqGuEoD6MtS7mmadFALqop8YI6haL9Qv2Kqdg7NLNGIM2iRPNxtWUK6jb%2B92XU8qcUU%2BfqipMMttD%2BWOBwk%2FONM42IPVJ7z4Mbo4%2BpPW1r%2BP7PQ3ZI7wBa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe53b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/86480.ebf8826a7f33e22a6aba.js | 104.21.10.98 | 200 OK | 15 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/86480.ebf8826a7f33e22a6aba.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14887) Hashefa64bf325b069f9cddd3a1e224e7679 c18d2104d2ab6cf8599c57fc52d01faf8c48aec9 94139cd642069de9ba7621638c1dd08ff2703c859f69df7e24ee109f4f3cd250
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/86480.ebf8826a7f33e22a6aba.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a5e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t16%2BLOSgjJnLpNFw8gYVT5wiN%2BP3QCEfhVLxize1XyElVvJG4mpkKWAJzwWeUdwSvwPyD21r2689F1dUt3uXlL%2BxYZfnHbZxi6Y0P7RuP9nRhMplxfC8IslSOsudP46zT0STJsfcx%2BfLvI7UizgoOsewt4yW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe5cb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/99742.217a8e519977f9b5cbf0.js | 104.21.10.98 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/99742.217a8e519977f9b5cbf0.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (18014) Hash1960cd6ad791e73cdcfafff546853923 0ad17a1e5860279e6885d8d94ee0e29a1730d530 13c1c620578fee12330a7c3c003da2ea56f487fe471125b76add74f74d0bc36c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/99742.217a8e519977f9b5cbf0.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4695-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xwYOkD6F46kT%2BdUvAVF1qIEsLttY%2BVE58lyymI5XlyeHH%2BTz1PD%2Bb5y04m%2BUELSIYs6olK9IObzjdI9153OXXUIFBLZPhJTW88Julue8mKxPVQbENDy7kNP%2FRc0NWmqbutXmtJWZ3WKHDzM7vnv1eJnSQglx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe6fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/44504.4c4113c3ec609733dacd.js | 104.21.10.98 | 200 OK | 60 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/44504.4c4113c3ec609733dacd.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (59916) Hash34be6172cc28f54550f737535ee7406b ae6f7a023c57531df95cfce4b8c2faf862b922c5 419e3eebea240a838aa818a0ac9b57d607a52c7547cd9ee876bfb2bd84226e8b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/44504.4c4113c3ec609733dacd.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"ea43-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J5ihJF%2FfTf2YmoBAnlxJTyCWSS%2F57bcTRR8IwFgdXR6kuSacSsmXN2JTXMdMk5cSTSFvOGgAoyLooEn3pqkLiXbSrKVcymYpmfdIPCAeu0TieZQPT0GtJVGgx3r3Bpl%2BC%2FAtHD%2FroFxGBJMLDiBKWrHzbbmK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d155f9c8b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/52033.8c199987fcf5a97f2ee5.js | 104.21.10.98 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/52033.8c199987fcf5a97f2ee5.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10438) Hash8eaae7e1a96c8c653d0d85b3733e705f 5b7a6b708f070bbdf46cf15e3c613e3e60896260 83e5ef5e06c1625afe2ad608af5ab6b3dcf13652395d218b8f2a2442bb5791c5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/52033.8c199987fcf5a97f2ee5.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"28fd-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBJeMQSoJdV0DL9qIfFA2S7UcY7JFzmXY08TjTFmOHm0%2Fwm%2BP7IzSBDJ9vRSWyxkoge0xEf5dfroJo%2B9MUyyWl9%2BffJWPnsislTyCAYR6pNkBSGIq82RoRFGP84RHTuXHgevwjg1SMLe4sQT3Yqdt4ijQl43"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15619f9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/images/favicon.ico | 104.21.10.98 | 200 OK | 25 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/images/favicon.ico IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeMS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashec2c34cadd4b5f4594415127380a85e6 e7e129270da0153510ef04a148d08702b980b679 128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/favicon.ico HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:23 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:48:45 GMT
etag: W/"5ff5-18d28d8fa48"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FzrXJlDmRE1bOgdPVAO1B86LL84j3BLJpJFDgZi1%2FmN6ETL8LP6zih%2BFz1nk3CZldBhWtxpR%2FYvVeG7rBhvfy9h%2B8CNk7MJIk265nMcWgC3wbRf4gL1K7IbtqDhvdFj07ncp3mtlj%2Ba0jcjcngmDY16rTe0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1521a1db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/1f3e315f020ed5635dc1.svg | 104.21.10.98 | 200 OK | 180 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/1f3e315f020ed5635dc1.svg IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash7be3d705f8fd758f30fdb6d593364954 469caeb23537d7152c40fca8e5a8c9a03013eb07 907d7bc2d1af895ac583237f9005822ad480c51fd03618f5a7819c3d71b62424
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/1f3e315f020ed5635dc1.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"b4-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVERBvkTQp%2BW9smjH3Nz8skx9Bj1rsXAWHMGMKVSxGYwGtUiN%2FvvACoYFr6Ve8%2B%2FkZPpcrhCWu8BPzAX1Rl4Fwr6%2FGrUbdpDU6EXGHDa1gwcJEGi%2BnMXhYJezUctlNCO6YfJyMxGp4M5lM9d%2F6HvE5p52qyc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a58b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/25653.f1981721227784f0166e.js | 104.21.10.98 | 200 OK | 164 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/25653.f1981721227784f0166e.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size164 kB (164235 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/25653.f1981721227784f0166e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2818b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7OzlRVb4IcEq3bRY8mDzuXOVo86j3G7%2F6G7jih6qVTAMyNc9L%2FpdrLQ%2Bimw5UgrzchFLi%2BepOJFzu%2BQ8iE29vjEUBtq51ZtiYv2LbxxfkxP%2FUuXwjei0fmJc1rytggsSwa9MisiKxmAZyZ0e4I0vd8S8FUod"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142de17b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/67079.912803f13064d4c3677e.js | 104.21.10.98 | 200 OK | 23 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/67079.912803f13064d4c3677e.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (23306) Hash2a521f7bf2072b4d3eabdf38c0681157 90cfe120f3d79aa5d4efed7a5b458ec27e2d9af0 d7cc40cdb7b530f4d0050c5354a295361f1550e1e3f3092b8e2758fc26006903
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/67079.912803f13064d4c3677e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5b41-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZpsNZ6MDojuRjiaVCcL2gdw77GGYCF7W%2BTUjCNVkkmVqlTgnTtfzMU2F9Q0FwoMhy%2FsCHKE8p8eaGF1qsnaK6qNiYLH76ixVLILDYhd3cLFTby9i5VslgrU4kwzrhkU64U9%2FldDN%2ByNRuvpXrtfl35U%2FdTA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430ea9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/sentry.1e20f9b7b3b2507e0dc7.js | 104.21.10.98 | 200 OK | 8.0 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/sentry.1e20f9b7b3b2507e0dc7.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (8219), with no line terminators Hashf6c12b3561afb0c5be1c10e2085c10bc 82e6c80f75bd4500d11b8a8eeab09258913fbc04 1fcf9bcb46efa6f11a6f1b081012b0dfa29746b084197a8b57f6cd0288e6646b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/sentry.1e20f9b7b3b2507e0dc7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1f4d-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrjxsKPB98jbQy%2BDbYh9U6KtXkyub4GQ5IXglyeogKnsPF%2FlbUCLMjm6Ip1oOtqecOafOpIDZoMGVfWO5qAyVj4qF41g2NOFJOX59V4OtpxxEK7gvSMGBoCW3NqpP%2B80VHUY7gbozrC%2BXWP%2FNlx%2FdH%2BZSxL%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1435f64b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/74970.ad098636400bd7dcbe6c.js | 104.21.10.98 | 200 OK | 28 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/74970.ad098636400bd7dcbe6c.