| login.restorecord-bot.online/assets/21396.259a270b7e3f8803a333.js | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/21396.259a270b7e3f8803a333.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (14756) Hashc74d5b820b3ada88a22cf587816c396f 6234d885e01df794f61cb4f40f67b2fb9f7adebd f693e1a4e6fac3c7d5a97cf8ebc5e28ec4c1aebeab83580734ca143563efdb14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/21396.259a270b7e3f8803a333.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"39db-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BpCX%2BMCC13a1f5A8gd15YMfaRYBvEQXb%2FASOfn9wwLVnjrYPAWZYhvCRyJzcTVazHx4DsMmFACanaRWYo12VbLur1m5LdqNmVFqXXz4COpjbvHk57MQ0RxO5FtUpDLtAAowJTMdxkiViYcWeyEK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc91b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css | 188.114.97.1 | 200 OK | 412 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeUnicode text, UTF-8 text, with very long lines (65533), with no line terminators Size412 kB (411902 bytes) Hashcf359de6b210f54d11231900de9c35ae 8125863f482cde1fd95f4596f9d77de14d2252ba ccebc2bc21a0ec232abad7f2f808b0cf1c6976ca6856169636ab9225bec4f51f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/app.efcb8c8bc767b60fbdd8.css HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"1e3f31-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuPHmELVDiB7uRagMgIsSeQYCN3CzJbeDphvDZ%2B%2FdTHxhEYzoadtkyD2KsWA5dd%2FwETK81Eg5kX%2BQ8uqFhFY%2FUrzZUBjGhi1EnP0qsVK1VVRb9X7sUVvreGii%2FATOGO%2BsN3aktZTxfU1d5RUKaC8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc90b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/71193.ad9560e90cdc0645a7a0.js | 188.114.97.1 | 200 OK | 210 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/71193.ad9560e90cdc0645a7a0.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Size210 kB (209931 bytes) Hashe6b9f86d68fc88a454bed8b81158e529 9ae9a21a7bf019fc6ab8d065dd8dd89ac7f2143d a96fe0b3238b5e4762cc5043dbe0f8d4c624a40e5fe89926c64245fa78f19203
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/71193.ad9560e90cdc0645a7a0.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"bcf21-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lRWT0FZFFgy1tp2Htu6RNGX6tgcRXfFO5aJ6%2FENp7U7Ywn9PkGzdgMP7w9M%2FB0%2FmBKpp3uRjBvffjX8G76ptLfdcFSw5Vznb6lHrqd7YggNCA%2B0HGpSdQQmJs2DgMmR28PeJ8XSK1alKvO%2Bzh1Fm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc99b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/19263.fe32553ff71153cb7656.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/19263.fe32553ff71153cb7656.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (6688) Hash5fd723251a1e17d611269f0674084095 ca252c44ac32b02eafe62a65a5e0c4f8edbcb81f d5c3b365ab99628486943a64931b06e1b7278042185e8546e710c445f5676873
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/19263.fe32553ff71153cb7656.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1a57-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXyvsH2fc82AQK%2BfJXEf%2BiAuhTwgoObmbNd73YHS6%2FgH9v3jD7LURiILLjYEzHqiLSoDCs%2F40v%2Bdo0UDCwMS1aTFEPDaJ2dKPKSZM61DcfupuCivI9Zh662c8DxxJKkkAkB1wACed8fILJdo366i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc9db512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/b9811218b3a54ad59fb2.woff2 | 188.114.97.1 | 200 OK | 65 B |
URL GET HTTP/3login.restorecord-bot.online/assets/b9811218b3a54ad59fb2.woff2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with no line terminators Hashc7621ccdd6a8ca9b681b2def747d72a7 61c3dbec477606bebcf5d6ccb58f26659651d0e2 135667d8b38dcb9372bf4d65eaa44fa5438d0b06831a2cd562eb82b8d44f4098
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/b9811218b3a54ad59fb2.woff2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QbBTS90f6g2zx5QV%2F15Q0nCiwRwQHQTvmNeRzTOoDbtPzuOnUj1zcWMp%2BVYogmscpwdvBjrqtoYkF%2BBSLHLsPygTPwTaie1N3D2yw5jV9oSyyIwsDyzsa46dH2Z%2FzRYoc4L%2FvURhZt9en4f4vV1f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ecbb68b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/cdn-cgi/challenge-platform/scripts/jsd/main.js | 188.114.97.1 | 302 Found | 0 B |
URL GET HTTP/3login.restorecord-bot.online/cdn-cgi/challenge-platform/scripts/jsd/main.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Tue, 30 Apr 2024 20:49:24 GMT
content-length: 0
cache-control: max-age=300, public
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nt2Z9bZunR6a69PesKvCNswVZBWk%2Bhq8NQaOrYR3eWfSBhUBlrvymHvK5PF1yt6jrCz%2BIkVs53nhoyERHV3ug8%2FwXtFk8WPWV4UpZi26HwnuDc%2BkhBn7QmVeX1ytUJ1EHRM0WmOFC8nz4PwmCbYM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef1eebb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/25f1e66664a140ac84c9.woff2 | 188.114.97.1 | 200 OK | 182 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/25f1e66664a140ac84c9.woff2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 181532, version 2.459 Size182 kB (181532 bytes) Hash980082c4328266be3342a03dcb37c432 4179f54fd61655067a20a2b37224fde3d8e5024e 1b03dae61d613604b3d41d61cc4bc2e05f19bd27c7ff2638242f9036f2b8794e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/25f1e66664a140ac84c9.woff2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: font/woff2
content-length: 181532
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:09 GMT
etag: W/"2c51c-18d28d95808"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nqn0rFi31dnrFMpKbSDEKkWE0X7bitoHs1kGj3NVXALGvAo%2FZQgehfVN7l27HQztgPIR%2BZqCz3EvbL1W6EMe7zxbNHi48a0fzJ51Tk%2BX65FVVX5vW9n0OYubJMyJagLeGd3Si3W9YC%2FgCfRGIaQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65eff827b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/api/v9/science | 188.114.97.1 | 204 No Content | 0 B |
URL POST HTTP/3login.restorecord-bot.online/api/v9/science IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1234969881498353775.SnJFH4XR-NAuUNXNGfMoH80ylPI
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 1026
Origin: https://login.restorecord-bot.online
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 30 Apr 2024 20:49:25 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PfhorG%2Bfp1HwiN6x%2BWwP4lT2fQFwSoFbtV3QgS%2FQSAacv5QcfK%2B%2Boegb5K%2BDx8S7O%2F2JGe2WetnFwGucLlU1EpCo5wpgenIki6Qq3Q3%2FO0aCqLp%2B%2BNGEY9D9fTi"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=3fc3d8c75a094ac4edd13511362495b91cefa815-1714510164; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=JIExs_guNivZBVZbqxyKqupk6vsj5N27KWegufHi1z4-1714510164957-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 87ca65f1eb1bb512-OSL
|
|
| login.restorecord-bot.online/assets/images/favicon.ico | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/images/favicon.ico IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeMS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hashec2c34cadd4b5f4594415127380a85e6 e7e129270da0153510ef04a148d08702b980b679 128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/favicon.ico HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:48:45 GMT
etag: W/"5ff5-18d28d8fa48"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NsjkJUldZyyo6wFSd4WitJclmN%2F3G3LWtw7aRTYNXElf8X4RuoYAkNo%2FgcOTq1Y%2FzGDPts39R12FeUXCqIJrcmhyjNij0YBeQ6AEwrEWyqUlGKUN3JJEmhBOLeskNrCxEEtzzlZ5lDPvXRRQc4By"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ecbb66b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/f84e3e81b8d0718cd917.woff2 | 188.114.97.1 | 200 OK | 65 B |
URL GET HTTP/3login.restorecord-bot.online/assets/f84e3e81b8d0718cd917.woff2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with no line terminators Hashc0caa8227e2754f8440029c42df9f7e9 cc2f0e3655002fdff933711fabb53d63c23cbfbd 89a8e6fe1c595fb5fe77edd74ee8990458ecbf2941bb44e60ce8d96b6fde660f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/f84e3e81b8d0718cd917.woff2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpSnWhQM5Qz1LGbZb94THQ3LTKG%2FARG40GP5w%2BqUd0OavVhENjflr%2BS6HnqP06xhiLn0z53KUKN4wUdbu5rw8p6qnWuk5ARX1ffx3RJ2mYML15sOxTjMSiGuX2%2F89SqVbS%2Fgm97n8UMbl5jd77vQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65f47e74b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/22918.9f2b9d54bbfc371a4d92.js | 188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/22918.9f2b9d54bbfc371a4d92.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (18420) Hash5c6249fadadcf61985346cfe7e1b7245 0cd8c3cadd55dea165b09b350937732c9c63081f 79f170c6631891285f067a393d02bdc4aa9e270c83c2c0fc144882faeaeb71f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/22918.9f2b9d54bbfc371a4d92.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"482b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7S%2BezrXnoTnEG9hPiasl9COwG3KvGPM6cAdRI7GW1Gg61i%2BzZx7pdQ8IUWQoORmwlQSblpoBwhm54IzETWhUaq8oFdeVluX2oMAtW6awwsGopw4knSpMF16N2sgw5zyoiMTZ0jCbyhsI2t9GicQ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc93b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/44d5e1639bc492dc8d62.svg | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/44d5e1639bc492dc8d62.svg IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeSVG Scalable Vector Graphics image Hash81084ff5a27b6e6ff487e479c37d1660 81a274f69a1358f85715a0fea227730d795cb353 075de1d6ea4fb470197a88ba371f60f70b819b250cb5af8bd6a4794b1a9ca4a1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/44d5e1639bc492dc8d62.svg HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"c4a-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AGkIec1d0t5VXxnTW19JfRlTYq7%2BlmKm9XgsssziD0cgKgWi%2BK6d%2BnG%2BBEWl%2BVQtW6HmfEI23nlGs%2BoA7%2FNwS2JyzXSgJloHXiIOCD9iAR%2B1W7oax1TJwuTb%2B%2BVtwJnO0u%2BQRVcYMzI%2FtE69X3yg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efdffab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/?v=2 | 188.114.97.1 | | 0 B |
URL login.restorecord-bot.online/?v=2 IP188.114.97.1:0
CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.restorecord-bot.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xer3AEeZQ3k0xDXHeH4/0g==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 30 Apr 2024 20:49:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6Lxx0YXKTmYjVneuYV0GYpRabm4=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2VNCOix%2FmhcEVDdQz0o6B2jzpO6ZySGV51S7vwdbPhEg0McclZ6QN2c%2BtVojeiAv7EHrpVdSzBoI8fI%2B8wMKIUXt1OxukC8i%2B691CmtcxcuN7wvwd2B%2FfKUKK63IU4cTNexMihLeYfx1EDks4OY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ca65f4caf756bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/40413.ee00763112ee8df65f08.js | 188.114.97.1 | 200 OK | 4.1 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/40413.ee00763112ee8df65f08.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7852) Hashf0986fcfdc0641a2f3aee655efeb8a6e 761bf94f6be23c58d5635cab8c3bb6931bba4ad5 e491218f2b01660c8ce2cd1be5d7681b253c644b57e6a392fc792449415f2187
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/40413.ee00763112ee8df65f08.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1ee3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdVAGCvhb3a5bakdl%2F7dQgDABYt1QgkM0n3l%2FtihzxZxzGnq9AqYiyVIpX56LOGYJf%2BeQcXiiu2Y1o2%2FJBJaoc17G416%2FdZk05bTs77OgrP0cEW1CMV736s6zzT6dLYHI2E6IVsA5G%2Fgn%2Bk7G%2BFS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef6f49b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/e0ece3c23b33d18f4d00.woff2 | 188.114.97.1 | 200 OK | 187 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/e0ece3c23b33d18f4d00.woff2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 186744, version 2.459 Size187 kB (186744 bytes) Hash05422eb499ddf5616e44a52c4f1063ae eab3a7e41cbf851df0f0962ed18130cf89673a65 c1d71bd80fc3ecf5ef1a97092a456a046d55fd264be721f2a25be3e59ccb8b2b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/e0ece3c23b33d18f4d00.woff2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: font/woff2
content-length: 186744
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:41 GMT
etag: W/"2d978-18d28d9d508"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3f5DOeMKke%2FXH21N7pTTD5XsR5PpeSJUf32gZufjrP3%2FR1rSYZsHHKrRANonwQ4BgEwvFbesPpIUecZ2bNCYaluA44ytvh0xC8R0n3yg15Vzo%2F5PX4p4S%2BkzFx%2BLGROHhp3UR5OkXxivwFMenhm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65f55fb1b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/api/v9/science | 188.114.97.1 | 204 No Content | 0 B |
URL POST HTTP/3login.restorecord-bot.online/api/v9/science IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1234969881498353775.SnJFH4XR-NAuUNXNGfMoH80ylPI
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 399
Origin: https://login.restorecord-bot.online
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 30 Apr 2024 20:49:25 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vHIE1oERb0fcjtCfW7y1Mm67eiKzFf0QBe99meoCpwfwD7mVNCwSYt%2BBSsO5FuPA67uqI1ryxWpLTunr6VvLhXsMcBRJv%2FC1E5o2ZKhaatphwesdBhc8qGiW5HKC"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=59f374734e5b2b24ccdfa0b82710adb18eb26aab-1714510165; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=tfgy62SX8AO3NftSEOw36Ze5yCtYr9zSjFPMaieY0k4-1714510165503-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 87ca65f57fe1b512-OSL
|
|
| login.restorecord-bot.online/assets/9a02726c2f8410020238.woff2 | 188.114.97.1 | 200 OK | 188 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/9a02726c2f8410020238.woff2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 187596, version 2.459 Size188 kB (187596 bytes) Hashe55012627a8f6e7203b72a8de730c483 4c43b88403ec9c3053d74b4c502bcaf99f594c57 8390503760c8f26556001a28e7d95e4a237a4780e7ceeebf0853ce252fde4ba8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/9a02726c2f8410020238.woff2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: font/woff2
content-length: 187596
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:24 GMT
etag: W/"2dccc-18d28d992a0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjyA9RmA5l1rEHsiuyxFC6Min1zVDRKmsaISpk2ZYQgJSMTo0O0Acsii4JIUMOXuQyLxLQsB%2BOWbjCM4lXbVgf1hJ8bM9666rSmzEFWEOdE8LCYcV5hm99QiAKZIBiYduJVo25kKIsaj3rqAO8th"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65f55fafb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/api/v9/science | 188.114.97.1 | 204 No Content | 0 B |
URL POST HTTP/3login.restorecord-bot.online/api/v9/science IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /api/v9/science HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1234969881498353775.SnJFH4XR-NAuUNXNGfMoH80ylPI
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
Content-Length: 751
Origin: https://login.restorecord-bot.online
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Tue, 30 Apr 2024 20:49:25 GMT
access-control-allow-origin: https://discord.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCx1RzD7PzJikwgv6Vx7cdK1n%2FUD1%2BAzjWPI4jeDDdTO0x98D%2FQxKnTpvwKvw9DNUvvcRFwsMD901ev0fDaCgPnbtzZ%2F6%2FcG9lQvxQkKRiT7UH7BUOMDTduiIgSc"}],"group":"cf-nel","max_age":604800}
set-cookie: __cfruid=b5ae892cc335df2a509d26562cc8b86c4a646d5d-1714510165; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=Ms6WJGGYnos56r5Aw1opZZEvAr1Z1V3uRqOg2.cVIds-1714510165868-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
server: cloudflare
cf-ray: 87ca65f6ea1bb512-OSL
|
|
| login.restorecord-bot.online/assets/ee6b51adb64f6365352c.woff2 | 188.114.97.1 | 200 OK | 179 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/ee6b51adb64f6365352c.woff2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 179380, version 2.459 Size179 kB (179380 bytes) Hash7cf1be7696bf689b97230262eade8ad8 8eb128f9e3cf364c2fd380eefaa6397f245a1c82 a981989aee5d4479ffadf550d9ecff24a4ac829483e3e55c07da3491f84b12ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/ee6b51adb64f6365352c.woff2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: font/woff2
content-length: 179380
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 21:49:32 GMT