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (28091) Hash3c3526a5242b8edbf4465c32aaf8fa93 577aabb70319ddb82ff368904993a42b33867d13 56d5c52d9d7ee3aa25c7670d3a69b9d711c20ed56e61f26f21cb459640fbf3d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/74970.ad098636400bd7dcbe6c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"6df2-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHLQG%2FcUp2fpPV8yZDr8a8kiF4%2ByJ5gOp%2F6IgGAm2LgaQWqZ6KAHflL10zLhFx1uCB8ZQOgi7i%2BESVoj4nlliSyAYKsE2y6wX9vPg6iLn5ZsGdyQsYe3JLBjlfjWvb6SzXpLM2lSfbCB8k27pjkkdEIMLoKm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe83b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/31421.ced40b898074b2c19b15.js | 104.21.10.98 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/31421.ced40b898074b2c19b15.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12060) Hashce1c4ffbc40c7e9bf65f4228013a5819 5032e464391b595927baf62c1e4bf0034ef66d26 131db5cf2b0741365470de35e02d94da3de2b223b8c18e3ca3dd7c26af23d6e6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/31421.ced40b898074b2c19b15.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2f53-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9LybfeCqUzC51aJuCLW7%2FnHMD1plEcdPdkDtDu6o4wpgnBG%2F0kFeT4r3Dm1WiiBSFu2B02wrudH2TYzD5vUZC19%2B%2B81BtdKgMXM4X0tfgk8tvk2DqYUk9Zh0uUc4VjYkYJryHQB%2BqPjCzg6Hm4vTkay%2BMSf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1432f0eb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/a9639edf37cbf3bc290c.js | 104.21.10.98 | 200 OK | 5.8 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/a9639edf37cbf3bc290c.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with very long lines (5947), with no line terminators Hashf392c77642c2fdc2ad568c6141c40966 8f9529db4fcc332030fe2b066220c4d5752e2cc7 9c96486a4197d9bfe932ae15364d60dbda2ce77fb28f6e53319f5a9b6b25b486
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/a9639edf37cbf3bc290c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"169a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rE%2FcfaPsBYDYgjzQUQK%2FkOsPXBeVanCv0I98vplO5b5hjx7hZcj7dcewV7hf9Ev6sWTFWGUPtJm0zby7TZWQmxUolHPqyYHEy7ZIN6Ga2UrIQJgugomToe9NskKAL9Rm8FdA5%2FesXk7jqsO0dxejLixudcdS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1563a34b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/09563300dbb31ab193bc.js | 104.21.10.98 | 200 OK | 164 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/09563300dbb31ab193bc.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hash8e42afb6be6c7e5cb3f80a429a9b38a5 9f69a17c261ecb637260673bf19224d146446522 e99ddcc2b404b34c865bf9b0476cbf22be543672d12349f58aa61d5905898014
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/09563300dbb31ab193bc.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AHMSDi7Aa46qKNiLj2f%2BNnJxOoWUQ346eLXEw494NhMi01jSt4eCiV4FjUi2V5n7FA1kUK2KmsCuaW%2BmdFhlZgMlrx51NAg3G%2BF9STKuTBQiV3eZJXAshXZ2HWREsAarIM%2F98baR%2BG9mudno9mBZrki6gHBv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a49b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/17820.e883271a8a21d461b3cc.js | 104.21.10.98 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/17820.e883271a8a21d461b3cc.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14165) Hash3eab1ae6e3a0d5dd18c280bb01fc9426 e09de192241afa3b47cfd3420cba919f5d5bee7c a7400219aa005e47acfbedf2ca55d9da87fc8d4386888f6c995c03358602793a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/17820.e883271a8a21d461b3cc.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"378c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tkfR5BDRGUTyDIcINNU2b8K0pIhuprJMr993OSrdjE3FgOElmolPTTrCvThJj6qUkyhJbl48K%2BobaYmnsCTri%2FB%2BTtG9D0vpzoxtknI%2B6WbOYtHyhHSZjaixvjaQEVD7OBfouOd%2B8C27wIZuonKa70PWY2x%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142dde3b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/34426.9f82349d8cf165e1b07e.js | 104.21.10.98 | 200 OK | 15 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/34426.9f82349d8cf165e1b07e.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14800) Hash495af705377c93d5c53e1b8c3b14d883 16ac3e41a677731e5ced48142c2949a75154fc64 83edb478f8ed6fa71c304bd0571c29d682453217ab896bd84fecfc4f2e42b2ac
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/34426.9f82349d8cf165e1b07e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a07-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YiPh%2BXpdZXQl6kOEKvWNqDOka%2FD%2F1h%2BA8PvvbauoDTQTunLNZCuM0Fkwm6SQBd8mDboGOwNVWuCE7weEdwMjixJWATw8t7T3Cej2GxPAkLOUJUiVgvYmB1jtucrbm3Kg3t2RvNDP4GOTX62Ldh6bbXUImd9%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe40b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/65000.e1b9099437a0cb5444c8.js | 104.21.10.98 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/65000.e1b9099437a0cb5444c8.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (21036) Hashabc619bd0b72681ed95131a5e0489b12 50f98a563f0b7771b5df533e8dd75306f37606d5 0384028309684382f2d9e791a778dbe1a4a0e9bc6e6756bdfc3d4f236ae3bc66
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/65000.e1b9099437a0cb5444c8.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5263-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J7zL9Pk7WD1qOMap4aazNPMaTnEH6pzJvY7Ro75OY2JF9Bm3JHea%2F%2BtzhxxBmko%2BxZ%2BJP12okw7wr%2FowB1HVgerQ2lsvHRE2UB39bfP3nY59GPDF4XXTcw4lfRbOIql8d1IihPV1qv6CtIiLEwulWF%2BnzBIZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142dddfb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/?v=2 | 104.21.10.98 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1login.discord-bot-verification.xyz/?v=2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.discord-bot-verification.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f2joLKgp7gBj3xGMY2VKjg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 09 May 2024 18:40:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cuROsAjP0qS5yFvJQOHR8FRxvdE=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yK%2BHQkspprgQxWe6KzrVSfclCh57y9he5RMWHngd7IiE3PERvWMIYVGZB%2BzLBbqYSUgCTvndKKG8O8Qqu4yuJgwD5Uii51N5nlZqB%2BrfQ3NYzaKWjTo4fctZ6mWBiID6etlTuuh0Z8eXdz5nAXQB2MngH0o"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8813d15bef6f56bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/7273.654bf842a369e2d3de94.js | 104.21.10.98 | 200 OK | 484 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/7273.654bf842a369e2d3de94.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size484 kB (483947 bytes) Hash8da1faca35a6cf1029dfc42e48b9c810 45f463dd73d51dabbb399d6ae6a4c1f16019e50a 14acf9e94dd9a0cb4dc91e43f797654258398f2c91ce40aff16960d049111125
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/7273.654bf842a369e2d3de94.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"7626b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmWVmi6crESGckj36BiSbLoIlibTfK7cDlf6GhLNTlyeqv9wJuAn3aG%2FhVdlVDtu2tJjjWRwm7weeAUiys%2Bw35A%2F2Sk4KhHwmB8811Wjgyf3rzyFTeJpiFbAtF9DuFDR3MYhy0pJPzR%2FOeE1qWEe2TEMVPnW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d144ea72b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ | 104.21.10.98 | 200 OK | 12 kB |
URL User Request GET HTTP/2login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ IP104.21.10.98:443
CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeHTML document, ASCII text, with very long lines (8134) Hash95a4ce54cf97a8509be9a66701984e4f 384a32399873a045e0f8ecedbf80edc815d9c089 4ff05b910d8ae875dbff0d7261102e7e2064384d571265531a4691853d6c88c4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 09 May 2024 18:40:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
last-modified: Sat, 06 Apr 2024 12:04:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18p805YZzC%2BsG%2B8mX3gQwPkqu3p2mfMe4sL1vpRrKvjPlnX0QDglK0hgvmGN6ScmwDMfeCpCMiG6CkZ6R5g0SwhaVDhFPE6UbMkNSlE%2F8h8Sq7uH6NT5t4%2FuFk98PZUZOGxvdfGIgrFeD6D8K9irnJ4oJULx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8813d13f986356c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| login.discord-bot-verification.xyz/assets/31897.ec700144df6b20f401cb.js | 104.21.10.98 | 200 OK | 6.5 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/31897.ec700144df6b20f401cb.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (6675), with no line terminators Hashc541881b1eb8c6fc9ef167b40d30b518 b18e4deb44d3a876d671cd0c32c1cf60512dd342 b45ec7b4dce9bbc331cb5b4af670a517c046f91c6cc8d32f04c143456f3bba9f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/31897.ec700144df6b20f401cb.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1970-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZzQnnRrVEKNvWUS07QEX0OyautBiIIpAUmQBKZSbX1rQJolwKM06CuJFSA%2BgPBt2qfiRKTG38lbzRmzGRdartlpBAFLU%2FtE6Hr%2FGvxHdKIT4a2MptuofUmCo0Y6NwfapyDfuFGCzfyjXcIr03GTbiUnQXMw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ddf7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js | 104.21.10.98 | 200 OK | 7.9 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (7919), with no line terminators Hashe82c6c0b5096d7948176436f3c75353d bc136a1cdb09ccdeb51046d1a33bcff8814f5570 587b9a196a9b6b6c7088dbc08f7f2479442a51b61e9661e0553b37fbcab2b091
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXkd%2B37kCgMa4QYrdlslfm3H74h5lYjnSEYQBfOJnmS%2BBxwQPeauDMXKqDydhKxilJ85Bdepeo1pMlAbOneIfmzxV5sDpl70AHOVTySQJV93ZO%2FqvjDaijfmmYkYXj6sezgVN5hF91MpV4BNN45hNIHBtwpp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1567aaab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/65800.d803fbd4c225782b31d6.js | 104.21.10.98 | 200 OK | 40 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/65800.d803fbd4c225782b31d6.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (39520) Hash6ebe1a578a746f1da064f34508d700bf b27eeeec818818be41f90df32894c3c618d183be c5781d163c837d6d2c72081b42e6ac0b513ba744a8a2ef95b62a4be628fd0168
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/65800.d803fbd4c225782b31d6.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"9a97-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jplxOiThNWww1S9RVPmNssmjLXjnaySNxMM8B%2BJnD5khKxdTHNN3Tk6R2ca9pZ4PsBlbS6qs9b2%2BEjOcdt45nknS8JFK7GKqwyqJn9hK3WsXcNFxXl4u7Mx%2BcdjaJgl3G1XkOv0khQVPbSS0dsniREyABW6Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1434f4cb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/1182f0e14eb94a3d391e.js | 104.21.10.98 | 200 OK | 37 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/1182f0e14eb94a3d391e.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (36601) Hash52b599c4aedf6b6ffe9c2ed3d2b352bd 936cdde615c933061158424d3b8ee939c0f862c3 17968598d9e70c9e4261422b17902c0d3cee59654d9fb070842f392d2f760ecc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/1182f0e14eb94a3d391e.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"8f2a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yWcfCV3ejW3CZw90VMm2YnrFzdpqWpC6fe3%2FFqNRspopl9WjElr9ETIRGXWnXny9p%2Bv9Ssa6ggHUk2TlNNRUeEINW%2BzEoReOhYKpKFZU6Kvv0ApoLA9iC4zJl1guTc8NOAjyHjb%2F%2FB27y47Gj8dWtZNfxJL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15609e0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/3205da2e8f78633583d0.svg | 104.21.10.98 | 200 OK | 688 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/3205da2e8f78633583d0.svg IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash845877ca568da4ce63844760bd808400 c25334314d5646fa7bdc85e171bf96d3d4c6e794 cdded65b4ce8893fde73a93b00ee2061dbdabdbdaba65f0fc61631c17ce980ef
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/3205da2e8f78633583d0.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"2b0-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2yqc8cCVEx0x4KqBsjqoBNICP6TD3NCzg6dCYwUBh7NeDZz1sE2dCW0krXaH%2F2Xx69vD9u77oXH2An0wI05w1Wgmp1A%2FgCPhs8OGoiCk5rC6%2F3URRN%2B2doaB9PytTD2AU6AgQa862m%2Fejc%2Fs1P3ji0drz1NR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a61b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/30982.a6d605c291ff090be83b.js | 104.21.10.98 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/30982.a6d605c291ff090be83b.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (11446) Hashd06e1097bc0b493b61ec8ccb6a3c1338 d69f77887e7611c330cff1fa7aaea9dafbc57ed5 1587658b44a41e7384ad7bd8d2e747e98ff01403347075b0205c68463b87dac8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/30982.a6d605c291ff090be83b.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2ced-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EpaGEMbPwrBlVhEqsnhZFG0ok%2FqSkApMuDi45VX3icfWUa%2BmvHjBZHK3VdadWajSFj%2FnQL3qxCGAbmq1%2FCjp32EF7BCYABM2Xucm2JRs5X4FkV8jTaX8hv7v6xsFTjYVsVKUGa6co%2F1leBIPNOnJThihKCZ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ee35b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/77015.48150de6efe657e3c6e2.js | 104.21.10.98 | 200 OK | 34 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/77015.48150de6efe657e3c6e2.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (33607) Hash81c3fc72ba9d6399582bf44261a7d3ae 1c226b78a91b94e41031384e952806a0f7df56b3 5d14345894349f81168d5cbac6e2427d0390773574634f6936e06680a832d282
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/77015.48150de6efe657e3c6e2.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"837e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AI1luDRpm3zFRabOtNljGw1z5%2FAHV4fjI9j09hvz%2FBJqvGZUyajUdAAtI4wzKNajW4RUvYXou%2FSmN29mG1IyOfaqEwjb3f3tEjUUVgIcQZz8nryloKPz3p2YqJc1lcAtObZb%2FHSRL67MALlFiS%2BvjUGB4G6m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ed3b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/99b391e2f74aa1e0d266.js | 104.21.10.98 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/99b391e2f74aa1e0d266.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/99b391e2f74aa1e0d266.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3558-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVFmMPcYYclE6IHTOscdtkm7eQd5S5nAZi8NtykYa0RaOVVFXv7F%2FNlLl9D%2Fp%2FLDI%2F2O2%2FFLEYYCeHixdaqMy2L7ltbW66LaCLoxuc5bi7d6Q9LeoFYvap1EeMQf8hcf7NnmFIYTckhuPef%2Bci8ViFsrLDgr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d155f9cbb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/399f7f1238d1fe8b2b51.js | 104.21.10.98 | 200 OK | 109 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/399f7f1238d1fe8b2b51.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size109 kB (108609 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/399f7f1238d1fe8b2b51.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1a841-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P4%2F9oiuXYkzTL8ZSccvwc5sS84N3sxkVHsmDjeCQAg9a36PuIkVwWZ3MP26C%2F1N6O5IspanACED0TsbhHDGEY9DnP%2BVOrwE9InFe92IxkQnwRzUJ6yobmBbilIwYWxSgYbXVfBLDHN4RTZezcOewLrBfRYRG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1562a1cb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/20117.7c4ea5cd4685b0442b9f.js | 104.21.10.98 | 200 OK | 56 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/20117.7c4ea5cd4685b0442b9f.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (55750) Hash3a328a58679dc7c65aede3025f694875 2b46354311cf752e3c734ac9e5f803bada1eea8c f6cee9961dcde12c0dbd889adb3579ab836fcaa34c99828f36856b5f1de9bb90
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/20117.7c4ea5cd4685b0442b9f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"d9fd-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhV9lhBAcKrrxEqaKrdi%2Bq2Qrl9IymJE7fOTyylGuaD0Erwe4l2qV9qjWwKORNKhdPm6aTU8iI%2FyFgLZ%2F3j4tVq%2Flskw6fJKNwr95oX%2FUb5aNymOPc%2BFH5pZYknfjTE0chChW%2FWbqK0fyMCew9nBxfWrW1id"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ddefb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/37580.f4011cf1c76f3c28f15f.js | 104.21.10.98 | 200 OK | 24 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/37580.f4011cf1c76f3c28f15f.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (24059) Hash57c8c6f403f66b72ca058bfa2a84d58e e19ca14f4bb25d322910c510f04ef2429487a2ae 934565da3cbcca91b42b6e506c8586d87297ee0d781d1eb7a73d006641a5a5ea