etag: W/"2bcb4-18d28d9b1e0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8Goum%2BNFqEFHFCBneg%2FkDOBSncPCsOpAU1L6bfjpvy3liG5g%2F8iAMsojbFo7I55Ne9kfIsKW13hedBkrrxZMLmwzZGJMQldeAkR1YpTvAqqSnlap9U9rjhbRvGsryMh4JAwAUslRAHquyljCx%2FL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65f57feeb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/13942.42b3309fce7f57e5eb63.js | 188.114.97.1 | 200 OK | 44 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/13942.42b3309fce7f57e5eb63.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashb57f45095b443009c496ab1c1471be7f e9af53d0e3e3ab155abafa07d23c79dae2c71f2c 408ebf752cddb6bc3782d7266fa4a7aa759bb9d4255f8d17cc7aade0ecb971b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/13942.42b3309fce7f57e5eb63.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"225a5-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQQmORqICjufSDufu1eBIqO%2Bud%2FbJ585wdL8DvHB02C04VMqaxJ4UObKoi5NIAzYFT%2Fw8HTqdBfYj00ubk2aheJ2h2g%2BddPzBjgBnv%2BnAQVJux7d1hKLGD4me5dZf9C1f%2Fq23Rx4FWt8UHOHv22V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcbfb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/?v=2 | 188.114.96.1 | | 0 B |
URL login.restorecord-bot.online/?v=2 IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.restorecord-bot.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1iPswz/fSv4t2vS+Y6OYPQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 30 Apr 2024 20:49:33 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aJQNAOyBnpbAdEfBpSpFwNlR1Ag=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5FlQ54jA3Loz9dueOLdwxviq60Grh%2FLfIxd5fD3ZaB5AfYcVq4CPyA8QWSmO7iCV20DcTMcSqXUjisfMwnuYsRvaxS1MdesgxaVTwAl%2FQ8S56BZQTxGLQo1cyTYm51YjL%2BYu%2BGjPofJgK%2FB17vW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ca6628bc177129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/?v=2 | 188.114.96.1 | | 0 B |
URL login.restorecord-bot.online/?v=2 IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.restorecord-bot.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QP4m7Qbxw65YkUvhNjfQTA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 30 Apr 2024 20:49:45 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x4H1os6ifCZEv2rUNS+HQB4A23k=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjPmFYuAlGLCRoycCg1ZaaVbIlu32zUE3YiHiyzg%2FGjFUVJDNGds7L%2BMJtigEQEfj%2FRof22qFG74DT3i7%2BYt3DQf30JP%2FPHSErKH9W0j4ExmiGIwJwYh8VlcrEOqZWXJDwJNd9SmqADeZwLx%2F442"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ca6670bee556c1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js | 188.114.97.1 | 200 OK | 3.9 kB |
URL GET HTTP/3login.restorecord-bot.online/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7893), with no line terminators Hashe34b4b6626f26e1c4dfcce8407fcb818 79b2582df9e3cac0fc20cbe1f88ef113b5b92cbb 03207901149790068560efad9a1b59f3d416a5936b89051079744b3c4674fb5e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
content-encoding: br
x-content-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2VHavwET8mY7CInVNxh0VfbTviiJ%2Bt54TtZltzlq0UxBOF2lFGqTh4ME%2Fyde%2BQbfo%2FDhlSa3AIKQLN4YIxH7ZSyi37nIgEBSi46Of1TatvthIVtXDKPAHKiR%2FGxHnrpwc7gebsrtEpeJAfObfFG9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ca65eff82fb512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ | 188.114.97.1 | 200 OK | 12 kB |
URL User Request GET HTTP/2login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeHTML document, ASCII text, with very long lines (8134) Hash95a4ce54cf97a8509be9a66701984e4f 384a32399873a045e0f8ecedbf80edc815d9c089 4ff05b910d8ae875dbff0d7261102e7e2064384d571265531a4691853d6c88c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
last-modified: Sat, 06 Apr 2024 12:04:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D1qyjOQug%2Bz0kV%2BCWEVq6VC5Nedu5KcsVfvfqtPD3Z%2B9ZIp3%2FxYcprX7WIMxbbxZnupDCeAQJv5eJN0LsIIP4Fzy7AilTXCsbXUjnSPMIyYufuvLKhzZriqqMAig2Zzr%2FMPyeT%2BaFcHT9cYvj7nU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ca65d9590c56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| login.restorecord-bot.online/assets/43870.0bfb9a80f88725fba82a.js | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/43870.0bfb9a80f88725fba82a.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (12536) Hash4a5dbaaa2de36a47b31cfed187c7010d 2dc2fe96364b7908203d990daadb8a927b3ad490 fbcde0bc982ed39ff1a8f01ed530ec98f3dc846c75b6323dcae398779766af74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/43870.0bfb9a80f88725fba82a.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"312f-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8hpo1nq16t82hR8eG9OqJHOk%2FJhX3C8nzqsU84yHQs7aBrPeVQLhOkAExnfeD0%2BUODFmEKiAJGfjcLDM4NYfcyHxMd8vaUHSMeG2CI56ezYt%2FncqwZdWzeEp4r0yOFdER9re4rgeVzKUVPhQEHqd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcdab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/37580.f4011cf1c76f3c28f15f.js | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/37580.f4011cf1c76f3c28f15f.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (24059) Hash57c8c6f403f66b72ca058bfa2a84d58e e19ca14f4bb25d322910c510f04ef2429487a2ae 934565da3cbcca91b42b6e506c8586d87297ee0d781d1eb7a73d006641a5a5ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/37580.f4011cf1c76f3c28f15f.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5e32-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUhc4IQ0sK3wz%2F3fBe0hyxVqBISkH1e14M3ISg%2FLWfCTPBoh692PpBbaddJjO%2FZeo9cXde7tBs70iqP9WY%2BZGOS3%2Bb%2Bg1Tkg66xlRVy50duG5OFAx6ixHHcMUk3%2F%2BxpD0mwkQj6mpg4P1w%2FqILL0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcece7b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/14786.f948127b41553ade279f.js | 188.114.97.1 | 200 OK | 179 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/14786.f948127b41553ade279f.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size179 kB (178740 bytes) Hashd69e56d43eca67fdd7b58880418dad05 2c978cf96ee924c1eaf3a8e7f4f7a1df8a67bde7 1e625e5053b23ddf6c8c3c0775e2b7f865ad1fd8e34a3b67b0b12b714dafddd2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/14786.f948127b41553ade279f.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2ba34-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vNn81JKcqUaG1M7Ij4suSLyL%2FgvoNaLwgXQyLRveZV1zxsy5LZDCGcmpjHYDqPLfSLRuHAcbPSIqDOEzC%2FZhXOJ%2BW8rLM6oY0PqBxOO0Eml0obAHB28U%2BQDmJ1blwtlNfdsQaI25CdYicxpIqds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d40b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/6eba4b5678bf2ff1c053.js | 188.114.97.1 | 200 OK | 45 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/6eba4b5678bf2ff1c053.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (45008) Hash837a213770a91c0bac5bc9e9c90010f2 0607bcf00f83d5529a1948a9214e8926dcf7348f c615595bc0fca0392ff1f30597dc0ab1cc6bf06493ce2f283bc30736a3083c30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/6eba4b5678bf2ff1c053.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"b001-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CC1E9EVfAseJC6PkbBQs7bTLB3ynS2IUDY6zXKMoFkWw2nHVsbTurwyPb4av%2BQiIbebAMkaV8kY7pjaWiapHEpc2rn4gFvZlvjgGHQVHAbhuuLE4Y5IClCxMMAgaU%2Bi5R3X1Bx7teob0vraSmTF3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef8f78b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/99742.217a8e519977f9b5cbf0.js | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/99742.217a8e519977f9b5cbf0.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (18014) Hash1960cd6ad791e73cdcfafff546853923 0ad17a1e5860279e6885d8d94ee0e29a1730d530 13c1c620578fee12330a7c3c003da2ea56f487fe471125b76add74f74d0bc36c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/99742.217a8e519977f9b5cbf0.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4695-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G3ylF%2BGZRHINYFqW%2B30HwizBG%2B%2FYq6V86PvVZg5YHyKXmwbTn0veyFiRiAwi7wOramUT2tAprWWLPmdJ%2FH%2FZy2UDYMSyuGExvybz3myWy1chjOvwetkEfCoY%2Fky93nQAShwPRFj9wU3bS8gnyfaE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dceceeb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/41611.7d797575820892675652.js | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/41611.7d797575820892675652.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (20820) Hasha290ac62b9753650e23d6e78ea4af855 417747142045ca3f2e616d389c0e678c3d6bab48 7140411b3e59a097ef31914fad63941fcc863cbc7fdf7f8aca5ddb67f9a6388b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/41611.7d797575820892675652.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"518b-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OhgVJaKFxDy7thM27MyfijTw9ucUvh1ffrIw5X7Gre7tOxDQEivEIfQWuoniQhnpquNgMm7kF%2FWUEt0ay9DGJXqlHYv4%2BI0zQfvDaeUn9ktTXxJpWdpQWUAehxgfGgqaHJQ24OuhKSYbJKmnHFRQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd04b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/65800.d803fbd4c225782b31d6.js | 188.114.97.1 | 200 OK | 40 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/65800.d803fbd4c225782b31d6.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (39520) Hash6ebe1a578a746f1da064f34508d700bf b27eeeec818818be41f90df32894c3c618d183be c5781d163c837d6d2c72081b42e6ac0b513ba744a8a2ef95b62a4be628fd0168
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/65800.d803fbd4c225782b31d6.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"9a97-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raAaoTn507dQw8XeeJuo11xkGlCQPcWxz%2FrVIlPZpbJE5d49P%2FSpl4fiwf3smb2nYiwOyJjq7%2BG%2ByClAaL%2FJyiLpZEwYExE41Dbg92yw44FX8rvv%2Bp%2B2DRDuFXy%2FFPfNzdqk%2FkhmDdu8CkM%2FZZFH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd2da8b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/fd3f659b46061bd95594.js | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/fd3f659b46061bd95594.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (12472) Hash1f26d0370e5e43ea29dcff7c1c53d661 dea8cfb895f9081bcf0b5c6eaa2608c0da58393d 8f23b16a70005926318364b1757e80b28978294775227047866f5a64f1683fea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/fd3f659b46061bd95594.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"30e9-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OafeCzhLZ5oFBV984fxvi1cnejXDplkRoW%2FKSRgE0xYmr004Un8bRHY%2Fft1ghvmBBWP4HH2lEHxE91lV3Hb9UdNgSLWW0hIBLwq%2B6rOmYxlUOJopCQ%2BrmmCDIekL4UdiRrj8jhjHbWs6%2FVKaIxiE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef7f6eb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/96634.06d9840e14d8b8f41b43.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/96634.06d9840e14d8b8f41b43.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (16229) Hashb924f4be14a3e2330a86646c12dd033e fb8f63674d6d1b4a937d5e293bb46a10a384bc03 d65f5776f04bea788fecab1869863fdbd743604e16b45c40a3a5c91029b80057
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/96634.06d9840e14d8b8f41b43.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3f9c-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O58TrIIFNgUPMGTgm63gL9KCdo%2B%2FnxW8WCrTAJIXsfDEEnc6CyxA6jd4OUYFFeco4o7pzBnrTCfaTM4xDuy%2FjkOiqhGp0cy7klfi1sIlFwsiXPyWrCTZCOUg6NM%2F2Lcz0KvnAqZlCBqRUNZU%2F1QY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef8f80b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/3f46bbecb4287c0a829f.woff2 | 188.114.97.1 | 200 OK | 65 B |
URL GET HTTP/3login.restorecord-bot.online/assets/3f46bbecb4287c0a829f.woff2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with no line terminators Hash8e0185b3d3272056b90fa759b629b4a1 f80ecdd55cf374b1f5520fcd64e97883c1f514d8 7f2fc9c03ac5cee4e206b61d510b427ba6e8f5c7554d1b5db42c5caa7cf2307a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3f46bbecb4287c0a829f.woff2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LedrlYGmkLVtV9x12FG1OkH6Y0kgt5g1Lt5e%2Bw%2Bs1zTfCKLUqArnG0bKbuHKFQlLAu5K%2BEz8oXr%2Bcr19cOt23GixUb30wCbkNX%2BSIDL0RJJUkIqinOQJlwyw8HRsp4D8r8o3%2BaSSwVRT8XkbyhNc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65f47e72b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/47146.d5c177e816a2cf054d31.js | 188.114.97.1 | 200 OK | 44 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/47146.d5c177e816a2cf054d31.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (43856) Hash2dd911fe6af5b351702811c2d2dbdb35 6d22418ce848dafc32e9e0f8224fc6ce13a8efaf 40e9ecd17a864fde103d7ac450a265ed91814c0dbf4ab22f26df913e1f724969
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47146.d5c177e816a2cf054d31.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"ab87-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYHZ169KSLp0gJZVI%2BRhKFHhGpnBFlEmxm%2FSDAxFuaVaC8Bp%2BbrDcmop96dyDZaH14JiyAu49RMmYNEPdZAdsOXHpNxMxuPDbLHKTRFE0waQAUgn7zAgcIOaub6%2FsJvKIqgdgAWFf6qe19bh050V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcecefb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/66888.79756ea63981ab2a6341.js | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/66888.79756ea63981ab2a6341.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (14863) Hash1d86b77c518ea58ffd94ca73f4ecf8ec 46fdebd87f50f9aeb25b1908c92995e8d39212e1 a2740f55ae9c5911162e7891dab7a0a23ceed7ff351fb7956bf02f2a46e68f24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/66888.79756ea63981ab2a6341.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a46-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWGQQnQ07AgiDvmuuwcj5vYEIJER%2BCqW%2BC00GqawJGBw2p4yB02fs1NNx%2Fpv1TkqQ%2Blbz5kd4hoWJkzY3pM2HmodEd1yHwgzsmS9hJ%2BVRUq39F41wmAxUUUu2y9fC9anKgYlGrvE9tkzLJJ4zF%2Fw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d38b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/8e64227ebe6f34850334.js | 188.114.97.1 | 200 OK | 2.2 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/8e64227ebe6f34850334.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with very long lines (2248), with no line terminators Hash4000d28d0f8e4feefa8883aec22cf353 f8f67e124e53daf7414e941168e01d2a9c812e85 817abe560796ce849f16ac01eaf0f4ba1ce40ccda95682cf3433dbdfc80db071
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/8e64227ebe6f34850334.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"88b-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0mC2Rl6PbbfIue0aWvgcTDsqoEBs1e1kRruhYeJsR5lM5400Q32PzJZS0RBi%2B%2BhI2YYsTMLljp%2B4dbYK0pO%2BdrGsT3Q1uDq47qbtx2SYkIgTBcmux64vcYsN4TYufJuNXGVUHhd1b1hseeDG8Z1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ee4d8ab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/799ce01abdb0da7bdef1.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/799ce01abdb0da7bdef1.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (10064) Hashf9eab234b26ace83cf074c0e8ee41795 7400543cf80242671ca9f63aff06b4fe7e33c3e2 99c1fb6a35c0b13536fb0ab5c1afb16fa359fa23e56d7c50fa86207f10e082cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/799ce01abdb0da7bdef1.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2781-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5mqkX7o%2FHKWQ3HAEgrAYbsTcp2TS5k46%2Ft6TMjtt74BQSszqnb9Cr6hLrRDIDfqgIE2KhLeeC9s0UhNY9FxjacIVY1sojnuYFe%2BAzGrpAzEMuWrME%2BZmVbBdKWJc3UdjmwWKy26wepk0lKRsCZ2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef8f73b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/399f7f1238d1fe8b2b51.js | 188.114.97.1 | 200 OK | 109 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/399f7f1238d1fe8b2b51.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size109 kB (108609 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/399f7f1238d1fe8b2b51.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1a841-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FURIzm6g9GFO7cBoAKUAolJMMTP5eEeias4Pz2OHSRib8a60PfHaMQzUAdDpevkgn3La2UqV41yHRukxzIqyKNY0spSQQweUYT7RrMkfAgtZ7cz8385%2B1qIG8ZpXRsRjJajCLBKGDArDCKkbx0yw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef9fa3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/3c723e3c991fcd7cce58.js | 188.114.97.1 | 200 OK | 164 B |