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/37580.f4011cf1c76f3c28f15f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5e32-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dsMeYwOfTT4XrH1a%2Bka7j%2BJAA2iWuo9BKIRo5Aa8QLA9LuOkLJYHvk%2FDyEq79daaFRTcs1Hdj3ovdEME8nay96vTmNj0wgSCfCE4O5hwNQQbv2bE6wtjRKx3lFY4lcAKy67A7aacsgfsVNhFxoMi3e%2BvAmJC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe64b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/14786.f948127b41553ade279f.js | 104.21.10.98 | 200 OK | 179 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/14786.f948127b41553ade279f.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size179 kB (178740 bytes) Hashd69e56d43eca67fdd7b58880418dad05 2c978cf96ee924c1eaf3a8e7f4f7a1df8a67bde7 1e625e5053b23ddf6c8c3c0775e2b7f865ad1fd8e34a3b67b0b12b714dafddd2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/14786.f948127b41553ade279f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2ba34-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y34m5KFWkmv%2F12POVOixZurtjVUI8GgIJQYOEDB%2FPHroCIcXJkyYkjuqh34VWdLXJRDy1fJa6m09L3u3RjxKpbowvwvlUqV1aaLqjQUJYEa7ocWJdsX5%2Fw%2B3Ic9chHr6kmyrBIrtMZctAnaho6FqKujPG6GK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ee5b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/799ce01abdb0da7bdef1.js | 104.21.10.98 | 200 OK | 10 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/799ce01abdb0da7bdef1.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10064) Hashf9eab234b26ace83cf074c0e8ee41795 7400543cf80242671ca9f63aff06b4fe7e33c3e2 99c1fb6a35c0b13536fb0ab5c1afb16fa359fa23e56d7c50fa86207f10e082cf
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/799ce01abdb0da7bdef1.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2781-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbSda6lxCbdQI8J%2FtasR1ICcGv3Y7B8T673YZJ6SsSzUBx6yvw2AL9w9Yw212quDh6R03tvy8Ks4HQghKEpUTcZ42jomUordFVoVE8pYtlvChJ5dDcU6oSlCEfSuhELDxcOspK6gt%2FBInK1w5pfDmi3nB%2FP8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15609d9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/53509.d075f1bff85f12b95485.js | 104.21.10.98 | 200 OK | 9.6 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/53509.d075f1bff85f12b95485.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (9755), with no line terminators Hashe9eff6bdc6b8bf132d282ab7e5a01c35 089fddfc575d1e95f64830332cd239ed1bd373fa 31a2beb20e1900be01f696441242a8abbd9f3f40dd8e9146d61bf141b36b4cdc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/53509.d075f1bff85f12b95485.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2592-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=amX2ha%2BeDimyHPCyKH0zmXhQLJ%2FmwKE0xhLnhPxw7iwkDQR3wGKLJcRZ%2FN4QWdIvC5K42zWUNusqHBOo65tLQCYufBaTDlP%2FKIbX89iVukfi9pKSlrdLCxBcPFwx3LLYtn7Hp%2BE7JXFODWP8Z9t1MJkFzp9U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1434f34b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/shared.6fd41c763b4cd504862f.js | 104.21.10.98 | 200 OK | 119 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/shared.6fd41c763b4cd504862f.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size119 kB (118990 bytes) Hashf2444e4ebe925f193c83f692cd8766e6 9d0c75a19d0693743e6429ab8da62f70184426ab 957af5a5dbcbbb943faca25af701c1a3d8839ad98d55ee5aaa401aa2f117ea8b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/shared.6fd41c763b4cd504862f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1d0ce-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYzprZiZlC22BYGt73ZzBsAFwvO9trECtzyY9ZMQKJZmgwd9E6kKDtOHr32e4Nwldr19%2FlWi%2FKx76KDdTdAZImAde%2BxSJNz1yKelp9%2BTcqxyQSfSNHExpDm%2Bh08si0ptmxu6VMC5XZZxoRFPWPq70b3seA2D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdb7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/48590.9d5fbcc5aac137b478e1.js | 104.21.10.98 | 200 OK | 38 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/48590.9d5fbcc5aac137b478e1.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (38172) Hash43c0247c5fd0d2aca49282b1f2e8b884 9c3d283f016f69a880edb60ebc384c9f39002a56 998a4388e4821fd233dad8d1faf2700c0c47741c4843925dd9252b1bd3dc0c50
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/48590.9d5fbcc5aac137b478e1.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"9553-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D2%2FcJ%2FaTxbLjWIhwTvQeRM%2Bl95C3smsYhCJ0FbukAobKrORRu695YebAmc2JRfXVohsyeAUcwYHxxzwEhvgJj5%2FBuzJO%2BIviZmV3ZMkIHZIPt56ktDKyQaKlPQ0KVZSWbVfuRWtP%2BYNw79z%2FYLl9JzSzCKCg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe59b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/74836.b991877dde75f9619c99.js | 104.21.10.98 | 200 OK | 20 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/74836.b991877dde75f9619c99.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (19958) Hash5de4f60b4efa8bb9454edb13d1cb9d83 5eb21a1fb900d78a23b781b715ee7f3eeb52b672 b6399a12a07f326a303c82e16981091cc42b529ea9f8b0c6986a0d7e91036692
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/74836.b991877dde75f9619c99.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4e2d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3qtezw9%2FJ5h6umPichwXDKeexZmfWV0vIqViS3vA0a8oXKRlh3csAe38xRjI13CKjgPlpW8brAEtwFjKrO%2BuYe%2FKhwwY3Ft0%2Bx4boI9%2B%2F01Blpbb%2FCmgxbXxgxNtLaf8mD9NkpBzzqcWYdx9fkzDM4g7n4%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe85b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94816.637e7c0b320aab380f7b.js | 104.21.10.98 | 200 OK | 87 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94816.637e7c0b320aab380f7b.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94816.637e7c0b320aab380f7b.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1553f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0riz7l4xuq2e0QnasqLooPsnVMMK66IOl6PAtynAsa0%2F7UQCxTzhNsXeMjzZp23T16Vl7hKEYaPZPwP1%2BbSbLcTU3qMAV72TFPeLBcNK2pGfnkK2P4WvacviwOfUI59MSOqW0jbY0hAgcEdRUV1WsOKdo2J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430e93b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/b9811218b3a54ad59fb2.woff2 | 104.21.10.98 | 200 OK | 65 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/b9811218b3a54ad59fb2.woff2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hashc7621ccdd6a8ca9b681b2def747d72a7 61c3dbec477606bebcf5d6ccb58f26659651d0e2 135667d8b38dcb9372bf4d65eaa44fa5438d0b06831a2cd562eb82b8d44f4098
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/b9811218b3a54ad59fb2.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:23 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gB2dqflVgu0o7pU4lrJGQOaS3oLnRMCujr7tijUGnkoaID9ju%2FXd3yyEzWysG%2BtgFzj78f3WbiYvi6H5WupRGjORoAWrrDbpOeyui62ygtGjh8n0yUTQnhxGH6%2B4miR%2FVrnMB4jy%2BjRHNmzctYGlf%2FR72zxl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1525a8eb509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/482.6e1c86f88a37a71d42ec.js | 104.21.10.98 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/482.6e1c86f88a37a71d42ec.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (20577) Hashba0cca7d871b0de10a4344be2427733f 4d4149acf6c6694000b0b4a5f18b4bff6aba6878 066deb7f1b943e4ccefdc62fc9dc214596787f8904a464de52bbaecf02ad8d86
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/482.6e1c86f88a37a71d42ec.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5096-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zzMOMnHn140uy20BbDuVfIGXfx2LpzS8TZthChCx7QjTIzF5dWavNAzkniWfeviB7RtihAh63bcnA6EhYn78cmpntuC%2BT%2BQek1KqHfIgr03twNHNtnA0QNpCRux3hIp1DwgGaoLj8dhwknXocIVmWPpvRnLf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142dddab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/60499.862663374dc7b2606eb6.js | 104.21.10.98 | 200 OK | 18 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/60499.862663374dc7b2606eb6.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (17610) Hash4ccfa2e22aa81b9717908bd2e198c04b 77c537671daf78c65664c86b2348a8901076b2f1 b7094a75dfa107fdacecb7d4de84339c5bbbdd4f7d138de620e58fcacae645de
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/60499.862663374dc7b2606eb6.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4501-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjToDJG2aR5fzBV8dTpHwDo84Z%2BlWNB5RmY7dLWTb1oa6ZCOMlDHnkNLpry9iSgn2ClSqpoKxVgB4HFKeJDtGs6iREAA6f3UNAbElpGwgmP85Em9L%2F49nbnclzgpIQOc0%2FiT115HWkRo%2FeXh06O7ePJREz1d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430e97b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/22198.f5f5aeb061c44ad3e071.js | 104.21.10.98 | 200 OK | 12 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/22198.f5f5aeb061c44ad3e071.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12232) Hash037eb3fd7c79a6a5da8011e606e917bd 078368fc9988f02a9d9b2faa6494b3209ca6f8a1 b24340e4a45954dadfd82c820035335f0d27ea454fdbbb263ca273cd590d5a23
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/22198.f5f5aeb061c44ad3e071.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2fff-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FQq5fi%2BLUrPgG3XzfE6K2i2AViQ%2B%2FIXynnqSCzNGP%2FyCO6rl9OTdtecY%2FtYO%2BUJiMg8QXFijahrB0nkUgog%2FbENT2of8YRc11NXJObEcCKIHFQjV9j82ZaWEz4MjhjTWTG5dZ3yuiV5jEWTSQfaJlJscBO3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430ea1b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/71554.35bafd030ac297a37d2b.js | 104.21.10.98 | 200 OK | 100 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/71554.35bafd030ac297a37d2b.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size100 kB (100440 bytes) Hashba52e5e9910264fad8c8cc08677ff419 2a8303994f8bf6fbce44a9198fc69f39a41b8af6 e6eebeabe896bd729ea9001e3049ec54e5438c7d5ecc845ae6a3f8d5c51e7f2c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/71554.35bafd030ac297a37d2b.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"18858-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VU1FKnO5Oqwk8UOiR94ojHVdNgoEyrCJpn8FRqYvNuJTriWIILPRuLPiPutHu%2BY8BDv42g2%2B7QJFNwcJuxmzhlm%2FuyHEaIAzlgSjE8J8L%2F%2FStQblsP8gVBxyJwtwowsBY3wYlq8fsb7nyu%2FKn0moJWR%2BKXi%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431edab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/71193.ad9560e90cdc0645a7a0.js | 104.21.10.98 | 200 OK | 774 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/71193.ad9560e90cdc0645a7a0.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size774 kB (773921 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/71193.ad9560e90cdc0645a7a0.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"bcf21-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2vlYQyfKxrA1%2FhFNvCMANrf26NEcKnJi3g3pDWcMx7cx9Gub5UjdkenUQmHUQriRSQQ9QcnDvtdvve1VT6rgZabuecn4j6cuHncVNaHBrBV9PFADIcGgUp13Ussxhtauh2S0P46LdfENLxAXS7QV1WEP%2FDD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdd6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/19263.fe32553ff71153cb7656.js | 104.21.10.98 | 200 OK | 6.7 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/19263.fe32553ff71153cb7656.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with very long lines (6802), with no line terminators Hash22004ec800dc7d91289b0f2b29cfb22e 54698e8664becd4ffa7f35cd3eb3be9d9c357ce1 3031275133c2f739865c83543d1130f56f98a103fcb5548177c7cd026f5de85e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/19263.fe32553ff71153cb7656.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1a57-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sm%2B0P10EkA1eaoByFvfMsYW%2BIfZtH5hQRiYtY%2FhEMEa1GpX7JMaTs3TvnAA3zFbK8MJQYJFkaYmG3aPCVlVIuaPSQSyMe0iqlSNFePogYyHF3Cs5qDY2vQtUfDL%2BHiqAATXRPq7K1JTuUepILSBJBNjdoKXA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142dddcb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/4650ae2583f4cebb91ab.js | 104.21.10.98 | 200 OK | 11 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/4650ae2583f4cebb91ab.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (10990) Hashaefacf14a0528576a759837b74b8054b c3769250863d85360b36096f544b1e9c9904c9bc c0ea7413413b3ee925b173f94f67a7753ff6a77c00759b004e417b865ad9b727
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/4650ae2583f4cebb91ab.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2b1f-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Upt4Z6F8EqIaAMAn%2B%2BbCLjmUwhh1sZSBO0hl0FLfF%2BE31Tu9PiVbhAHkayVthw0EtDCM3BnRsm4vzSzLSSRyPyYXKM%2BL7X6nCuciscx7QMGpVBLwG0RVhAsBMfB0A4pmM1rhiM8w%2FWAf7Utg%2BEPprfrGD4s5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15609d6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/62768.3bd3b009dc2945b07d60.js | 104.21.10.98 | 200 OK | 40 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/62768.3bd3b009dc2945b07d60.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (39620) Hashb6b6813d1e66352c0decf44454134375 95a172f9805fdeee7bf82568b66c493972b35ad3 b07bc7d7d0a9086f1b02065c938b99544f7d651295ca2c860b22ff02c482a239
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/62768.3bd3b009dc2945b07d60.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"9afb-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmczZoqAEhGHnBBjF%2BcGwO6z1SDswkIoe%2B0jvsQVWEv9GXPwxHANgoGuPQuyppI7UocpexB%2F7Gz%2Bpw3cw1ihOx4Hfe%2BftdgvC%2Bygz8pKfaJglVOUa4s%2BhrYTByR4l0wEcVbDN6YSCEfCMWIHH0okDwyTQ0eu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ed5b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/d8d8bb7602e34b57bbef.js | 104.21.10.98 | 200 OK | 164 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/d8d8bb7602e34b57bbef.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with no line terminators Hashf82bf1c23c9485e0017406246ad5bd7e 6edc2406e77fe53d60d5c955b76b6f34a5b3cd59 f110fea7669d1c9ada9bc6f23ebf0fa2ef1d58f2fc98b30d6d25de027a0b8afd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/d8d8bb7602e34b57bbef.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FxjbkgwKHrfnZoRZ24KJqYkeT9HENQXFYnWFa7XtOZhViPyhzGFwTo2QGBZQgjQCGhchEW9B%2BctKTwlAS6853VYtc3AVmj5dfwrjNQ%2B5MSCnAPLRFUu8zmU4mubLZPEQ0f6Oqk4bU89gD%2FPnqeoIWWWIk951"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a4db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/1af9bdf041e000508e41.svg | 104.21.10.98 | 200 OK | 137 B |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/1af9bdf041e000508e41.svg IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hashde7079c084523cbb534e908927ab5519 cd4e81dfbcc142ff38ac775c9302f26d3bd28fa0 b5d51114897461dedb697b36086385bdc8b62f56da6914fcec198644a96aa65a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/1af9bdf041e000508e41.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"89-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vypJFaY%2FXLeMCvikABSUudfZ1PWPGXTErSBHZv9W5CzACATc%2FAzJIgEeazhtGOwaQw%2BEmVEwmQ1WlTcNWmHGNI16Hi4oUQKMN08lEkVRdZdttvZZ40P0CPzmLEr4IssInvHPGk1Zs6R%2Bf1HQ7HldIXD0t65W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a5eb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/adf75861421c2a6a6269.png | 104.21.10.98 | 200 OK | 1.5 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/adf75861421c2a6a6269.png IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash092b071c3b3141a58787415450c27857 d7002b9404799e18bab34e931a6f2e23ab1ba3a4 f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/adf75861421c2a6a6269.png HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:25 GMT
content-type: image/png
content-length: 1532
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"5fc-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WY7xrwTpmcrqRraPKecMP%2FZ1iGBVROHciioT3oO%2F4DimiuGk5bbD7qJZdSPfsiqjsVctkyIAZ4g%2B4c1KwR1f6qJoWz6glIUL7tyds4tODcqYQbcK5yfMyO9pjgGkj8Jb0cX9nD8KQhVhL%2F6vPg4jsPWaxsvM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15b8b57b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/22843.1bda3edd4dd152273661.js | 104.21.10.98 | 200 OK | 21 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/22843.1bda3edd4dd152273661.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (20995) Hash3d7d3c6641376eab526dc37c2a3aea87 9a4405500ec4685d070b940e3e58dbe95ebedf94 8bd28e45bdf228abeeaec72fec246300bf1a2d85ed2bec3710889cb3ad8b72dd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/22843.1bda3edd4dd152273661.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"523a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w5wDw1ElMZFFXV2uzGIc2wLjephuAE%2BYzSa387%2BZs6iUhe8cKTXv77%2BG7Q1iGuEOECI6NKc6tpg1Ob%2B7GdTPS%2BcfMCZ7fZu6DTHSnCgCKVXEmvDOhIQFg8WMk6tUfs%2F6WmZJOKu2Kxa%2FJkzBVJJQyqRvgMUI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142de0fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/80083.7fd81fb4889aa662cd19.js | 104.21.10.98 | 200 OK | 26 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/80083.7fd81fb4889aa662cd19.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (26162) Hash0abbebabbe917f168094124bb3cce39a 9de38e8e88c1c3450db921ccfcaa3afb35563194 21dd7691eb613640f3b6e7ca733fbb99374430c34523f31fbeeb877ca8c5c494