URL GET HTTP/3login.restorecord-bot.online/assets/3c723e3c991fcd7cce58.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with no line terminators Hashbb871017dfff7157e3481a5dff8e4529 36e5c0824c189aef00bbd5f35387a84b7010227d 55aacccdae49dac44e6d8fb3cf3041ba4873558d2d851d0abe9ecdf99dc1e0b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3c723e3c991fcd7cce58.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3mPYo8XwUxSB5xD3ys03y2jLHBAIsvBTPWxe%2FX1Xsmvo9FQ%2BLPW5aT4D0MLapZZaTZGK2QA1Rzkd01MOnaYzyeo0pDE9nygiuI94Ef2Usv8BnsRjS9dQg1CwrE3bo8%2BiyeIbosFJEXH573cfHRVY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efcfe3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/58409.1811376ebb7f14b0be53.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/58409.1811376ebb7f14b0be53.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (13964) Hashb04469c4ff1a1e4369a1238f1a6e7e13 baa699271e0bad0d5d568f5d0cb2dac21f5a2d0b 2dc6a1da0d49480f89ccab794ec25a14cab0ca4034039ae26e39faccdda82a50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/58409.1811376ebb7f14b0be53.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"36c3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3mx7lpHQbxU%2BcNat21qTyIrL1PUTvGD%2BO5ZarLenLAvQvt%2FmnnD%2B%2FJf6%2FsLOZ%2BRy8ZQVNZE2fmfBs8C5LF%2Fc48mycF6XTLA1ebdCaYQBmGIurtwA8i83GvKA1AdHd36QlrMQBAooU0E62dszN0Uv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dccca7b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/47470.c4ab7647d25b8ac58ca8.js | 188.114.97.1 | 200 OK | 312 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/47470.c4ab7647d25b8ac58ca8.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size312 kB (311789 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47470.c4ab7647d25b8ac58ca8.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4c1ed-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGKLpXqtw9FN1vSWY5FJ9AGcViVsBBPciQJfdNgMTw%2B4QpGhZVyYIciFfnZeirjmjVOaOuKB9A2RTI74HucofyHpWJjBXutzJyTtq6k7dFJcRPP0cB7oyVXBPzjNeS8NKfBt5wm%2FB39m4lrZJpdn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcccb2b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/38081.229b2d35737bf3f84541.js | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/38081.229b2d35737bf3f84541.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (21630) Hashc20b5e9bd89cd932aec62501526bc4af eb2f709ad66bef7b20d4ecce454b827cb5758391 b4c9960af0c70acf545990b29eab7e4465caa262df425c820907bf259da27441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/38081.229b2d35737bf3f84541.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"54b5-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvgBYAxSjb0QAKkyDo6eHIopOCOqpxoJAXbcDwdbE31Q2MGbiwlZ8tEY1dXfiLeTYjESYYab95T1H%2BzFnf5C6rIL5zQEWnDsNbe2lOExi3v0RvvsTwplY7banQqvNkHyNoUg9D7TlDMss872OttJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d3cb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/78891.2eacf9854660d1cbcc66.js | 188.114.97.1 | 200 OK | 8.4 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/78891.2eacf9854660d1cbcc66.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (8513), with no line terminators Hash4864c337a44bd2d3badf7670471a790d f64d984f97d5a1acce5a839417b7aa0f61a55095 3a7141586692ac441533e43942e1aefc2d326389e094aa7c78834f8e3ad48da1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/78891.2eacf9854660d1cbcc66.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"20de-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAwwkwRd1l%2FVjh9fGQrfdZeyEY4wBVVaqfseuT1LgLzkPSOwUJcdyQvdQw5%2F9G3xNCdnTngpcGb6Vp%2BkaHfVYumRg1WFHu%2BZ5h0WCQ04UNgQw3t6cB8HGg5dQglUvOKS24Ei4mGKzpIIuffiN188"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d78b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/47470.c4ab7647d25b8ac58ca8.js | 188.114.97.1 | 200 OK | 312 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/47470.c4ab7647d25b8ac58ca8.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size312 kB (311789 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47470.c4ab7647d25b8ac58ca8.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4c1ed-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yzF14gdt%2F%2Fuf5NJZv269XVgvM%2B7S3gh2ZL00258BqucetnthwMdiEybIPRnokcHHpJTiS4%2FjPd6L1ECPMpl4IcPS5AffeGniXpXUxBsQzrNYG0b%2BtK9F3uG5%2FuyZEMkGhAFfjaLMCHvV5nj5wm6M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd5e21b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/api/v9/experiments?with_guild_experiments=true | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/3login.restorecord-bot.online/api/v9/experiments?with_guild_experiments=true IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashe860423c9b5b1d66b6d71884292e5218 e488144bc5cd64311a2f3a962399194cb5e36fd6 6afde6d331cc849619b55c6edfed48cf13d0e840d0ca5ceb825f5671b8575060
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/v9/experiments?with_guild_experiments=true HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Context-Properties: eyJsb2NhdGlvbiI6IkxvZ2luIn0=
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWSKGPf%2FyR6TJcDj75yL5Zj9vV9THz7Jn%2FwtPPYy411YN9qyzIT6NepYZ32v4WwE7vubhuIG8JUT6AfY12Gig4p7K2%2Brwsnxewp7eHpMi1BnjPnq%2Fj2OIWm3a6%2Fh"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=20a38716073311ef913a420275c7bb19; Expires=Sun, 29-Apr-2029 20:49:24 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=20a38716073311ef913a420275c7bb1916b8d63ede397e622a8f16401d43f2dcd7f10d07108ddf508a8166de618c3720; Expires=Sun, 29-Apr-2029 20:49:24 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=a310b2ea30ae5f13799d9e0f76b06e79a2053be4-1714510164; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=mcprVeAEAqPXfwW6SbZrCW1rVA_FfvG_d7cjLKgZSM0-1714510164433-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"90bf-5IgUS8XNZDEaLzqWI5kZTLXjb9Y"
server: cloudflare
cf-ray: 87ca65ed8c84b512-OSL
content-encoding: br
|
|
| login.restorecord-bot.online/assets/47387.b94323b63bcf5c32ba76.js | 188.114.97.1 | 200 OK | 80 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/47387.b94323b63bcf5c32ba76.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashb235b236312169e0db519e60c0d7eea1 6d34c175ce387b8bd435ce463d44706f08e9137d 03c0d5a0ff0b821c4ceff908a8fd7e62ea9b881711023244449f71455215d00e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47387.b94323b63bcf5c32ba76.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"13927-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yf1MvoBqYKwI0%2FeIcW%2F56gKMjQFnyTj9oPnFfGW%2FPEzlk46u2u3PrLXmfyy9jzbqBFG6p63J03nVZ1tTZ%2Fl1jT9BIfJifV3h%2FrrZjNAelfiqdob1jtu4VXR%2B93ExDHDfrl4jCu6TpcDjTR%2Fb04Cp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdccfb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/94288.dbd73ecb6b1482a870b7.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/94288.dbd73ecb6b1482a870b7.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (9979) Hash38d4ac71291ec9223ae33b9ebb5a4e89 7282b3fb164396d9510224b3040a89902c825546 9a8d5847b100e711a41231d5c45682b01b8173438f96c52667fd872976c18cc9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94288.dbd73ecb6b1482a870b7.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2732-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnFdXDQESg80bqRsatmpNDREVTj16l6KezGKtGQd7%2BtGyRO0Cla8cjrutGB8d9nbhcDklbeoqOCdY5KCSWBZW%2FoiQ2KWjUNSZPWITvydM%2FHYHVH5bB4x4Td%2BZ4Irmslgb3f9CDpVty%2Bbn8xfmm6T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd9ebcb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/30982.a6d605c291ff090be83b.js | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/30982.a6d605c291ff090be83b.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (11446) Hashd06e1097bc0b493b61ec8ccb6a3c1338 d69f77887e7611c330cff1fa7aaea9dafbc57ed5 1587658b44a41e7384ad7bd8d2e747e98ff01403347075b0205c68463b87dac8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/30982.a6d605c291ff090be83b.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2ced-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhXnA%2FAUpgMw0VgM5WV9ZHekAzVNepal%2Fow0OaFmyeE9eByif33pOk8dS5qiWJ%2ByjgsMVpLZ2UeNMKb52PwrR0fdZP4D09VI0S5JDtnskwJ5jUNT4679FO7ZDWc1sPST5%2Bx0oub9sdXq0tTeyGe4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcd3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/94491.6feea119a246906e42da.js | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/94491.6feea119a246906e42da.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (29770) Hash2b097f530ff3ef39552a90e18a8bd883 326b60321000b059a090e4ef046b9421d64962f5 dd4f80fbf943312c9ed47c07c0cd767cfa20d3657f0b50a5787704991ee85f00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94491.6feea119a246906e42da.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"7481-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ObzK1X4j6ZhUZmLgMC0gI8LCgMOjSGit31sOo5tEHWjqkdVDE5h5BKnkxfoFv7PhqQnfOWKU05e1iGMss46OZFNjrTPpm2u7ZPjjehZLZJYrqYFbBWxK%2FEU9zem%2BEuwJwT2AmqppSrxaPckDhS4C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcecf6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/22198.f5f5aeb061c44ad3e071.js | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/22198.f5f5aeb061c44ad3e071.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (12232) Hash037eb3fd7c79a6a5da8011e606e917bd 078368fc9988f02a9d9b2faa6494b3209ca6f8a1 b24340e4a45954dadfd82c820035335f0d27ea454fdbbb263ca273cd590d5a23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/22198.f5f5aeb061c44ad3e071.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2fff-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BrrPr1hZmkmYkKTte0smBaSzBVp3zNSyui6dBbh38WK%2FhM0WCgZcWt8AuzGw%2FmfBDPb2jYG4hksJPW7H5JjI5cmuJtJ5Ufz%2BBMUBosVFFtperMjTqFSZcKJjJPM3zCfWrjTSxbfZxA1Mvzc9Zow"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd03b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/23356.ac12463556a44bd7b330.js | 188.114.97.1 | 200 OK | 1.5 MB |
URL GET HTTP/3login.restorecord-bot.online/assets/23356.ac12463556a44bd7b330.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size1.5 MB (1470465 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/23356.ac12463556a44bd7b330.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"167001-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xJpiTL8MZvZMAziUU2fMd8sFLDELQajC8Ku6OSv1%2BcN%2BpLQcDtsuTxgkWxMslubO9645i8zx6Mhnhlaw9WCSuXCfnuRm%2F%2Fkwr5n4zchtqLPrGtO1iByDIJCKRhTzxmrvF5OUJrpPYXMpLl1N2Gw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd12b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/77015.48150de6efe657e3c6e2.js | 188.114.97.1 | 200 OK | 34 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/77015.48150de6efe657e3c6e2.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (33607) Hash81c3fc72ba9d6399582bf44261a7d3ae 1c226b78a91b94e41031384e952806a0f7df56b3 5d14345894349f81168d5cbac6e2427d0390773574634f6936e06680a832d282
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/77015.48150de6efe657e3c6e2.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"837e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7n5BRQg66IMII%2BJyJuDAqSdEfzd4X5yBp4vUudJhRwDOmUMRTgE1R9wMi6%2FgDbZAAorDvreyLycRjobMua2r%2F5f%2Bo1b45hQIvhiFiEiz%2BJMX3vpHzxnvo9RKTWoMYXTtEjca59k8bUx%2BDMjivlrM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd13b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/13798.6a2a5ac1a86675c94b6c.js | 188.114.97.1 | 200 OK | 7.9 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/13798.6a2a5ac1a86675c94b6c.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (8182), with no line terminators Hash81548497b4c074d04063c9f226154ade 3548f8053d9df0534168b499bf42407d8e573e2e 13ac083b959b6c894e5118fd5a686a4985575125a984190c1f7454264cfedeed
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/13798.6a2a5ac1a86675c94b6c.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1eb0-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utZFwhAALBxFLZYjikF0rIy0rkH%2BKGMVGGqnR%2FZsqy7wmexzZHsHrrpuHyFRkWTXg8t2T4xieDZINyNE8duG012AJWjOu64MO1cXCxrdhaIwAwpD%2FJcCxDteSxRHWbFXxg9nzCrxmMzCktWZjqO8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc95b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/48590.9d5fbcc5aac137b478e1.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/48590.9d5fbcc5aac137b478e1.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (38172) Hash43c0247c5fd0d2aca49282b1f2e8b884 9c3d283f016f69a880edb60ebc384c9f39002a56 998a4388e4821fd233dad8d1faf2700c0c47741c4843925dd9252b1bd3dc0c50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/48590.9d5fbcc5aac137b478e1.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"9553-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ydhxhSZVJBm%2FUuiXNDEqq8PDdfK%2Br%2ByckWQornP3B16woTivu3eIoVce21llF6wykboBYVvc3EiXOdiMOrX4LExRzvWzBI71Q543HKnfCa%2BnEvyZB4Z1BCambFtY2wJ7gRRHr1h%2BxjtahK2NmWRs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcecdeb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/3341.1a1f8595a0c8fc9f99cf.js | 188.114.97.1 | 200 OK | 8.5 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/3341.1a1f8595a0c8fc9f99cf.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (8843), with no line terminators Hashe26a8efc5dde624130372229258ab5c8 6fb44998a93cba1ead19a776409849a6c50bebe7 6302c624d089c3bcde5638a15d621c0f664857468478526bcac9b419ddc6d81f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3341.1a1f8595a0c8fc9f99cf.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"211e-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QS6AMarpTzE6CeyLmQC1taja8mZdgCGYQ3cW0HpGwc%2BDxrKnFff2mtc1gzKU%2BhbSJjmH4KZmBPmPEnlMgk4iAAoXrnozPE3WB73Ts3mEW739umIAj989pqWPrjxMEgRuaD4z488Vett0XOa%2BlyeF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcccacb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/89261.02ed5e657cba70087452.js | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/89261.02ed5e657cba70087452.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (14959) Hash792d2294c9fb0e7d0a07bff3abbb0d0b e3ec35950876ae2e409e65759d0802c00a91e40e 2d3415e0b866788b07564eeec5035c17ac14645fd13b0bcb9bdf71b5f66a1e69
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/89261.02ed5e657cba70087452.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3aa6-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=njuC0T%2F2pF%2BIzVJE1SSvYXJPCQ9KNeO%2BgxQsNXkEYLgWVFZCfQLOX8r1QbCgOlHJu5SPHjOGz46tiRNExBqY20bOHpBGeXb%2BhmdDPeoeHAPRQGv4FtGqIHc5k1aTW9gUUubz6trLSluksqy4x7%2B1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d45b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/3205da2e8f78633583d0.svg | 188.114.97.1 | 200 OK | 688 B |
URL GET HTTP/3login.restorecord-bot.online/assets/3205da2e8f78633583d0.svg IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeSVG Scalable Vector Graphics image Hash845877ca568da4ce63844760bd808400 c25334314d5646fa7bdc85e171bf96d3d4c6e794 cdded65b4ce8893fde73a93b00ee2061dbdabdbdaba65f0fc61631c17ce980ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3205da2e8f78633583d0.svg HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"2b0-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4jVLel3d2aF5x030PaXA7V6b%2BY%2BzSw9TRcitDJWAiHODOdljbGjE80zd%2BZHMGSRAituTE7jYFynch%2FMxi7Eb4hWh8eyqapPiv6ZPBGCtzkQgsCAaCOEQaqlcGLiZIeTAeaZIYX5p%2BC9q1mM8Ql5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efdff3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/sentry.1e20f9b7b3b2507e0dc7.js | 188.114.97.1 | 200 OK | 8.0 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/sentry.1e20f9b7b3b2507e0dc7.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (8219), with no line terminators Hashf6c12b3561afb0c5be1c10e2085c10bc 82e6c80f75bd4500d11b8a8eeab09258913fbc04 1fcf9bcb46efa6f11a6f1b081012b0dfa29746b084197a8b57f6cd0288e6646b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/sentry.1e20f9b7b3b2507e0dc7.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1f4d-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KYEgPLdtKVomGhpo2kKmuubKx%2FR7OquvSZolvgWmv3vBj3%2B6Ita91Ab3ScEPIR4HEm7mk99noZQtm4CBho7J%2B5UXD9%2BetUl7QrK5%2FliD7kL%2BIWYuECjtRwbVR%2FdOtL1tnI4wYvCoH14eEAh0wgJp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd2db8b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/22843.1bda3edd4dd152273661.js | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/22843.1bda3edd4dd152273661.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (20995) Hash3d7d3c6641376eab526dc37c2a3aea87 9a4405500ec4685d070b940e3e58dbe95ebedf94 8bd28e45bdf228abeeaec72fec246300bf1a2d85ed2bec3710889cb3ad8b72dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/22843.1bda3edd4dd152273661.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"523a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wZuQCLPeluexS7UxT65jJ8i%2FUk5e26qeBLZTtby8d4ngDwsQ%2BVjVxAaJeZoCSi4sf8g3ZSHoduQ1pwdccDrPI0A7892l3gbeTR9PwdROzCzyYZS1E2Kwwip8dNvdHSidISND5Y%2FC9Gyk5aEGKc0i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd5e2bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/a9639edf37cbf3bc290c.js | 188.114.97.1 | 200 OK | 5.8 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/a9639edf37cbf3bc290c.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with very long lines (5947), with no line terminators Hashf392c77642c2fdc2ad568c6141c40966 8f9529db4fcc332030fe2b066220c4d5752e2cc7 9c96486a4197d9bfe932ae15364d60dbda2ce77fb28f6e53319f5a9b6b25b486