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/80083.7fd81fb4889aa662cd19.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"6669-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JohNhPJ5tVJ7i9Fog9WCy6O1AW5JFO6OELipsZ%2FZZCL2%2BDOvYf5XdNIFoXSt9Z77Sy8sQ6vBs3K1M11WreP0xZEtXZHmnJMuNyuAJNHJEYEXFCm92Bm%2FvBGW4mYL0O%2BdfO%2FhdvQGlsK%2Ba%2FAOGfKlQAwywI%2FB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ed8b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/e9e649f003bbece806b1.js | 104.21.10.98 | 200 OK | 16 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/e9e649f003bbece806b1.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (15715) Hash6a513e08bb57247ee2a7f7f28392d957 9ad8a8814f81f63d7e6302f913b45a047f2e8985 e6a791274ec54c4a3ac6c8b2f7a2689d04e9579f00b218e9e849abae247c0fc6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/e9e649f003bbece806b1.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3d94-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0akGVaNPZ1KEnQtlCYQS8TH%2BKBbgGAGiCJ12V3ghOWgtxMJN%2BmM57eA8137BzCZ6ZP9FbsiIOlrGJIaho5CO58W1RriLjnPDU8Ddtx%2Fy8pkDC64VGILFKL2NUNxgMfxvrNE7yeiVZby2BhFMXN6qfVC9Gyk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15619e7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/25f1e66664a140ac84c9.woff2 | 104.21.10.98 | 200 OK | 182 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/25f1e66664a140ac84c9.woff2 IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 181532, version 2.459 Size182 kB (181532 bytes) Hash980082c4328266be3342a03dcb37c432 4179f54fd61655067a20a2b37224fde3d8e5024e 1b03dae61d613604b3d41d61cc4bc2e05f19bd27c7ff2638242f9036f2b8794e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/25f1e66664a140ac84c9.woff2 HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: font/woff2
content-length: 181532
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:09 GMT
etag: W/"2c51c-18d28d95808"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLMedtMF7GxeX3KY9mlYUecJQBYwl5TxgZOOYxn5%2BbDEgS%2Bb%2BESky%2BoqF4TOQbO85Ij%2B7Y%2FhRBsoANiZa%2BiEPcH0aLGMDe5IOXteNr0dde5vYAQ%2B8rGspA%2Bd4eaGvAj%2FXlTvvdOCeopauAiiIqpkTqgBmAVS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1566a94b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/56145.19258dcaeb421600cd44.js | 104.21.10.98 | 200 OK | 213 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/56145.19258dcaeb421600cd44.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size213 kB (212738 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/56145.19258dcaeb421600cd44.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"33f02-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgWvq8JHoFMb8jijgKUIRo0eVL5pnkRKQ6JrrxSXlDamWfIbOIlGAVh5IeyJksszzuIXK2rYFnK1hrd4TGW4Kctvajh2hZnMZVTE8jQkZ5iAV9m9OxFa90zOn07wukHpeCx1PED%2BvC02PjT6rK97Nq7%2B3lG6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430eabb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/13942.42b3309fce7f57e5eb63.js | 104.21.10.98 | 200 OK | 141 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/13942.42b3309fce7f57e5eb63.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size141 kB (140709 bytes) Hashb57f45095b443009c496ab1c1471be7f e9af53d0e3e3ab155abafa07d23c79dae2c71f2c 408ebf752cddb6bc3782d7266fa4a7aa759bb9d4255f8d17cc7aade0ecb971b5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/13942.42b3309fce7f57e5eb63.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"225a5-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwSxdAhAEGbAMcEZHQFX3E4IYXnK2oQK5W0b6gtDM1v34eKw7jpZ0F8KhsAPkNMiKhrNrNcWpOKs%2BXCs0OSHKGi00XoNzjrhBxjCela1A7QinthDLgoRRzSs5Ts3s1261SfjJOIMmMB1QKYCXz6dmy9kbuGZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142de19b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/43870.0bfb9a80f88725fba82a.js | 104.21.10.98 | 200 OK | 13 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/43870.0bfb9a80f88725fba82a.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (12536) Hash4a5dbaaa2de36a47b31cfed187c7010d 2dc2fe96364b7908203d990daadb8a927b3ad490 fbcde0bc982ed39ff1a8f01ed530ec98f3dc846c75b6323dcae398779766af74
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/43870.0bfb9a80f88725fba82a.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"312f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I3HOIxOgogd%2BmBWVgxaR7bGSdtObXtMyt3xpqIACRlzRJI22Eq7lEHpxWvAMuIrfFAjuGVJphoP2YNNvsLh2fVoW0XkkAgxo8saGiNFQqt4bM5TOM7DJjDY4b6LKgzTU4ZMNOv44yn89OqogDVuBGGXZWjhi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe4fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47146.d5c177e816a2cf054d31.js | 104.21.10.98 | 200 OK | 44 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47146.d5c177e816a2cf054d31.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (43856) Hash2dd911fe6af5b351702811c2d2dbdb35 6d22418ce848dafc32e9e0f8224fc6ce13a8efaf 40e9ecd17a864fde103d7ac450a265ed91814c0dbf4ab22f26df913e1f724969
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47146.d5c177e816a2cf054d31.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"ab87-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=viNFPmvtRKRb1WfKsmVEDi7%2FvzO797oMBhKpcTtphClULebxoqA2PQ%2F4KBb3L01Xs%2BlmXMoCaRJJN4RIfmMfirgVPjDaIhI%2FXxCKxKLTE1L4tZhPEzE5PZJc3cONFSvF5LJhuW1XfQ3ARBwmf6aUe3viFVUz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe75b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94491.6feea119a246906e42da.js | 104.21.10.98 | 200 OK | 30 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94491.6feea119a246906e42da.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (29770) Hash2b097f530ff3ef39552a90e18a8bd883 326b60321000b059a090e4ef046b9421d64962f5 dd4f80fbf943312c9ed47c07c0cd767cfa20d3657f0b50a5787704991ee85f00
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94491.6feea119a246906e42da.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"7481-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x8zTRvz2aaAZVwlIzg5InDDFgty0O%2BYjVypsMFPlARNigPbdAXZQOEE1olfL9DaP97lPMkp7fEI2c%2BfjCQ7XWzuC1WhNar%2BHnMn27s1yTk8N%2BcKG8YMyMLKTRRRVWrr%2Bo7J%2B5l%2FKOWEJVQEzVndKZrpdu4GU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430e8ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/23356.ac12463556a44bd7b330.js | 104.21.10.98 | 200 OK | 1.5 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/23356.ac12463556a44bd7b330.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size1.5 MB (1470465 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/23356.ac12463556a44bd7b330.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"167001-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GtK3NbnlTE9jKQPFb4FDPHhtU%2FdyRSrwccdEbvz03HZP%2FtpwFfAK00jmJBWu8c%2BmK3DsJ1jfaejaXRQ55I9tdiuifokyzIIdhEmVpK%2BsVzccucUGac9Ae7ZNpmVKx6W0sx%2FIVYje1FAwbJ4KmwynSYZEIEzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1431ed0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/6eba4b5678bf2ff1c053.js | 104.21.10.98 | 200 OK | 45 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/6eba4b5678bf2ff1c053.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (45008) Hash837a213770a91c0bac5bc9e9c90010f2 0607bcf00f83d5529a1948a9214e8926dcf7348f c615595bc0fca0392ff1f30597dc0ab1cc6bf06493ce2f283bc30736a3083c30
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/6eba4b5678bf2ff1c053.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"b001-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3qffzNrNT6sO7kouO24qw2KQ7itBs3MHNOzW%2BhT5iQEGWkEdYx0SiiDMzsdeVdT45Q2tCTCNBGUoT%2BjrV5jH83zuNHCMW%2BAog5%2BoKZxD1im%2F5MD8C6GszW0WqeVu4rMAhOENoX1tZM8ITFKCgISlXMMNThK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15609e4b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/55695.a2abd2a754a025899810.js | 104.21.10.98 | 200 OK | 959 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/55695.a2abd2a754a025899810.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size959 kB (959311 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/55695.a2abd2a754a025899810.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"ea34f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9QTd9nb9im2QHYg7BCp4Yvhiuo9IEtu4n38%2BRiLUthVrDQsa34xsCCBvRim23vCLjXm7m9i1d4QMst%2FwsfFUtlXsJVSLBKDybBQDLdmWvrpHzOZz2wqfhapUwA4vikz73iSha0frE89X5EvcMatHlJ7YTLZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ddfcb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/94751.a83f5d49f2a33eb3efc1.js | 104.21.10.98 | 200 OK | 1.0 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/94751.a83f5d49f2a33eb3efc1.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size1.0 MB (1006633 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/94751.a83f5d49f2a33eb3efc1.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"f5c29-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22VuYBPBRi1NayWhBSi0azlA9%2BMweXtLnuc2GltWl9f9YprMST25sgBKKTt3aDEuuS1tEU6GsB4s22YPLapqj2pmyfTp%2FiENeyELREcnaLhF2bFvEG1KVcwn0uy6rK%2FxudJYDzmW1kuHAVY4CeYDrgWj8zo7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142de1bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/8240.59954d342c818ac8b70f.js | 104.21.10.98 | 200 OK | 81 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/8240.59954d342c818ac8b70f.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash18dcf8fa835cfc1860e0869ae9711d8a 372560e730d7725d0d486544b57f7ca5a1e740a1 3bc562cf2f8191b1220d710ccb7cfba8dd0eca628055f0fc4bf98b0f8e7289dd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/8240.59954d342c818ac8b70f.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"13b4b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpe58q%2BipTOPkmLPacTe%2FMZk%2FgZZkJ99s9AsxL%2FBkLY7uEEUy71Rxfl2bLg%2BhHEc2F90zWn85HweAUwWR1uL8vPGy%2FuyKqTuQH%2Fod6Ii2xKpbAsK1SPFs7o35jUQKqtzHjvdjTUoIQL32Kp7gFE%2Fl0IO4N5s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142fe80b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/17605.396d4d0fd6f31f0ccbc9.js | 104.21.10.98 | 200 OK | 149 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/17605.396d4d0fd6f31f0ccbc9.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size149 kB (149407 bytes) Hashd76190debc34ded2033eb596d275c6e6 1d65e4a7e5bc735bff02c5fbb1dbc89d31cabb6b 8069a865a2a03e1afbe4b88edf980d24295d5643a48e180f71f84373ca3d76d5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/17605.396d4d0fd6f31f0ccbc9.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2479f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e91xJ9GL5phA2L5%2B8P6i3iVhANLqAnJOsuDyeEagpAWXrXtCigSBphn4I2pplDpyDFshemZ3W8kyfJi8ELZMPJk6KhJi9k%2FHrA3qzrKa6De24wh7gEcPHvEYgYEROnzT3zIGwc8%2F90OV4kqYuODOz1Mx3NVX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430eb1b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css | 104.21.10.98 | 200 OK | 2.0 MB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/app.efcb8c8bc767b60fbdd8.css IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size2.0 MB (1982257 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/app.efcb8c8bc767b60fbdd8.css HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"1e3f31-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ry3U4cwb05%2F%2BF6iWY23ZcUTGAwz0Zhup8nHE3%2B%2Fzbk8h%2FFTd%2FdjLt6ttmhMyN3MKYdMjrb4t7IktAyJx%2BmkV3oxIkvhqOqoROWRvQ7VyzgpK7mCDTbX75IYQMlWwhYwlR5n4gXsy0S76t8rI5Ef0TZr%2FW6ua"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdc0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/api/v9/auth/location-metadata | 104.21.10.98 | 200 OK | 111 B |
URL GET HTTP/3login.discord-bot-verification.xyz/api/v9/auth/location-metadata IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash85eacb562bbb530202e85ea94c46283e 69f432337fb66ba9961666f6212dbd2b082c43cb 2e42e879137f2011d68a43698b438087f8151df6aa54b605f1fe7d3bf99cd642
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /api/v9/auth/location-metadata HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1238198906362265752.9wA1W2JFYqaTj3CY5Eiyg9S8erc
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uYw8z7a7H1LxRBdO%2ByaErhO6eIXBfiwjZbdz1FaKsda%2BNZo%2F%2F%2BZc7%2FoPXNuEwMvlodUcTW0t2JbiZlT%2B3i%2BfD00d%2FojO7ohTvQ5FcE8DNyJz8IOPBtQPV8jj3dy"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=99aabf880e3311ef88b112cecebe3f69; Expires=Tue, 08-May-2029 18:40:25 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=99aabf880e3311ef88b112cecebe3f69428b68315d163703a86da5d72e6a625186820cae3768b35947d6bd37446f6c6b; Expires=Tue, 08-May-2029 18:40:25 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=3614d4148ebe7bf194d9897c397fe1bf32c4738a-1715280025; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=kZFNcBI1p5H5WUhjJHgVJdvHqXe6jPrTdYCIj6zbawA-1715280025680-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"6f-O8EuL13iL1+dnZ/7Ku5r5bdRWNA"
server: cloudflare
cf-ray: 8813d15b7b3eb509-OSL
content-encoding: br
|
|
| login.discord-bot-verification.xyz/assets/shared.20ac0e19e560421c41a2.css | 104.21.10.98 | 200 OK | 475 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/shared.20ac0e19e560421c41a2.css IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size475 kB (474928 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/shared.20ac0e19e560421c41a2.css HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"73f30-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aEmV3TeYx3V0KV4%2FasoiAx%2FZOBCe8GWDud6Sh%2B1clRyR%2FhB9RJZ%2FEpG%2FbW%2BLkrVbS4%2BWH4Yxnimx%2FDaMS08ul7DV1ml38iM6W9RYXB8ARS3znQFJVs50Y%2B0KTvSc0yghoo0UzUC9%2BjSLCCdeS2SwdRYKY3G1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdb4b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/a826e445dff97cf15335.svg | 104.21.10.98 | 200 OK | 2.1 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/a826e445dff97cf15335.svg IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash1ff7f50b770d68712d36c79ae6121521 e3fe855784e971e2c57de12e878aa073da7d31bd ad965cb39af806b0543af5c32ae34cd0b136dda9272e6d877b067cd00563e048
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/a826e445dff97cf15335.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"80a-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmSXP61z0yF4wVF9z%2FH6McR2QrvK8fpZhNy5pmq66DSNjOtwNvTrIJHJEdY2Zb5nmeG%2B2YB3AgJA6%2Bympoytjf0wU6UYTQiXr%2BZkvx7TIBIrGPkcV8gJXATsec93j%2BlMX11teT8MCjaVWqo1gqcdQveSvieX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a55b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/23992.0430129d8ed977cac0d4.js | 104.21.10.98 | 200 OK | 14 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/23992.0430129d8ed977cac0d4.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/23992.0430129d8ed977cac0d4.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"37fe-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzmnSAmL4RX%2F6u8TYN6aPc5PzcgrBt5JP2L3aRMTbcvuxd%2Bo15yyaQQZtp7DxvGm9NJrU6Al4s%2B5JyYp7f2%2FBm2xyjaQ0Umy9a0Auxtj8byg1%2B0EPZCEGP5WlAC3emaqBJ5lJ2MxlcZkQ3FNmsi9iVi%2F760Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15619f1b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/40876.477d9a39902b14c7bd0a.js | 104.21.10.98 | 200 OK | 39 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/40876.477d9a39902b14c7bd0a.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (38897) Hash167366b2e3d129cc3dced1a4e7dbd82b 62a0800ba5389dfb92136e31c08cfabacdccb8fe e943c9ed5fd4c16dc88029340b62dccd9afb900ed4501c7bd14e6264a34df983