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/a9639edf37cbf3bc290c.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"169a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvuIcirUTaXqxKas%2BlVa%2BeWMLS6IoP2%2FqR7qHC0SriZHtOVczfEFgLEQZLp8N%2Bsrj8d3vL7ijICzJ4aIuwq52mKLBsr69PZlEkgB7%2BvY%2B7BIFA4jTZqQ%2BF6RqkuZpxdvewulYYpC6zVKfamZlrV%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efbfcbb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/46318.26a20b3d6c9d947ee7c5.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/46318.26a20b3d6c9d947ee7c5.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (14296) Hashc31c995e6b740c207b3c24a0d1145425 922fd2d139a1ff8bfb89dfec828ed4e52946f359 8faf3e169db9dfba36885821526edddb14b4e0c3feeb1f20786c3f2c51115831
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/46318.26a20b3d6c9d947ee7c5.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"380f-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8q8qSP1HcL%2FWCpk%2BHJNf5AKqxMUQ9XbuYN9TM%2FeWwlup1domIfjOqonHnJ3gEyOB4XnHgesh2jfYhAxxSbwXdsa2y%2FsBATLWLhguVrayd7DUuRaVDn9e3s3vXWxG9ZNQSecezyANHDMTdJlv5Wyc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcc6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/31717.335393f06f604050b43d.js | 188.114.97.1 | 200 OK | 65 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/31717.335393f06f604050b43d.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (64808) Hashf21348f766d7fce1d259877b826da099 73baf8dd6916a60dab75cd1879feda4b29a090a8 bfb3e51c1397bb6498dd873eee144f50271c74c4630bb8ae0d55a1da8aeb9863
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/31717.335393f06f604050b43d.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"fd5f-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wEu3Gg5dDAJr5OttRgJvSeceHG6e7VuEasBgtSeWJxlpe7FTMDQ53oy4K8LySlMY2juFA2YpylmBX4zbL9NSpZ4SWRituc%2Fh9JQDTIhxTraP1EaQRSHrVR9rHiaWwp9i6Suv9%2Fse5qahvhXfOmws"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcd0b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/8240.59954d342c818ac8b70f.js | 188.114.97.1 | 200 OK | 81 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/8240.59954d342c818ac8b70f.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash18dcf8fa835cfc1860e0869ae9711d8a 372560e730d7725d0d486544b57f7ca5a1e740a1 3bc562cf2f8191b1220d710ccb7cfba8dd0eca628055f0fc4bf98b0f8e7289dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/8240.59954d342c818ac8b70f.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"13b4b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7KRZfNj9I744ObkohDoLEbuEVaIKol6eXe9Wc9TWiqKvT9Kh6o%2BM23YaUlNi7ZdOybv7BPnSvFNNE50so5eAUwkbR1p4Mp0bQXyKXiSZg3mnC%2BDOQleQl0OpvF8UNSzmzp3zC606RjDUxg4Hm%2Fs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcecf1b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/62768.3bd3b009dc2945b07d60.js | 188.114.97.1 | 200 OK | 40 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/62768.3bd3b009dc2945b07d60.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (39620) Hashb6b6813d1e66352c0decf44454134375 95a172f9805fdeee7bf82568b66c493972b35ad3 b07bc7d7d0a9086f1b02065c938b99544f7d651295ca2c860b22ff02c482a239
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/62768.3bd3b009dc2945b07d60.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"9afb-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WwxqiEpvYWtTt1J1QdCQZ9cE8X2jE23YgkNJiNeQzA6H4msJwQACIjGXoCwgmqKjMhU4ZQKdrnraVt%2BzGKwZrDpf67ZRQxgmz1Y88Y3mhi2%2FpzPhbFwzGDPSO1JaD8hOHD3vqNhv%2F8f3z63BV7fY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd15b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/6086.2af42e57fcf6739db519.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/6086.2af42e57fcf6739db519.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (19374) Hash6fc5e9f209e47dece5d8e86354e38916 78a29b4cf26974c725b5952e0b65baed2e3309c6 014e1cfc914dc362f3a55113e3aa27163bcd88c8323905e7d8b43c7b16ae821d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/6086.2af42e57fcf6739db519.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4be4-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=farGPZYe0AXbNN%2BJRBUcacKSg0cxMeQCe7oC%2Bg%2F9bDb%2BkX%2FJFu%2B9r1J7GuEccj7593R4xvaIyhsv29n3GpdcxHUqCwIV534X5rzySWItRHSMYejl8Lm%2B2H0%2B%2FWKWrglwxVAT794k36RbAY4beRSE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d6cb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/22843.1bda3edd4dd152273661.js | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/22843.1bda3edd4dd152273661.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (20995) Hash3d7d3c6641376eab526dc37c2a3aea87 9a4405500ec4685d070b940e3e58dbe95ebedf94 8bd28e45bdf228abeeaec72fec246300bf1a2d85ed2bec3710889cb3ad8b72dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/22843.1bda3edd4dd152273661.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"523a-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kNO7iB8YZ1j3t3rNfYjPw04%2FX0hXGCT17EN1TFvBCUMwe2BH5rg0i0pNjPMqnJNIQHSemqJ8ww%2FwAxoiXhtG3QPq1oyInnJgMZHnOs9%2BixWB2TWBZ1mtmj7JhjHvbYvFCbqiB62SzEeirGYMMl3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcb6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/55695.a2abd2a754a025899810.js | 188.114.97.1 | 200 OK | 959 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/55695.a2abd2a754a025899810.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size959 kB (959311 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/55695.a2abd2a754a025899810.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"ea34f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILA7V0zA6uBZnUhGcwOLG1sgv14N%2FPOs%2BFHJ1dDGdpq8VqHjEuExuKsd0m33lftRccw2dC3pTLOO9UvhY4gEIaNGBjrkSHJKJM3ybmSwsYxOjOxMy2lCqiPg9dISoQSP122Hakol8Q7zanioRaWH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcccabb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/25653.f1981721227784f0166e.js | 188.114.97.1 | 200 OK | 164 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/25653.f1981721227784f0166e.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size164 kB (164235 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/25653.f1981721227784f0166e.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2818b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6ULMGVM5%2B9q2a21fQr4yzfJICwz9B4g4k1zDoflaq6dYdJF3cd%2BrKZIkedDSEADRpoiQM%2FK%2Fcox0cJCKk%2ByUZXFIdprL5RPgiwzSLXQiiJbsfP1bHG25xurKU5yEkFQgBhrSA57eJunokIETkm1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcbab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/17605.396d4d0fd6f31f0ccbc9.js | 188.114.97.1 | 200 OK | 149 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/17605.396d4d0fd6f31f0ccbc9.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size149 kB (149407 bytes) Hashd76190debc34ded2033eb596d275c6e6 1d65e4a7e5bc735bff02c5fbb1dbc89d31cabb6b 8069a865a2a03e1afbe4b88edf980d24295d5643a48e180f71f84373ca3d76d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/17605.396d4d0fd6f31f0ccbc9.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2479f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r00cJxfEL1RCH1Ajm0IKhahIj3x8I50T%2FrP9iBpOQYMwLMN%2Bnj2Mpi3SBueNF3D7ZEP1RANJXTWpwWEmgnPk%2FcnZx9H74gFL%2FQqynmrIdDyfLnkv5LysFxhKR5HTB%2BKcPfEKUWBRB5P8PewEXCdz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd11b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/58166.4ec31e1810af6eda852a.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/58166.4ec31e1810af6eda852a.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (37774) Hashce66262030ddf4d78cd0600c1706bbca 195a3af6bbcd112990859fffef3a9b92a777788e e8d1036a715eff98d533a5edf5e91f079e9eb7482fe9c2eabd6df44d51d3eaf7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/58166.4ec31e1810af6eda852a.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"93c5-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZsyCZGBR23iST9P8qNiW7AAyjFAnJ195FHmOpy4YoW1Nqe1lis8JerF%2F%2B0GPHnKajtYNPh%2FRWPxSAMZCqbn8wS4aqHwUfKh%2ByVMLTGHMuigiHWqbXnaO4ibXXuj7P6fba1Iw1BE6wJEpyrgiOZD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd2da4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/6575.507fad3ad28f9e5198cf.js | 188.114.97.1 | 200 OK | 1.8 MB |
URL GET HTTP/3login.restorecord-bot.online/assets/6575.507fad3ad28f9e5198cf.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size1.8 MB (1792121 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/6575.507fad3ad28f9e5198cf.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1b5879-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QBe0Joun5ZKhKs3w3J7sggdb3ou7C%2BU3TtawTb12q1c6ZHgeGW5weyn5v%2FZ7lOGu4%2Bj9FpAxHnlvrR%2BggjqkbeHO9Sds55tNhImXBtrAD9%2B4YVhC2RPFuJb9Ow35fP1ODDieEjxITRUzUFozWAH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd2dadb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/7442b576347c1d02886f.svg | 188.114.97.1 | 200 OK | 395 B |
URL GET HTTP/3login.restorecord-bot.online/assets/7442b576347c1d02886f.svg IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeSVG Scalable Vector Graphics image Hash3e60ff1de94af19ce4bc825b9d2fd18a c5a4ae459f6596bdefe85021f198826e316b4198 8a32440759eee1d213b1561c980ebe7856fcaffa11588a4b7131cf83fb1c2092
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/7442b576347c1d02886f.svg HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"18b-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CS1LFb8Er7pbjsT244NztfjPru%2F7i5USiYZU5osSqt13X8%2FsevPYNg4eI1xyTW7fp31ZilPJl%2F5bATEN4cm57E6y2ju7pI5kIsLITMZV3M%2FubsrJSw0MX6rap1%2Fu18Z%2Bul6hj1h8%2FxA9ZoISgAUK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efdff0b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/?v=2 | 188.114.96.1 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1login.restorecord-bot.online/?v=2 IP188.114.96.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.restorecord-bot.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: s4Akj7um6XebxkxS9sZKDg==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 30 Apr 2024 20:49:27 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ODXECmAN/eyTsrVmKJrm/7QPDxg=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWehtikSTvL7I6jjPeiK1LEpsC1Lln6AN0b%2FPM2bmjd9A5hv9PqLOPLB3PDDDGw6jLUGiSNXo5HKf%2F1SiykqXoNXA2fU7od1ennR8cTjvuP5O2BZIMQewMA2hoP4vjoBBMbwsPThzln2DtB%2BWFa%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ca6602ee745696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/47498.38da6b2cf2f487359536.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/47498.38da6b2cf2f487359536.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (10010) Hasha4ff99b0bbadc5f521c2a07f0f1e3f93 30b17f14702fe71f825a3966b652f65705ec3c93 6e2b1b73e8b8dbf90920572224e0edfbf56fa6e20d0cede00321cb2ac91c1254
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/47498.38da6b2cf2f487359536.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2751-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7POzLYe4tCpxFf2rRtcd2i%2BxKB1TgiSG%2BdxiWbxC2GxB9S2GWHb31qOouo4hcO8Jn5PDdmU2B897L3VPhkmnnK4w%2BGBIjK4%2FbNV58y3jXsSu%2FRabKHfbjUY%2Fhfs7bEGL7NbWk0o5nldNU8nYosUj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d5cb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/11538.db58e10c3c76859618f0.js | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/11538.db58e10c3c76859618f0.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (30244) Hash7f54de7efa90ea0e15b1c612bad83249 1a5edff4e5621f3f3fe3c536c18cd787872aa17e db01fa5a4d163102243a550ad6e1f79763c2b718a1e4e1261bbbaf0c548f5b2b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/11538.db58e10c3c76859618f0.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"765b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gu9HTYADGCKLTKx5%2BRPLpofXUW1RvtF%2FncxU0Bbhl2amaPKiTnvp7G13hw0AmXyexkuORTqJfih1Nu6jQ4sWQGeEjepTtPGRfpePjod06YNboFUXFFrpkQXAonIX5DXXrb4u%2FNO213Mwq%2BStJfFe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd2d9ab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/68291.687557b9b660607399a3.js | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/68291.687557b9b660607399a3.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (17615) Hashdd0045a215121572125a5304c3133a15 3ef4f53e521272322eac0952cf5b9b7f7b01ceee b491a88ee2a3533fc0c2eaa6a9f23a5e5d8e431a06aa9cf36e4c36fdcb0c699f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/68291.687557b9b660607399a3.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4506-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWcR42qhl%2FWpaEfWEdlJCdfCUDZfNBMcMBQQ071OpDp2NZRkURhuGVX1J7RpyCUfGtI0Y1OxybZB9%2BCKJQR%2B7NiEfwV8LoPclmgKBDsFWmCpEldlk1vsPqmXjlwBUyfXZa9obj21my2rFX%2B7R9sX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef6f41b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/app.046be1857b9835ad19e7.js | 188.114.97.1 | 200 OK | 684 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/app.046be1857b9835ad19e7.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size684 kB (683933 bytes) Hash548bf6aaee7185ceee59b635b557dc9a 75c298df5f2397e4218d17de297d781fe169b461 4a0fbde1b61188ce3cda8fdce6f655968b6264dadea210b0434dfbb667f1a4d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/app.046be1857b9835ad19e7.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"a6f9d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gO6VO7WVWpPyAW1P4zxK7FRKYAZo8sEfaXIcuBlCPf2aVAsfF0c3DxchftJFZpwTs8cbV6jddaBtqHMxgMjWjA8Nwp%2FFk7CJM4ALcaFOxyu6vHkCPM47hSa8p%2BgB6n5bP61BlEARVXM9oggKeOFw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc8cb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/10991.d742d0d238c0d99e96ae.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/10991.d742d0d238c0d99e96ae.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (10475) Hashfa3d9476408d24313aaaa8d6794932fc 4ab50205305c760862e0892cdf69e397a73fab7a 1f9dc95a0409e1d5a703e72a1f03578ba3b0c28cc1e7177a2b7f46cd7056cd2a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/10991.d742d0d238c0d99e96ae.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2922-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rd5bl3AT%2FY5%2FMWE7neqbK2RryVi4WgBkfXCsZBphGQoWCr4ljps7Scla1V94v7gVwfx00j0w1boUwLae3HAF86uUMA3fLQA1evd5qslZV8BiRRO1%2FddXdzy1n5JWBu%2BB%2FKpNYWE22bNiSkSI09su"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dccca4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/65225.45a68e44217bdc89eb40.js | 188.114.97.1 | 200 OK | 76 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/65225.45a68e44217bdc89eb40.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash5ccb90b22d94fa973ac33a2890fc7929 bb8b8e3a4a475920dc76225e76dad6c1305a76e8 e06633cbe7f25420c71e6a28fd6ccab71404df0d3fcf630e26cdb040e0e0ae2f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/65225.45a68e44217bdc89eb40.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"127f6-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3TyOFUvdTHsf9AmgkDv0pNvTH5GwNsJJpMdvwLhDjmNBhAV1d7d%2BrJF0UI%2FKjv8zxeZvaf%2F5ytczl4BBxnz%2BKrWbeEO2gpkngCx6RhYwJNPTljkFJMHFSvVtzaxrO1VnTQ%2FuOwk5hEFLjVZZRdd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d84b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/adf75861421c2a6a6269.png | 188.114.97.1 | 200 OK | 1.5 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/adf75861421c2a6a6269.png IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash092b071c3b3141a58787415450c27857 d7002b9404799e18bab34e931a6f2e23ab1ba3a4 f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/adf75861421c2a6a6269.png HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: image/png
content-length: 1532
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"5fc-18d27c367b0"
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJtNfC%2BhEskmfuRg17hKR4dy%2BTBTqLMY7V0nXpHqMzdYCLG7MVfjxtRQJkZz6%2Fp5nGCsOM%2FB0c0cOzv%2FdaH5fA2eZXD9Un6kl5zBv%2FLp6Aja3m6yeHgJGA4ZggqNDseTKy3bKKwFqvxfPMBmBoAO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65f49ea4b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/?v=2 | 0.0.0.0 | | 0 B |
URL GET login.restorecord-bot.online/?v=2 IP0.0.0.0:0
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.restorecord-bot.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QP4m7Qbxw65YkUvhNjfQTA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
|
|
| login.restorecord-bot.online/api/v9/auth/location-metadata | 188.114.97.1 | 200 OK | 110 B |
URL GET HTTP/3login.restorecord-bot.online/api/v9/auth/location-metadata IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash46941bad2198d45785f2bd570e096a2f 974cb264cab370a520a6bd5f1cc0022631ca66bd df5922a0bcf8d1cfdc826d608938718b3151f7435205f4a03fb1f369d1c9bf57
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /api/v9/auth/location-metadata HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Super-Properties: eyJvcyI6IkxpbnV4IiwiYnJvd3NlciI6IkZpcmVmb3giLCJkZXZpY2UiOiIiLCJzeXN0ZW1fbG9jYWxlIjoiZW4tVVMiLCJicm93c2VyX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoWDExOyBMaW51eCB4ODZfNjQ7IHJ2Ojk2LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvOTYuMCIsImJyb3dzZXJfdmVyc2lvbiI6Ijk2LjAiLCJvc192ZXJzaW9uIjoiIiwicmVmZXJyZXIiOiIiLCJyZWZlcnJpbmdfZG9tYWluIjoiIiwicmVmZXJyZXJfY3VycmVudCI6IiIsInJlZmVycmluZ19kb21haW5fY3VycmVudCI6IiIsInJlbGVhc2VfY2hhbm5lbCI6InN0YWJsZSIsImNsaWVudF9idWlsZF9udW1iZXIiOjI2MDEwMSwiY2xpZW50X2V2ZW50X3NvdXJjZSI6bnVsbH0=
X-Fingerprint: 1234969881498353775.SnJFH4XR-NAuUNXNGfMoH80ylPI
X-Discord-Locale: en-US
X-Discord-Timezone: UTC
X-Debug-Options: bugReporterEnabled
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://discord.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Audit-Log-Reason, X-Track, X-Super-Properties, X-Context-Properties, X-Failed-Requests, X-Fingerprint, X-RPC-Proxy, X-Discord-Locale, X-Discord-Timezone, X-Debug-Options, x-client-trace-id, If-None-Match, X-Captcha-Key, X-Captcha-Rqtoken, X-Discord-Resource-Optimization-Level, X-Discord-MFA-Authorization, Range, X-RateLimit-Precision
access-control-allow-methods: POST, GET, PUT, PATCH, DELETE
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
content-security-policy: frame-ancestors 'none'; default-src 'none'
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkMBry4T2ZulLFFuAcR9%2Ba4ZkQudDl6knchY6qkSUUS0Bf9LVX1eyZjojF6xJ6cLwjmyR1PFIm08zF7DxTK%2F%2FUFiiTQV97pY585Tp2XJWugSK7eomd%2FwYs0eMwrB"}],"group":"cf-nel","max_age":604800}
set-cookie: __dcfduid=216f7b82073311ef97f366d096097eef; Expires=Sun, 29-Apr-2029 20:49:25 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __sdcfduid=216f7b82073311ef97f366d096097eefd1a345acaec47156b6b00cc2c3fc67f9ad0e768cefee1c2274289f5fbc6b5502; Expires=Sun, 29-Apr-2029 20:49:25 GMT; Max-Age=157680000; Secure; HttpOnly; Path=/; SameSite=Lax, __cfruid=bb3c393c925cb08c861b51f3ae2dd4c02f3876c1-1714510165; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None, _cfuvid=fgrH4Mou8L31zdbzu0JrPjOtP1Fmj5sGu.gWzkzodC4-1714510165792-0.0.1.1-604800000; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
etag: W/"6e-+wGxvL2bbupC78nbVfYjdPkI8mY"
server: cloudflare
cf-ray: 87ca65f48e91b512-OSL
content-encoding: br
|
|
| login.restorecord-bot.online/assets/5486.e277dbe0f48aff03f253.js | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/5486.e277dbe0f48aff03f253.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (18439) Hashda488d066f499947444eb7a2c835e1fc 378be16a36214b56e040795885974a4e7d5635f9 1dfc9020a696de7183246e819d88bfd70298526c4bbe9042b5b39d3628cbaebd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/5486.e277dbe0f48aff03f253.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"483d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ByWR8PrILKtK3xkkPD2zPSzZLS7OA%2FaWMSnjlJ2ygDKUD11B0WnIvgoXKZcSE%2BTiIiozzYEQB8ai40k9a4Gb2Ju6lF7CcUF3HBZQcySGiXcXcy74lMaZgHzWN07q8x9XmH8T4dVUyEXmU4b%2Bofxb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcccb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/74970.ad098636400bd7dcbe6c.js | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/74970.ad098636400bd7dcbe6c.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (28091) Hash3c3526a5242b8edbf4465c32aaf8fa93 577aabb70319ddb82ff368904993a42b33867d13 56d5c52d9d7ee3aa25c7670d3a69b9d711c20ed56e61f26f21cb459640fbf3d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/74970.ad098636400bd7dcbe6c.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"6df2-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HhMELCMg1LMoh81t8BBOtLLRR%2FZuF7Lbd9ntR3JydiixP%2BDSeKShwQeBTGTnFvJnrcYxo0U3saQcD4GGbIZu3%2BIoTqm3ArBKp51aQtIZyudtnyMPqEjU6pW2vRV67DeSw6tdCnC1ov%2FBuc1f1Bjo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcecf3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/64612.26d2bf1afbde26a43a76.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/64612.26d2bf1afbde26a43a76.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (15643) Hashe889f804c915f5278e961cde93d50e20 25e94c62cca79bfaba361e27e49cc687e72b74dd f3649beebf41954e8e4aceed2d74c5fcc81a61e1123b4190efa9a02f785977fd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/64612.26d2bf1afbde26a43a76.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3d52-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TS5TUAc9xrsHYhSm3rL%2B%2Bk8jlDIFO75D3ShpqsmeCUieh%2BdjSeB1l039yDwDwt9e4ZGa2Dmbol9C1PjltQZ2JnRQez6kbjFXZ9ks7Waf%2Feq8yyUcBzkr8XsL3bPqvMosMD%2Bx9SNJx%2FAGsuG9%2Bfuj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d72b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/25653.f1981721227784f0166e.js | 188.114.97.1 | 200 OK | 164 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/25653.f1981721227784f0166e.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size164 kB (164235 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/25653.f1981721227784f0166e.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2818b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4iuSt5oaUrE%2F8mWYmsDGbLxNuG3bBBMROJuQo8meYfX%2Ff%2Fn5gZrdLSIjw5%2Bpe38zz1af9S0DbhcoVrTgDyWwyzld9ZSXGnVV%2FXSj6EqwMFLJRR9N0P8sEaBv%2BV3KfMI5%2Fp5WANt27Eo39oteykjZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65de3f8bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/1182f0e14eb94a3d391e.js | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/1182f0e14eb94a3d391e.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (36601) Hash52b599c4aedf6b6ffe9c2ed3d2b352bd 936cdde615c933061158424d3b8ee939c0f862c3 17968598d9e70c9e4261422b17902c0d3cee59654d9fb070842f392d2f760ecc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/1182f0e14eb94a3d391e.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"8f2a-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xdkxX%2BD%2B13onlNEcO%2FBcemm2zLiGhrR5MOclgZZR0xiuAHUoXMdtrc3GBVMzHWt28TxVPOXitGfcW69K%2BrnGV0JA0TIxnDnO2ytNqvKU73ZyaxMRKlqzqMO9NHf9u88D9Zq198D9oPsxQjN6uN8m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef8f76b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/8f581f91e7e650ac87a2.svg | 188.114.97.1 | 200 OK | 137 B |
URL GET HTTP/3login.restorecord-bot.online/assets/8f581f91e7e650ac87a2.svg IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeSVG Scalable Vector Graphics image Hash897482ffa8de9752445d3eab06524d8c be0afe5b3be92b25fd9baf6c4a98e30a8b4e831d 071d1d5a1ae9749fb0b9175ce5f7b74e994c97cb33f38e2a68bd717b32518dab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/8f581f91e7e650ac87a2.svg HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"89-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9AyCzbUmO40ntS45i9GYhnofcHRZNdXio0%2Faya3Twda1txk4UtDt6JrU6RXxtRslXwna0p9sf6a2lBjQYjk%2FrXrNqW%2FJor7zVjdoj%2FUdMyVJPRKySmsgb6JQNl2NShPZRi%2FG5ZN5GuInvhHiTel"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efdff6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/94816.637e7c0b320aab380f7b.js | 188.114.97.1 | 200 OK | 87 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/94816.637e7c0b320aab380f7b.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94816.637e7c0b320aab380f7b.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1553f-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z74AVB6zIGrzXEQVUqhQiD2kyromShMLAx9HKbP3fGrH0Qse6TyQ9gpLzJF2%2BD4bQZd3xCBMZUh7ysBZVHZDrThOjPzQZggDPE3CALNrsu0L7oK35q5%2B40rUOBLAuHfFPQuQxlXxMG6mv%2FXWDJCg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfcfab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/58409.1811376ebb7f14b0be53.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/58409.1811376ebb7f14b0be53.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (13964) Hashb04469c4ff1a1e4369a1238f1a6e7e13 baa699271e0bad0d5d568f5d0cb2dac21f5a2d0b 2dc6a1da0d49480f89ccab794ec25a14cab0ca4034039ae26e39faccdda82a50
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/58409.1811376ebb7f14b0be53.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"36c3-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LRv8zTpzFNCV2tkcb67P2IuZebEqhVlBlXGXea5QzNh9T3vH%2BPO9gpfyMM%2BjA%2BQkys2WpbVZg%2FDY9gDFy9MDO5d8KsH753OEIDJrP08CJ5lM3CgfHqNAIoTP8jHLMKyPvHh%2BblaGxIV28QNgG%2FyK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd5e10b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/94288.dbd73ecb6b1482a870b7.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/94288.dbd73ecb6b1482a870b7.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (9979) Hash38d4ac71291ec9223ae33b9ebb5a4e89 7282b3fb164396d9510224b3040a89902c825546 9a8d5847b100e711a41231d5c45682b01b8173438f96c52667fd872976c18cc9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94288.dbd73ecb6b1482a870b7.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2732-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OL8VkM8utXE8DBaQyfQOmYj7DiU5rC09CSDxPsFaVzrbAHthH8TV86qeP%2Bat%2BsM8LWOm0kASG%2F3pe7uEW1hYJ0fjo8k3zGB%2F3qSAh8ZcYyXZhTvtSqnNEu5v1cQ0nRJ%2FM9c%2Bj2Xu2%2BcRJp2LX6UF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcb8b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/78995.c052e63a7b5574176cf3.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/78995.c052e63a7b5574176cf3.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/78995.c052e63a7b5574176cf3.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"4b93-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsLgta0UqmJtpxrpK2trtNEqpNdBZmQHLDYvAU3AEdCk9P3GV5EEXOpq248%2BLIZ0n%2Flaw8oGgluhZmeVhknaC7y2wU%2BFKdWc4qBQ42fpg0N701XWD2n9cvz80CjszCxorxjt%2Fy8LWnam0hGqJIbv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef7f5db512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/52033.8c199987fcf5a97f2ee5.js | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/52033.8c199987fcf5a97f2ee5.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (10438) Hash8eaae7e1a96c8c653d0d85b3733e705f 5b7a6b708f070bbdf46cf15e3c613e3e60896260 83e5ef5e06c1625afe2ad608af5ab6b3dcf13652395d218b8f2a2442bb5791c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/52033.8c199987fcf5a97f2ee5.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"28fd-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9klJq1zInuyNt%2FfQT%2Bz528GaE2XkU3Vrfn48Zos0c9w951vimGe%2BNJ3mF6PeMkYHp69Me7WaL%2BiXiwXXOtw88mj%2FMHccBJTwTUC4GnGh%2B%2Fn8tXIwxbP4uFkCXuxVx4Gssm3jn5Xl7boFnPN8pV1C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef9f94b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/321a07cbc6f5919dbce9.svg | 188.114.97.1 | 200 OK | 139 B |
URL GET HTTP/3login.restorecord-bot.online/assets/321a07cbc6f5919dbce9.svg IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeSVG Scalable Vector Graphics image Hashd8307f61f76f425f8834fd27a04c1b3e 5fd275de4826b418e24dfb34abca1dd2d6397b78 e05e223815347635e74c037681ab5036542fbd6c1a0f08a9c923153ccf837441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/321a07cbc6f5919dbce9.svg HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"8b-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jk%2FAbLC3SHSnf99LmKzZAfmviEd0lmlFbfJv8jqznE6X0gBA9SFZJ6rvVgkp13xzzjU4Gm%2F3nxNwi1czd8iEsjmyXMxaw%2B0kI8iWT76NT0hdZp3QjQl9SD10FpRkzTvNAcDKEGKCGBMQdpCnCHdK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efcfe5b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/shared.6fd41c763b4cd504862f.js | 188.114.97.1 | 200 OK | 119 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/shared.6fd41c763b4cd504862f.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size119 kB (118990 bytes) Hashf2444e4ebe925f193c83f692cd8766e6 9d0c75a19d0693743e6429ab8da62f70184426ab 957af5a5dbcbbb943faca25af701c1a3d8839ad98d55ee5aaa401aa2f117ea8b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/shared.6fd41c763b4cd504862f.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1d0ce-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FF%2B%2F7AFG3W14xA6HoNZq42byrGIl8jZ3xxpFd6omjFdWasHIWU63Yv7ZhZ938lZm9FdYSuP5BO%2FBtBz99xLNP7E625lDBxFZww7jm7Jj7VHwgsMKJ%2BPd8dMuWZCCssMy1gERGPOdBD68MGU9dELz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcac88b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/31897.ec700144df6b20f401cb.js | 188.114.97.1 | 200 OK | 6.5 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/31897.ec700144df6b20f401cb.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (6675), with no line terminators Hashc541881b1eb8c6fc9ef167b40d30b518 b18e4deb44d3a876d671cd0c32c1cf60512dd342 b45ec7b4dce9bbc331cb5b4af670a517c046f91c6cc8d32f04c143456f3bba9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/31897.ec700144df6b20f401cb.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1970-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pt3%2FUuAqR1Y%2FUrU0iG1WwHC0HeeEU%2Ft1eYPtbb2GVUoogMAXz5rm1RHvY4Ck84NAoDCIQW835KptCFINq5d6Jz8%2ByuK8aI08FnbRhgX%2BmLUYYIOfJS7g2sHogvGNpePkAkxI3lwmF7o9UZ22aCUS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dccca9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/18407.d0257553d76c1da19de7.js | 188.114.97.1 | 200 OK | 63 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/18407.d0257553d76c1da19de7.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (62630) Hashc6070a74fc7828610536a88f4ef0ac00 58ff20e6b81343ce9fb04c9a3b98e96eeaced06b 5a52fadd5efd62ecee80f803d600055810fb7765497d80e95e8f61aa27286cc5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/18407.d0257553d76c1da19de7.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"f4dd-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JvpMqmbYDL4kpqnflZhaW6zH8JBeW%2FF5ibSlBwgZGARLEQrCVHwRXjVEF0ENE1vf2rPx1aOaHvopmuIM24PtmiDAdWGv4NfqGOcXFZ7gh%2BDSrWF1zkG8tB%2FPD5b8FpJczm9wKWhzwTnyBt%2FrlCoA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcece2b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/74836.b991877dde75f9619c99.js | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/74836.b991877dde75f9619c99.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (19958) Hash5de4f60b4efa8bb9454edb13d1cb9d83 5eb21a1fb900d78a23b781b715ee7f3eeb52b672 b6399a12a07f326a303c82e16981091cc42b529ea9f8b0c6986a0d7e91036692