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/40876.477d9a39902b14c7bd0a.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"9828-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2850mFk1YiUcnSwH47duNfKjx3UEie065J1P2bgNLbvYMNxue9yKH%2BkeQgw1Q9qIlfrwNRFRL%2FyhTwSjmQVJ87%2B2k2Y062aw2oW9XbmhaHYt%2FUnpBkETZTzbUCVyuxfDCA1KEwWjxL0ySg%2FZ6o9TY%2BTpxvWw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1433f2bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/7273.654bf842a369e2d3de94.js | 104.21.10.98 | 200 OK | 484 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/7273.654bf842a369e2d3de94.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size484 kB (483947 bytes) Hash8da1faca35a6cf1029dfc42e48b9c810 45f463dd73d51dabbb399d6ae6a4c1f16019e50a 14acf9e94dd9a0cb4dc91e43f797654258398f2c91ce40aff16960d049111125
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/7273.654bf842a369e2d3de94.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"7626b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vyShDS0nWV7bBqf%2Beis9cKsfUaOCRpX0jdtJpmlUNtDg7HB9xl%2FiXVHbWXOE7QwqJiaWEDVb2RbabWJMtQQ9y5%2BUGVqZZ%2F8%2BMJvJBkjccRgXQVbadT2f5n%2B647Rx1UBzuyJFrg13pubRfFmex18cdJJD3tGN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1434f38b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/64999.3c0486790babc24c66a4.js | 104.21.10.98 | 200 OK | 201 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/64999.3c0486790babc24c66a4.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
Size201 kB (201090 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/64999.3c0486790babc24c66a4.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"31182-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6y0OYefzo7DaajVG0zdTFkcPXmF1OgMofSF6UXuaKgperERZCcpJsCVY7FuMefYrPeg%2B2M%2FDtptRQSkFRLiIn5iMjNAnh0hEt1FM5rutE0mJCDzn22GztF0qdeq3xV6lKYcXmhGPlYJomS1k5Gq2GBTbwZf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142de05b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/66701.1a83dd6990836d80fe7c.js | 104.21.10.98 | 200 OK | 11 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/66701.1a83dd6990836d80fe7c.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (11178) Hashb2c21f2a66a342876b66fe2ccca32047 d6c8eaedf6bac6cc072935d1607b9387d912e2a4 82651ceeb7e2bd56422c831f2557e259f8e3ce6cf4e47020e5f0b4f13c81562f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/66701.1a83dd6990836d80fe7c.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2be1-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6iOCMD%2FMHOhOT%2BoIWQ4F7G4OoesNx1UEfsRVoB%2Bv7%2BIU90gQCfVBATTUF35Uk9DVo50yMYHlE0zLCcTMMQUJ%2BT7Ig%2FoOumXQuMv57E5yVU7ZSmyN5dJK9DnQrfqjFSPX%2BADlQNVunRgFPWATU2uzFeReqr1t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1430e8db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/44d5e1639bc492dc8d62.svg | 104.21.10.98 | 200 OK | 3.1 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/44d5e1639bc492dc8d62.svg IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeSVG Scalable Vector Graphics image Hash02799b7410be627fa7a88303875c8132 4cd594b6972f1081641e15ec286e9bf5a6786b2e 004f3b15b564c0aa1283e18e84b1f4bbc714f5ffedaa5dabd7281c01b08a559c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/44d5e1639bc492dc8d62.svg HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"c4a-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2B1dxtRXmWKv%2BO9x1%2BhiXJs6orVCjwP4Vxhoz7Rk1f%2BmxkMjBcbPGW6zm%2FtEeg5kVRQdU%2FntDb9jG3UrlWK7YsFrs%2Fyy781py688N1oFcJVE919bWrrpJeJ0W4n1gQRvV2hktm%2FZxOe1IckELsErbdQgdkZx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d1564a68b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/31717.335393f06f604050b43d.js | 104.21.10.98 | 200 OK | 65 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/31717.335393f06f604050b43d.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (64808) Hashf21348f766d7fce1d259877b826da099 73baf8dd6916a60dab75cd1879feda4b29a090a8 bfb3e51c1397bb6498dd873eee144f50271c74c4630bb8ae0d55a1da8aeb9863
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/31717.335393f06f604050b43d.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"fd5f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ERHz%2B%2FTjTiVMNdgSuBOr%2Bne1IxrRSWoSUVGYMyQ4ImovNvkPV8OcmJBqgyoReTNMM%2FNyyFcxMzATVBnwcTKRdok9ONzOvqKG4CxWDe%2FlZf7waWDDz55OJncmsUmYDZPRoLBdjtQH%2FTAEaxu770pZjL7OlEwV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ee32b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/96634.06d9840e14d8b8f41b43.js | 104.21.10.98 | 200 OK | 16 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/96634.06d9840e14d8b8f41b43.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (16229) Hashb924f4be14a3e2330a86646c12dd033e fb8f63674d6d1b4a937d5e293bb46a10a384bc03 d65f5776f04bea788fecab1869863fdbd743604e16b45c40a3a5c91029b80057
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/96634.06d9840e14d8b8f41b43.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3f9c-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1ICtl3ewOnufHeqZjgBWzpcCi1rfNdFj0MiGa%2FE64u%2BqBJB3YOgUGAF5ZoJr%2B%2FDafEggnSrZb2%2FyVF40WyWKt3W8AcIq9mZbtNcMumCrGhvqhQ0CrD1%2FDkYLHaUHQmmfcq6TtT%2FKfRi3qNg%2FzCkQqEJh7ZE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d15619edb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/app.046be1857b9835ad19e7.js | 104.21.10.98 | 200 OK | 684 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/app.046be1857b9835ad19e7.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size684 kB (683933 bytes) Hash548bf6aaee7185ceee59b635b557dc9a 75c298df5f2397e4218d17de297d781fe169b461 4a0fbde1b61188ce3cda8fdce6f655968b6264dadea210b0434dfbb667f1a4d6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/app.046be1857b9835ad19e7.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"a6f9d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ckU%2FHBgJ1MV3XtzasKL92a7Le4N0p3akBEvKaSjLxOgvkcuLJ%2BiKjkL9yllHpdfAhZHkk8pqDA%2Ffs8%2BwN391jPMFFx9AOHviBj0fdhWBF5ZTJRY0EyeVtWXMaK6voEzgpu2M6ri5rBA1vAeh3R%2BTdaXXWAI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142cdbbb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.discord-bot-verification.xyz/assets/47387.b94323b63bcf5c32ba76.js | 104.21.10.98 | 200 OK | 80 kB |
URL GET HTTP/3login.discord-bot-verification.xyz/assets/47387.b94323b63bcf5c32ba76.js IP104.21.10.98:443
Requested byhttps://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerLet's Encrypt Subjectdiscord-bot-verification.xyz FingerprintBE:04:05:FD:D5:5A:56:AC:87:6F:30:10:69:B8:DB:34:51:31:7C:95 ValidityTue, 07 May 2024 04:28:39 GMT - Mon, 05 Aug 2024 04:28:38 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb235b236312169e0db519e60c0d7eea1 6d34c175ce387b8bd435ce463d44706f08e9137d 03c0d5a0ff0b821c4ceff908a8fd7e62ea9b881711023244449f71455215d00e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/47387.b94323b63bcf5c32ba76.js HTTP/1.1
Host: login.discord-bot-verification.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.discord-bot-verification.xyz/login?redirect_to=/oauth2/authorize?client_id=1236186117578162226&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHNyIGcShVWqxWbaBnSYplMxMEZ2p0VMtmSzImaOhVYrVTaiBHZyI2cKl2TpRzVhhWMyI2aKNETpNGbSRVNF1UeVlWU5V1QPhXQq1EbFR1TsFVRPxWWV9EbBpmUslUaPlWVXJGa10WSztGVOBTRU5keBR0T5VFVNNTRq9UaNhlW5x2RjRjVtl0cJlmT5lkaNJTRE90MVpnT4VkaORTRq5keJRVTp9maJtGbFRWdWdVYz5UbJNXSD9UMRpXTxEkaNRTRU5UNZpnT0UkaORTRU1UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 09 May 2024 18:40:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"13927-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlK8%2FvQRUtlstMA5wzf7Za9QoWuZHF1Mf1o61As0YqyFmv0d2%2Bvjmnu3GDC0vnvS%2BVqVOpLkXbia%2F1t0kTQuySjlm85tdjMsQ9Lzgpiz49OXhCaZeC3w1ZCFaGCtyIQhRA4AlMProp%2BhKBR5QKpSCfTsaywa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813d142ee30b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|