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/74836.b991877dde75f9619c99.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4e2d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fm%2FB%2FwAkddNA4EfedgO69ExlmeinZ2wvmzUhRAdjCqUS9z0enzPTPN33X1PwtZpEN3H%2BOZFtdt80W39aH8hCuE87v3SquZze1itCuc1izMSrHvJ22KTuTrf%2FBtQduivwThQ60Lk4p4mU6E1Fz3tZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcecf4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/23777.2a4fc059cb5b5caf5307.js | 188.114.97.1 | 200 OK | 60 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/23777.2a4fc059cb5b5caf5307.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (59652) Hash264bf832f52128869c50c91968264bb4 95a54d2525f093719198bfa0aaa1c7ef8574cc4f 515cb4b2b1c5a8190e7a9f74c13a3539aa2f758af17a50a71b9832fe53a88f9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/23777.2a4fc059cb5b5caf5307.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"e93b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjzxA30Uwm6EWniUZe3GSWGDoMX45UZ7EhTdddc2MJ3Iph56O1eP87Y3KDoznNim%2Fxp8bjcKjzZuilzZ5HPgL95%2FeVYNwprJ71ktvMugo5U1oQTEuzHMAPTyjmjJNabQVc17hFoTTnV%2FL2hPb6GB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd06b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/18667.a2153b412864bc0484ff.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/18667.a2153b412864bc0484ff.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (11075) Hash40ac4831e99b9248bfcac7f7dc820c49 ff2b273c92b32ed9a0849743bec41a5af5b9d3c1 b47a9d595f8492f38ccddba2d47641117fc6a8426d73db79218259717462518f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/18667.a2153b412864bc0484ff.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2b7a-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuyaxusOWe5GICm%2F57e5k6t1F1HwLpTgPEWHRVcp4gOYjfb2qDGiIx83N6Jc%2F%2BkIzoiGUVZJm15a0gHxB6H343PQhUa9S9Viz0GURxR9dZhJ7CFqOMZWtEAMNoQnaT%2FKL%2BEJpU19JaSc1I7Xq%2BRF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef8f88b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/d8d8bb7602e34b57bbef.js | 188.114.97.1 | 200 OK | 164 B |
URL GET HTTP/3login.restorecord-bot.online/assets/d8d8bb7602e34b57bbef.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with no line terminators Hashf82bf1c23c9485e0017406246ad5bd7e 6edc2406e77fe53d60d5c955b76b6f34a5b3cd59 f110fea7669d1c9ada9bc6f23ebf0fa2ef1d58f2fc98b30d6d25de027a0b8afd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/d8d8bb7602e34b57bbef.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnQEUoLzv3G5N68mfptenGYCMS2Jk6RwqYBHf1kReBbPbr3MgnElFOBlKBOY6ZabLM0XUZYzTAfrN1Z4YYz0vWhKwZtwa93kSgfqMpXSoHny3os4JMkhgnvvO8ERowYcz2M5m7wu%2FPjKX58OMzCt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efcfe1b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/20ac37ed2576dd48d7dc.woff2 | 188.114.97.1 | 200 OK | 65 B |
URL GET HTTP/3login.restorecord-bot.online/assets/20ac37ed2576dd48d7dc.woff2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with no line terminators Hash84b7416cff14fd88e25c7a5e808f96e7 141dc0f5c13044dad660a2add445baf5c472dffb d8c6f38967f6cf2d568e34abe3e04c2c2c195becd596c1cee7b9b83822dd768c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/20ac37ed2576dd48d7dc.woff2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/assets/app.efcb8c8bc767b60fbdd8.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:25 GMT
content-type: font/woff2
content-length: 65
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"41-18d27c367b0"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lLppJtt1knPRbhH3eAmQMQdl8Ic8Q0XrHfvPk%2FPGLI9b2elEoHiBtKd0AQKSka7LA6XAYKoDikJHufPyWaM5vKsoPq2h5SbPurA5dobKw1dHsOZiKhZEQDLuEBYcz4otdb9Yt15zYlSSTNmBoY8x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65f46e64b512-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/shared.20ac0e19e560421c41a2.css | 188.114.97.1 | 200 OK | 475 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/shared.20ac0e19e560421c41a2.css IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size475 kB (474928 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/shared.20ac0e19e560421c41a2.css HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"73f30-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cyOviOD1dj4c7vvyaMFS92n5lA2bIB6BgGKySISzKZTmNXg7vV9xpzYkusTGOQ4y2X598qPZ3%2BR4HVcz6ZsTKUxnY4GTVLe4ckii%2BZu2Rs5DrQFBQ%2FPH%2Fg2mjfGngG6PpS4mE1lXl0hn0izfC%2B92"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcac87b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/65000.e1b9099437a0cb5444c8.js | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/65000.e1b9099437a0cb5444c8.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (21036) Hashabc619bd0b72681ed95131a5e0489b12 50f98a563f0b7771b5df533e8dd75306f37606d5 0384028309684382f2d9e791a778dbe1a4a0e9bc6e6756bdfc3d4f236ae3bc66
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/65000.e1b9099437a0cb5444c8.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5263-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9SZsRjhW90ZKShMXwj%2FZLkoo%2BLntl57CMyUq5hioMTWYI5eP3D41Y3BYr%2B8%2FDNH0WsiAvaAWLU9dD%2BOxsriOkpNc2AnP9SQ5XGvrb7z23bkXF81ZiIFhQjyxp4mfWvbZogPl9TK3fwfzYXCCHhRm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc9fb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/49191.4c47aae235ac3c0cdcd4.js | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/49191.4c47aae235ac3c0cdcd4.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (12692) Hashd4ce6646e8d5ffda699497912a3eebd1 4a805ee77c49b82538f97e189c6fe64763b596af 27303c6d56e622d841fdf0dbe19d3b61ba24b4d9ed0f0063554d40d051419a8f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/49191.4c47aae235ac3c0cdcd4.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"31cb-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3iXaDcdGMqi%2FAvPFkn%2FtkP%2BDkWonti9fAxD%2FjHBAzsqqn1RVl6c2XjYf9NrpVH6TrYpQssjf01OVpK7WHYCFk6WCzhIzecPLla7OjAaIzVV7JaWg2I2XC8iq7gT1JkQgF6ALW8Uytvd0mWHqz%2BYb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd01b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/80083.7fd81fb4889aa662cd19.js | 188.114.97.1 | 200 OK | 26 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/80083.7fd81fb4889aa662cd19.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (26162) Hash0abbebabbe917f168094124bb3cce39a 9de38e8e88c1c3450db921ccfcaa3afb35563194 21dd7691eb613640f3b6e7ca733fbb99374430c34523f31fbeeb877ca8c5c494
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/80083.7fd81fb4889aa662cd19.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"6669-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BuqiQkaROmg3BpEKU8Gvu2RUP%2F1bN4kCIv4apWSxYPUcAl45axSrVyrMybuqdQMrQ4Mer%2FssHsV83duTQU8xaemzrqx%2Fzp2uMSWu2dXf9eS%2F7xlHILNzo59udmvPFRRfR27yikJaCT7jDnpH5DY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d23b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/7273.654bf842a369e2d3de94.js | 188.114.97.1 | 200 OK | 484 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/7273.654bf842a369e2d3de94.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size484 kB (483947 bytes) Hash8da1faca35a6cf1029dfc42e48b9c810 45f463dd73d51dabbb399d6ae6a4c1f16019e50a 14acf9e94dd9a0cb4dc91e43f797654258398f2c91ce40aff16960d049111125
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/7273.654bf842a369e2d3de94.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"7626b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XEwrk92ccsPPQLLOyxCX2yNP9Zy7nT%2BFNghy2PHQuIUbWtNIy28wjfYWcWLtuVgVR1TGRr6rw%2BDp2M2qQj6SrxPWrjv60KukyGlaRt2EO322MMq7bEu%2FJlvMXvmfXu5F2XW%2FxuSMQtf1WEn65sx0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65de4f98b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/e9e649f003bbece806b1.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/e9e649f003bbece806b1.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (15715) Hash6a513e08bb57247ee2a7f7f28392d957 9ad8a8814f81f63d7e6302f913b45a047f2e8985 e6a791274ec54c4a3ac6c8b2f7a2689d04e9579f00b218e9e849abae247c0fc6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/e9e649f003bbece806b1.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3d94-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKN4DdR7ABytfxCukeJxFnVB2yMkKhn0A7cgZRjyMDqCwaL1phroWIxp9sOrIuK6M6Cd9UkKE5xVxBf0plHpH6oFt0%2BGW33DFgH3BDSzfqnrFzG2zwTrANofgwFejjKK4q2k1C1JLOeJk9hG%2B%2Bbn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef8f7fb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/63550.a619020e4c7b3d5be7ac.js | 188.114.97.1 | 200 OK | 8.0 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/63550.a619020e4c7b3d5be7ac.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (8041), with no line terminators Hashb03a74e4793c52da60a440f2b73aea20 a845f9c25a2f8fb2a10e67468045286a3f0d5851 d64c4d797460c5e849a45bdd00b59075f1a415c2be3a2de56f719e7372534101
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/63550.a619020e4c7b3d5be7ac.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1f1c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebyATHgfm%2FL0jhXOA%2F3ckp%2FrzcnRT8x%2BwsrdNDsUeO407fj96dE878%2FddskbC7fbNx84KqyqUHy7jiQr93s3c3uFdd5xWfO1K7JVn51%2BAl9gP9ENwY0rWJ0qIfDyMqyMiss9HyGXebynm54ZCeOA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc98b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/86480.ebf8826a7f33e22a6aba.js | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/86480.ebf8826a7f33e22a6aba.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (14887) Hashefa64bf325b069f9cddd3a1e224e7679 c18d2104d2ab6cf8599c57fc52d01faf8c48aec9 94139cd642069de9ba7621638c1dd08ff2703c859f69df7e24ee109f4f3cd250
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/86480.ebf8826a7f33e22a6aba.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a5e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAp2eBwhGOIjLt99pRdE6GRHlZYjphqDgfC4uEVDd5WGZKtqaqzqkovFMQmHvuD%2FJu%2BJAGIk2WGPu8Q8iIHoAR7d2JXY60XmpmQyp%2FzldSJLRVcljuPUe0HYm%2BgFfmMVwUgGa%2FhUxb8rtCpUIr8B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcece0b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/94381.75805595bcb471e9283c.js | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/94381.75805595bcb471e9283c.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (17283) Hash1d9461b1a5901db3a1913721102de7f6 b5aaaaf164bd8d45b150d86ec7580dd08743efc3 8fee5c60698b99ceefb3b9443339bf6ae1b610b3e5df65ef668eb1dbc8643dde
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94381.75805595bcb471e9283c.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"43ba-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ze7RvIDvZm09M1svsilBUJPPR0i167hMxtR4%2BT0KI%2FHADZ3Jdzn68xEf7zSCD%2FUDsCtW%2FZFjks%2BjDYDWYU%2FZ4lPlzXWYMColhdh17YLjHMjxOFimVC5LUrqCzVQiln59MkQzcYkW2zNw0teXjvUi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d8bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/21251.87af35fe00e980d9651d.js | 188.114.97.1 | 200 OK | 22 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/21251.87af35fe00e980d9651d.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (22100) Hash87ae3712843239cfd30ac976bd99940d f94f35e5ba76aa102c14972c75cd67728f6efeae e4f129ecb25b26e3644847541c531e34f3e0848bfdbb9f0f00fe97347bbd9db9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/21251.87af35fe00e980d9651d.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"568b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8RikfwITVeCJGghwIRulijyYBM2vyfeRUqkvzKxSbuqP5JQpbNG%2BOXyl3t8drCriDalAKSoYu%2FiSf3rzRy2nbroYwo%2F7KcBKxvEZA5GEE2fAfHKmht1jRN8Kw%2FJYpIEvuBUo2ADH%2BjegjITKWTd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcecdcb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/48059.86a954da9c9a44ee9dee.js | 188.114.97.1 | 200 OK | 121 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/48059.86a954da9c9a44ee9dee.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size121 kB (120793 bytes) Hash0913b93dc0dd7e4beacfbb0303501b18 e2fa12d63460ad8a54218971c444b085958ced88 9f32de28a06abc9233adf200a94a4d637cd39ab3b3970390175b42e09e5820fe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/48059.86a954da9c9a44ee9dee.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1d7d9-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GIFbK78ingJjuAicqVtvtmx9viYHyh5hAOwkbTjP8HdWhR01emm%2F1eM7A3%2B9SVs6Db17XGWRuLJAwspoa0cR7zbwCkfZZtK9FVN0D4GS9317gPCn6q6J28vsOSIkBF5rVbo1ZxpAg%2Fp8b6TjAImh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d63b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/40876.477d9a39902b14c7bd0a.js | 188.114.97.1 | 200 OK | 39 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/40876.477d9a39902b14c7bd0a.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (38897) Hash167366b2e3d129cc3dced1a4e7dbd82b 62a0800ba5389dfb92136e31c08cfabacdccb8fe e943c9ed5fd4c16dc88029340b62dccd9afb900ed4501c7bd14e6264a34df983
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/40876.477d9a39902b14c7bd0a.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"9828-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6rrDlEziE%2BuCKcBp1SCuNFhl7BgjCnsGA2KSOpZQrTHLgXwa0MPYlcsyvyqrhx%2BROgr99G57dL1%2BZbeMQmeyNK%2FtsaBQHXvDSj99MFcbKHQYp9GbmXwBZ0yBeQJI4RjBu8KDSWkrjqT9at6NvWb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d96b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/68560.e27fd85667a295676749.js | 188.114.97.1 | 200 OK | 49 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/68560.e27fd85667a295676749.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (49324) Hash264fdf0094b5d416ab5fcb70a1f52ca4 f76c8aafe7d2ea911de8ce22bfbaa66d974cd348 73487f57bc5d9a1a20ca844eea8d8e14799184ce34fdf2e31c70a502955b0380
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/68560.e27fd85667a295676749.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"c0e3-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ug2B2N%2BShrREM6kuZWlsIZL%2FcGca8V%2Fbo84QhXgXlMXl9sW4jdlrpJuLEZknusoCgQBG8tCbywO1etN52xZtazwD7ylJwPmdl0vXVuBCdEmhH%2BYVroZlu51Jngg3TgkJkb0%2BFXOdFqehtKqFvkI6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef9f98b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/78033.af8587a9881dd8fba471.js | 188.114.97.1 | 200 OK | 1.4 MB |
URL GET HTTP/3login.restorecord-bot.online/assets/78033.af8587a9881dd8fba471.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size1.4 MB (1402833 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/78033.af8587a9881dd8fba471.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"1567d1-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xm9t2X6meKq92BW%2B43iZhO5R8GmaIODaYfQ7Ajf0%2BWYPsN9f1eksBgX4KwjlVENMPAifEFxO84oFHI9IAwzfNe2zV9rlMtkRjh%2B2bUIHR3hgKf1ZDzRy%2FziwP9qXtHRloJ2%2BL%2BCghZ%2BixaN88%2Bee"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d55b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/33547.5c46865f95647d249cb8.js | 188.114.97.1 | 200 OK | 61 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/33547.5c46865f95647d249cb8.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/33547.5c46865f95647d249cb8.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"ee2c-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=531vbiDtI%2FwT6TQXS38kK2Iybu4VZAqas6VJOqc1aB5EmtqteLiHTcev5My0DTAc567hHOgTyFD5rZ%2FEh82P5biV5pEc5pymBmZ0C0oxaw9hzymlPcXS7Mn9bdiLoL643Wyrv6VPpW4i1GF4pFKS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d86b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/44504.4c4113c3ec609733dacd.js | 188.114.97.1 | 200 OK | 60 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/44504.4c4113c3ec609733dacd.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (59916) Hash34be6172cc28f54550f737535ee7406b ae6f7a023c57531df95cfce4b8c2faf862b922c5 419e3eebea240a838aa818a0ac9b57d607a52c7547cd9ee876bfb2bd84226e8b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/44504.4c4113c3ec609733dacd.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"ea43-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AuIjLEyjyh7YiCBD7sk%2FsnKnnNG4zBA55z7Er5mTnOqt4yWtmS%2B9aksLtlUO6%2BxTbFFDqAolx%2BFk2ZB1m92s8qUFM%2FvLYh5tprGo%2FTC5SY0W5hR4Z%2FQljcIK%2FbSx1%2B9TQEumsHUZo7DoZwWyX2l8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef7f69b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/a826e445dff97cf15335.svg | 188.114.97.1 | 200 OK | 2.1 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/a826e445dff97cf15335.svg IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeSVG Scalable Vector Graphics image Hash1ff7f50b770d68712d36c79ae6121521 e3fe855784e971e2c57de12e878aa073da7d31bd ad965cb39af806b0543af5c32ae34cd0b136dda9272e6d877b067cd00563e048
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/a826e445dff97cf15335.svg HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"80a-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FdVMZkqfO%2FYj6taL8QB21CWoOH6p89gh659HNJx2NrbnupoEGmCI%2FT%2FRS%2Ff%2FgT56xyklomK22Rl1kXmEhyKQWzF3ISvOtv6mUxl%2Fqc0V7ApREKeeniCo6093%2FClOEQlIqlGiVZEt5wSofJ0wlOrb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efdfe8b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/1f3e315f020ed5635dc1.svg | 188.114.97.1 | 200 OK | 180 B |
URL GET HTTP/3login.restorecord-bot.online/assets/1f3e315f020ed5635dc1.svg IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeSVG Scalable Vector Graphics image Hash7be3d705f8fd758f30fdb6d593364954 469caeb23537d7152c40fca8e5a8c9a03013eb07 907d7bc2d1af895ac583237f9005822ad480c51fd03618f5a7819c3d71b62424
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/1f3e315f020ed5635dc1.svg HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"b4-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P6X0GbTE5bVINr8fiCK3fEpt6yqQFbScaJ8xYcaaqn1BItyNEgghPybxvcNS%2BKoRCJy%2B3Hbe756jbq3YI0uJmZCXZDW6Gwt4P2VpWGhmv%2FfDNzsvc1OFVTXAsCRjXYkZb9s7ry9NzVrZGlyAUReD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efdfe9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/3341.1a1f8595a0c8fc9f99cf.js | 188.114.97.1 | 200 OK | 8.5 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/3341.1a1f8595a0c8fc9f99cf.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (8843), with no line terminators Hashe26a8efc5dde624130372229258ab5c8 6fb44998a93cba1ead19a776409849a6c50bebe7 6302c624d089c3bcde5638a15d621c0f664857468478526bcac9b419ddc6d81f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/3341.1a1f8595a0c8fc9f99cf.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"211e-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w0kPm2I4HwPHUdFI3fto3cuk3WKmnSWY2OOyMsQYme38CifuCWbfVa44G6%2BV34fTDERPHKfatqhq4v5rI54sYGIC4nBul06LPN6hMIK6tmtg29fIyE0wprHTCBlZ0P0Q%2BVXjgOIkFxwwQrVlMIOR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd5e12b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/4650ae2583f4cebb91ab.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/4650ae2583f4cebb91ab.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (10990) Hashaefacf14a0528576a759837b74b8054b c3769250863d85360b36096f544b1e9c9904c9bc c0ea7413413b3ee925b173f94f67a7753ff6a77c00759b004e417b865ad9b727
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/4650ae2583f4cebb91ab.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2b1f-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3%2FPL%2BSXNk6SI1DUpuTw8zjLmIyf7SU3xJtgxcj3sdkP%2BpURIALkyuCsjX9kQvDHm7ZwugsKzA1PUaboLOPc5o%2Bd5xIZ3W%2BTuC%2Bmfi3L69wy1PSQ1%2BLOc3pUBRzXy8DJw8hnYY%2B8bQ4fvrMLz5t2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef8f72b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/94751.a83f5d49f2a33eb3efc1.js | 188.114.97.1 | 200 OK | 1.0 MB |
URL GET HTTP/3login.restorecord-bot.online/assets/94751.a83f5d49f2a33eb3efc1.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size1.0 MB (1006633 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/94751.a83f5d49f2a33eb3efc1.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"f5c29-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3EcZni6lxgiNnt7NTN2lHPYpv3w8H8gxy4CkokfAsikpOrRyVfvqd9LRDQ5DKcP9Oyy%2BD%2B5N%2BRBPN22U7wz65Ep%2FaaSlHhrdPG%2FI0uhp6525ivtOeODXO3ZTzBpPOO2D%2BYICo27JLc7N9T%2B06j1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcc4b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/81161.16bd418e776559e11cd2.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/81161.16bd418e776559e11cd2.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (15686) Hash3c97dbccfd4e8411ca557fa727fd0a19 f35fea6cecdc989d2850b9a1f7abd2330aff5133 ca76d86c4f5150906a316d1ca088cd09eadbd882971821fa6e030127b81eac32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/81161.16bd418e776559e11cd2.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3d7d-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqctVg1REGr0xhHDBC5Js32qm0m5dxWWbwqfycgEGhVzAiNvW2rHvZ7U2WLYXL57P56imcM%2F0xQVQgUKaXvBvQOKfVNM8ZenVfb4XhMyT%2BPETU5D2%2BURCBbkOrnwfVeVQaeO4lXPXNB3G3SiKwQR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d50b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/99b391e2f74aa1e0d266.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/99b391e2f74aa1e0d266.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/99b391e2f74aa1e0d266.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"3558-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmB9Vd079tJJSmknyIiowBKb0sNXEga1bCzbeoO8dfRhCFzhxOMOwS%2F8%2FaQwaTyJKQ6tN9J6D2L9WehD9kIXvWPB6hwk%2B93aFFhxhpvqXWNy73CzaXQo7ty6vUleq141WnizLfx2tlyfg1qpn2vh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef7f6bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/75676.8481ee3ef6c0d7c670c6.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/75676.8481ee3ef6c0d7c670c6.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (13527) Hash502ff8e5505ed7ca0324277b0bc89a44 d72fbdd0644c128b92e705195be59364fe41d03a da6f72756a57cf6b4ee7fe8d1ffa539976246470d740b0434e62ce7bb3d4a60f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/75676.8481ee3ef6c0d7c670c6.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"350e-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I0GwVv2HDcI6dY27ys73qMUJMLsv1y%2FHUYgQkuyXVtAR8d8Dg9cOqBtxuwKtWR%2B6RVxEkqGW1Xcg2bFlvliwsqj%2BeNkDzWiXu57BRIQszNNHnLnFyp%2Btde8hkcH85hK88cesmHGT%2F3RQFHGS2xY3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcececb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/18814.2887004806e3f2dcb541.js | 188.114.97.1 | 200 OK | 17 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/18814.2887004806e3f2dcb541.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (16511) Hasheb44fdac0aefca117662f9db435ffc09 bf2224f54fd833cad9374ec73e35425ca7850d0d 8e7a022b3c6e28ed485a3e73ea49864a44b188c56ff7f3be7ab7cd268662a33a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/18814.2887004806e3f2dcb541.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"40b6-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ON955HJg6nTcYrUhg9RyrZgMSHkKQZCONVUROfGjCrLH1gkscsdJgwd2LxgB5Y3hRs9mM9tDl5WKhNdMFrXAf9h0UzNduRtzfmPg3eY6R6oAY%2BfH0bKrxcqsg0idjEu%2BpjlNrouahvYKYWf%2B8Plx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d21b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/31421.ced40b898074b2c19b15.js | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/31421.ced40b898074b2c19b15.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (12060) Hashce1c4ffbc40c7e9bf65f4228013a5819 5032e464391b595927baf62c1e4bf0034ef66d26 131db5cf2b0741365470de35e02d94da3de2b223b8c18e3ca3dd7c26af23d6e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/31421.ced40b898074b2c19b15.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2f53-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2FXNxBvMDpexqDI3QH1tHzb8R9HWWzJi%2BGSR7fUDGnm4mibDTzYQNTmKKz4fXWEdCxy%2FqCkNF7T9LDmGqRogYFIQ%2Ft1nbNtVcwuNNefjotosd2U6apxAvnGa5zxWnyEmtVcHqUYy5fTuG%2FOLiMQr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d7cb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/23992.0430129d8ed977cac0d4.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/23992.0430129d8ed977cac0d4.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/23992.0430129d8ed977cac0d4.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"37fe-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4CAnljd2zCekmO2hgEdmyomcD9i094wuBg%2FzFv9PgcxgM4y9CfoS4IHVaG4pWIwinC934CADXwpksBYcx7aCNFQPHJ25lBSS%2F%2FpAdQnRDmyp%2Ft2uyV%2B%2BI3%2B14tN6GyoY0gzpt67Gm0XuUroX%2FnWE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef8f85b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/67079.912803f13064d4c3677e.js | 188.114.97.1 | 200 OK | 23 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/67079.912803f13064d4c3677e.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (23306) Hash2a521f7bf2072b4d3eabdf38c0681157 90cfe120f3d79aa5d4efed7a5b458ec27e2d9af0 d7cc40cdb7b530f4d0050c5354a295361f1550e1e3f3092b8e2758fc26006903
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/67079.912803f13064d4c3677e.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5b41-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qk1KRnSAhm16OI2q6xTyh5DjTgvRbWMHHm2SDY52frtQA3%2FEUxYHpt5RYa3A8ckYGHw6%2F51GcgQXjT%2FBSXEukCwaR%2BLXrrHJ3M8cQRADawjQSaxijiBpGTcVIM4u1v01FNlHjeCuY5t4%2BGliPS09"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd0bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/55639.406bee7d3e2064cd65d4.js | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/55639.406bee7d3e2064cd65d4.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (27753) Hash75d1d4ed4e9080766fea15d7548a9472 b64d354f4c71d5176d3cb52dc7e55e752b48059a 66e11c8abc27f8285a8a7a8179af491f8b5d8e797b92afe6bd4a2cd710b2e122
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/55639.406bee7d3e2064cd65d4.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"6ca0-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1OapK3l91rMglltrykPMf5wyBmlPK7KUkoRjIWnuhWI2f8edd04ZB%2FrkDLQWTDSfjA0C6LDL8V0FOZ3%2BfYGwVP0CBpPKauyW4BE3X0tT0gCa%2BMvftbqkQsUqEJg7FU5ZYPkdKpRV5njclOwUnPLD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d68b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/98106.5d0f74b94113ede84656.js | 188.114.97.1 | 200 OK | 111 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/98106.5d0f74b94113ede84656.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (110574 bytes) Hash052c17e11e732de852f587cb1fe2cda5 31a92c74ce4c31c741d43570106a7086c94362fa 52bf56ddfb5538d260a9163c9fa4bd213fb2b79ee3da2a2cda4de6c37ed53ff6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/98106.5d0f74b94113ede84656.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1afee-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jphGOM4kh8YuGZBBHhPDqfCCZ34TW%2FZgMJXilREVZ%2BThl867cPN6WE99P%2BnQ2blb%2BCNSODgQTW2fLeKJxNqZs85wTnpggzX2I1%2B2M6OJfxDkrB7o4UnR3QrNF1ZuD51PUHajVdy5H1lrEiMVMoOx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef4f30b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/?v=2 | 188.114.97.1 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1login.restorecord-bot.online/?v=2 IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.restorecord-bot.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xer3AEeZQ3k0xDXHeH4/0g==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 30 Apr 2024 20:49:25 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6Lxx0YXKTmYjVneuYV0GYpRabm4=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2VNCOix%2FmhcEVDdQz0o6B2jzpO6ZySGV51S7vwdbPhEg0McclZ6QN2c%2BtVojeiAv7EHrpVdSzBoI8fI%2B8wMKIUXt1OxukC8i%2B691CmtcxcuN7wvwd2B%2FfKUKK63IU4cTNexMihLeYfx1EDks4OY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ca65f4caf756bd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/75851.82c9a7f8176d778029e3.js | 188.114.97.1 | 200 OK | 9.7 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/75851.82c9a7f8176d778029e3.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with very long lines (9810), with no line terminators Hashac6ef2a39ee1dd9bfd9906c593a8ffc6 0770b44a9791f7bb2d95b3c44c79a96fdf08ac4f 99c9f93237bec55428a7d0199a1a1c33239ff4f3afc72f09a03c860961430ad7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/75851.82c9a7f8176d778029e3.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"25ed-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RQlqNjXNAw9UvBDmjCIP8jbOFHVWvSHiBfsZ1gK30Ng4FmKS4Uy5wpFauK%2BNIjaE4eXFoAkBLqrlg%2FVXCrpbE%2F%2B3YUJgLlfTLEdR2hjCEdBkuScQ%2FtnSmWeGS3UrNszbpWTCAbenZvJLdGiwY%2BJ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdccab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/96897.008f2a416a4c547f02a7.js | 188.114.97.1 | 200 OK | 8.9 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/96897.008f2a416a4c547f02a7.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (9305), with no line terminators Hash09526b3c9921a6dc860a1ad3e0b0bbb7 8830182678c4c396ec9098dbb522bf8124196a97 9c1e6291fe3e409a901297061f201be5ea9de639ca97a63badffdc77f50fbce1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/96897.008f2a416a4c547f02a7.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"22bc-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7PhXEn70OApsvQmamMaGPSSYfEvnATJYmalkHaYpvtSIZ4bkrYG%2FLgxfemMIpgEA48PcPW0Gtx%2BGRkcvPr3DZpKWFB2UoP7I7K%2Fy0Cwf%2F5vn1Jw044oOkz7mfO67NjYZUs35R8rFoHdvf1QCnH7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d48b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/1af9bdf041e000508e41.svg | 188.114.97.1 | 200 OK | 137 B |
URL GET HTTP/3login.restorecord-bot.online/assets/1af9bdf041e000508e41.svg IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeSVG Scalable Vector Graphics image Hashde7079c084523cbb534e908927ab5519 cd4e81dfbcc142ff38ac775c9302f26d3bd28fa0 b5d51114897461dedb697b36086385bdc8b62f56da6914fcec198644a96aa65a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/1af9bdf041e000508e41.svg HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:34 GMT
etag: W/"89-18d27c367b0"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qb%2BKFXDSFrCJQdfqK5APFbmP1xanKLCNaa5EKEi0THpFdggLOL6bdwM5PacxeT47nzgb1xe7uaKyQ%2FPHvQ49LpgCJPH7qibRxXIe7AlZwOBZU%2FE9I8KDRH4LGw2p01Lpz2Y9CWaqeaQZAkTmxGgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efdfebb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/46541.c33eae8d471e53d0e4b0.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/46541.c33eae8d471e53d0e4b0.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (11221) Hash5ae0a08a3f12c1e8188baa3c52edfdd0 f557a1633dafe82e67dc1c79430a29e8c2770c1a 8c9541c705b78af92818361f371dffe2932fe667fe5bddfff23a10a94b0e9491
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/46541.c33eae8d471e53d0e4b0.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2c0c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQzslLdCPPi0MPOydDcN7kNrwa6DWTodF46yIFojnLLehjNbNRN2fxsgqf%2FTcrspOtlB3NAadwauZgASq%2FliEV0mZhIXuO5WPhMel1gNft5ADlpFoHLuYGb1gW1IV5TjX7lsIy%2FBBczfzaLyuZ59"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d35b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/27043.105ce50242094adf158e.js | 188.114.97.1 | 200 OK | 91 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/27043.105ce50242094adf158e.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/27043.105ce50242094adf158e.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"16445-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJmAvgbtbtIg6VNzRAAOwqJVcN2QOyEYzKvyKvh3vUVRMeWpbFkFIErM3T%2B26nOJnBkr6Q8BTCOeRRhWYxD9T%2BYrNlQBNEgVJGhnjPZMU5yjSwlRPQ8xbwu1hZDsj2h6U5mIDkUq56IChZ5mPLeV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d52b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/482.6e1c86f88a37a71d42ec.js | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/482.6e1c86f88a37a71d42ec.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (20577) Hashba0cca7d871b0de10a4344be2427733f 4d4149acf6c6694000b0b4a5f18b4bff6aba6878 066deb7f1b943e4ccefdc62fc9dc214596787f8904a464de52bbaecf02ad8d86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/482.6e1c86f88a37a71d42ec.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"5096-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4uLCNILwCgjaM97VOYvEpoxCYWYVKEbH0rPSB1nmZXZ6ukjIdiyI0tGx9wfe7MxZw48P1%2BrumXQFSE4%2BehpSk70VTz7rz3x2l8Yq2YHAz1Zk7MO1opD7Noqlk6UcmCzzo%2BVVyXoOxbGg8Hoxslon"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcbc9bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/20117.7c4ea5cd4685b0442b9f.js | 188.114.97.1 | 200 OK | 56 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/20117.7c4ea5cd4685b0442b9f.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (55750) Hash3a328a58679dc7c65aede3025f694875 2b46354311cf752e3c734ac9e5f803bada1eea8c f6cee9961dcde12c0dbd889adb3579ab836fcaa34c99828f36856b5f1de9bb90
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/20117.7c4ea5cd4685b0442b9f.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"d9fd-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gn6lJyXc63I0nN4IxMRqb7VgYL0a%2BArMWo0H%2F2diMxvkcT%2BC053MMibBXAu4LJ84XznvXFeYApVwnt1JO3ea%2FkG%2BglEfEXJavjl49PX9N6hoLh26N7db%2BiTNhy2bbnqKbHyRgDRmOeT8C0UCLzYD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dccca6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/64999.3c0486790babc24c66a4.js | 188.114.97.1 | 200 OK | 201 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/64999.3c0486790babc24c66a4.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size201 kB (201090 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/64999.3c0486790babc24c66a4.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"31182-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CeaJIZYXRv4iHIbiJi6iVQFL%2B5cPw2apDf71eA1SjK%2BzbScW0cCi4gD%2FxCcNgX%2BpTFPFq0r9fK4q70xFUX4%2BtDBXvz02xwtj0woh7TzaH5M3lYSnW8vB%2FnJDGvokWS33%2BkUHz6oVCgN5lgmBsAkp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcccaeb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/14875.31e886d6d1db8a56b5df.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/14875.31e886d6d1db8a56b5df.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (14036) Hashb73ea7c5ff12b5ac922cf837484b41d4 ecb0e464f4dc99dc4c2a88a0af3a5e80c8cbb0a2 558da14d878234c5150f3875e25a8049954a5ac6446595d3f58ac828620a6389
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/14875.31e886d6d1db8a56b5df.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"370b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3%2Bnv%2BuWcW%2FPOWlkwaKZcMpljxI%2B9bNt7%2BBd3Bq%2Bwg3f7iZvLXgBP5vXCSASD410vZGPZUh%2F9H%2B6Xcpql1QRMlB%2FtCylHebnzj1Lk%2FFUtKdbbYfR2jGlXQnj7s5fx0eb2ZZlR1bHe1u1xxLlpxm8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcc9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/41831.ad048c0163425aea4d2e.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/41831.ad048c0163425aea4d2e.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (15734) Hashaa0f56ed2b08f1029037fc3d27925069 87365d2e6e51333ebd33cdc51cad33fa7aa5fc44 84267bc281052f153133ac0dacddd98dfbf3edaa99aa2b60f0ed645e90d1c0d1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/41831.ad048c0163425aea4d2e.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3dad-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPGaEVl1wby3ElxyUkVI7kN3fGEszfqiA3g0Bf2vWB1UkNh870nnhmn16mMx4O0gBRmaKfXLP5eP77qV2woU5uQlcPyTK1UOWA2Cku6mWvQoHG5awaxKjeUH7bpz1mRjK9r0HXjEgjBJ3MhC7N4P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcd9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/37102.04489c88475d6b93636f.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/37102.04489c88475d6b93636f.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (18523) Hash6a056d7583533ca1f6f22eb59c25f71e fd9008c3477be5b59118cec1d51e0d5942e9511a 93ac8375ee2ec8788c40ffd8afb828f87d2e3b7a718f346cd92d353f32cf3754
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/37102.04489c88475d6b93636f.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4892-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGSWpJd9ZUkoX4CxKRGFr4EZWl1K3xWo9z%2FfrlslXZC7AQkpyKqdgTCjFlAFRudNNJJEcFEgr%2FmZ%2F0UwEJk8OWY0F3iCFhDxPIH4gmD35lCK43lZV5w59Q5wQe2VGoD6xO1oa5Qe7R9csi9OLhWw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfcffb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/18409.4b935bbdaf404e1ee4c3.js | 188.114.97.1 | 200 OK | 9.5 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/18409.4b935bbdaf404e1ee4c3.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9914), with no line terminators Hash5aa60c5a1722502712e8c6df505d4633 81a39b0f30fc6a4cf1dc23df5c165fa4d9dcd474 6120d464aae1c7b09b57c26824fd3fdd42710850090bd9e7221a526713cab5c4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/18409.4b935bbdaf404e1ee4c3.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2546-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7nTbxx1iquIVokArHdt0ckMLgIYDWvGphUHLYnAxYc6iM7xoU5Xd2g8KJfiSsNyMo8aACg8x4q7bYF6o1QugsB7Tk49tx413sQ%2FWJsepxHBo4Un%2B0d%2FpE3WWXYXXUhqYnd74J8RXBGUXAoT9Hovo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d75b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/web.a572a92ab0a38d32b311.js | 188.114.97.1 | 200 OK | 116 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/web.a572a92ab0a38d32b311.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size116 kB (115711 bytes) Hashb97d0dbd751b156ed94ff7be9e299ec2 a7adab0116d09edf46e2fc7ddce04b410cac250f 866bf767de1021c0532594c9493db97ea678bb09641905230423d3276937fc9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/web.a572a92ab0a38d32b311.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"1c3ff-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCoUddePpYlkVjLfqkmTZUHuddLN97yk78TjyXtyzIYphC7HnRoR2Zj%2BS%2BH%2FNVmM7MvHhKjkj%2BbjkICHyieRGeCQFE%2BmFTDz1NgB3lF6iPSWVGD%2FmcB%2BRyOpXJslZb5zQsVn1%2BPjiKAQyq2lgh9K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd2db2b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/09563300dbb31ab193bc.js | 188.114.97.1 | 200 OK | 164 B |
URL GET HTTP/3login.restorecord-bot.online/assets/09563300dbb31ab193bc.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeASCII text, with no line terminators Hash8e42afb6be6c7e5cb3f80a429a9b38a5 9f69a17c261ecb637260673bf19224d146446522 e99ddcc2b404b34c865bf9b0476cbf22be543672d12349f58aa61d5905898014
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/09563300dbb31ab193bc.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"a4-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DfaayIjnfcpX2iu084zYGe9DhYpyGsNb5zJ%2BUbXKMHYLmZ9S7UeDXWX9Q%2BAlGw%2BwpCdeG8PDBoXn9Uiq1svU2UFd0SBaqHH9Oen%2BghKGqPvVr6tD1Y4e4k%2BCR0mny%2B%2FF6AgmLZx5FV3mNGCvB9d5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65efcfd6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/?v=2 | 188.114.96.1 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1login.restorecord-bot.online/?v=2 IP188.114.96.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?v=2 HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://login.restorecord-bot.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1iPswz/fSv4t2vS+Y6OYPQ==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 30 Apr 2024 20:49:33 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aJQNAOyBnpbAdEfBpSpFwNlR1Ag=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5FlQ54jA3Loz9dueOLdwxviq60Grh%2FLfIxd5fD3ZaB5AfYcVq4CPyA8QWSmO7iCV20DcTMcSqXUjisfMwnuYsRvaxS1MdesgxaVTwAl%2FQ8S56BZQTxGLQo1cyTYm51YjL%2BYu%2BGjPofJgK%2FB17vW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87ca6628bc177129-OSL
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/17820.e883271a8a21d461b3cc.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/17820.e883271a8a21d461b3cc.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (14165) Hash3eab1ae6e3a0d5dd18c280bb01fc9426 e09de192241afa3b47cfd3420cba919f5d5bee7c a7400219aa005e47acfbedf2ca55d9da87fc8d4386888f6c995c03358602793a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/17820.e883271a8a21d461b3cc.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"378c-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlNAtD1FK7RSJLCBfHlhrqVdelwduSO%2FjCOjkW2nYnZckaMn4ADd0Y%2F%2BU5Bj3mWPTR75hu6Mq%2BGQZRvef8cCANW8FAdopW%2B3DPrCBlEP9H%2BsN7lnVb7IsCP7lrmDMxpScGZ5qZaZnuTdgYDeX79k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dccca2b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/34426.9f82349d8cf165e1b07e.js | 188.114.97.1 | 200 OK | 15 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/34426.9f82349d8cf165e1b07e.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (14800) Hash495af705377c93d5c53e1b8c3b14d883 16ac3e41a677731e5ced48142c2949a75154fc64 83edb478f8ed6fa71c304bd0571c29d682453217ab896bd84fecfc4f2e42b2ac
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/34426.9f82349d8cf165e1b07e.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"3a07-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cilhpTm1gty8mNvaFwNA6vPybCTEMELh%2FyxVDztdvV%2FqiSwvzBp2jOWdSI4gLz7dLHlhQdatFwYe3cP3hD5pSnU55Gl9%2FYu8NtiBRlgJqTf0JDgWq6Xc9BWK%2F06uycZ96z1VFzSiYlGPf%2BHoEf3B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcdcd7b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/56145.19258dcaeb421600cd44.js | 188.114.97.1 | 200 OK | 213 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/56145.19258dcaeb421600cd44.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Size213 kB (212738 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/56145.19258dcaeb421600cd44.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"33f02-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUMegJ%2F4JbJ47E3RsKs4Idwk5wasUti%2FN%2FsPqNJG4KtElUv1ODHiW583RTCuPShaKOawdsLUqfqihMnJEXyxI4j25BL2MjNfvfnKkwx1WOYQpo8ubrP0rP%2BCqEuKXysxO7DasbDWjCIKXuPHO%2FHd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfd0fb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/71554.35bafd030ac297a37d2b.js | 188.114.97.1 | 200 OK | 100 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/71554.35bafd030ac297a37d2b.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size100 kB (100440 bytes) Hashba52e5e9910264fad8c8cc08677ff419 2a8303994f8bf6fbce44a9198fc69f39a41b8af6 e6eebeabe896bd729ea9001e3049ec54e5438c7d5ecc845ae6a3f8d5c51e7f2c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/71554.35bafd030ac297a37d2b.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"18858-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CuMq5rpUERuxVJHqWeACphxygeXdrlnoK5I35Ob%2ByNzm7gDhQne%2FO%2Fqt9T0IP0AQcNZxVAHPNZ%2F%2Bb9aX8dwRdezQQPUxMcQ%2Bs51M9bRX95UG7zIjOecMa77C2aOMz2gsZ0IZF474dy6PkmouxBUW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d26b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/66701.1a83dd6990836d80fe7c.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/66701.1a83dd6990836d80fe7c.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (11178) Hashb2c21f2a66a342876b66fe2ccca32047 d6c8eaedf6bac6cc072935d1607b9387d912e2a4 82651ceeb7e2bd56422c831f2557e259f8e3ce6cf4e47020e5f0b4f13c81562f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/66701.1a83dd6990836d80fe7c.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"2be1-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRSqdJlSCKdwu86kpd%2F6HUOpdFLUqyEMltm1L%2F2gm9LgSsCvt0GlpORNTfygfiShVcQVwO7EaUfjHmRcUS%2FWare2FPi6tWz%2BhCUe8DspicPnSWNKKitjLNf7cZ3OLl3Lh06SJTziO7WFWZ6D%2FsT0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfcf8b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/26737.36ed5a81390b304d18a5.js | 188.114.97.1 | 200 OK | 9.4 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/26737.36ed5a81390b304d18a5.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (9496), with no line terminators Hash95d4749bd78c2a6b73af4d40c1072db0 d84ff435507b47269b7877de20e2b5637f2ada02 37b9c1afe404b4c5e7e36ce3374735666c8f23665a3c88ba38e3cae0192c1e46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/26737.36ed5a81390b304d18a5.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"249b-18d27c36f80"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bLe8xieHnfn0ZOw1mLCNcFS%2FZaDZd2RCinOHM5lGVMjJJ6aStOyv%2FN8Y5Ukwi%2FZVHuo8w9SjFFGaH7WFxoqhEhLu89f0uEduY0LyQy9LBMTUqLgCOQD66lP8URQO0WsDbysvRD%2Fvs8IJrx9a5zFj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd0d4eb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/60499.862663374dc7b2606eb6.js | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/60499.862663374dc7b2606eb6.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (17610) Hash4ccfa2e22aa81b9717908bd2e198c04b 77c537671daf78c65664c86b2348a8901076b2f1 b7094a75dfa107fdacecb7d4de84339c5bbbdd4f7d138de620e58fcacae645de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/60499.862663374dc7b2606eb6.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:36 GMT
etag: W/"4501-18d27c36f80"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9G0Gti7%2FH7FBPVmPDP4DbX1fN0II%2B8x0%2BxWUaqNyYaEBVjTKdzsWeaGl0iAYmnE8s1%2BHmUYREMPeC1OLbBQJwuoewWsKBJHrOC4huzThuSCbgzVNBaKYJt%2F1sVOyWYg6aAnbqVpIgx%2F676KMvhfL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dcfcfeb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/69628.7b15742208fc0d4aa02d.js | 188.114.97.1 | 200 OK | 91 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/69628.7b15742208fc0d4aa02d.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/69628.7b15742208fc0d4aa02d.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"164df-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLmJltWR1sjwT0%2FQzRNgy7rhEXlflzeNu1X80UOGCDs3B484yTKO8mvd%2FGWFQ1GY%2BgoHnyXujf%2Fuepzab0dD5l9OTIg3lOx9J05%2BILMqUedYlQ4fobTVTCWavPa%2BdUOAryFRTUyd1ojouoNRD9jJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd1d82b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/53509.d075f1bff85f12b95485.js | 188.114.97.1 | 200 OK | 9.6 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/53509.d075f1bff85f12b95485.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (9755), with no line terminators Hashe9eff6bdc6b8bf132d282ab7e5a01c35 089fddfc575d1e95f64830332cd239ed1bd373fa 31a2beb20e1900be01f696441242a8abbd9f3f40dd8e9146d61bf141b36b4cdc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/53509.d075f1bff85f12b95485.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"2592-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQttk8aqG%2BU6cCgjxZrN4UTSkR%2B4zFuqV5N8%2BaCTqu3Vs5sGJqDdKihIGJY6pUomJmoNdcf2BEPUICnI1pMSsFGJ6RP%2Bni4Uq5JVtc77pXNUjCYv6cVXZkwa%2FhbvlYnmbZy0GaQB4NUu%2FkQXIcve"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd2d9eb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/7273.654bf842a369e2d3de94.js | 188.114.97.1 | 200 OK | 484 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/7273.654bf842a369e2d3de94.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size484 kB (483947 bytes) Hash8da1faca35a6cf1029dfc42e48b9c810 45f463dd73d51dabbb399d6ae6a4c1f16019e50a 14acf9e94dd9a0cb4dc91e43f797654258398f2c91ce40aff16960d049111125
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/7273.654bf842a369e2d3de94.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"7626b-18d27c37750"
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46vd46DyNJ7T%2BDZqtUkclT0ll9dOhhN0W%2FwQs%2Bgu%2FbdnEJF%2BDFrL0zlblM82EpAJ%2FhrEgrJlDzZsHRtKmgDhm5m0uhVp1EIq87v1cANSTaHe%2Br%2FCielhOGo8C2hbACsFbWMjiJN8vMg76YSECcqP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65dd2da2b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| login.restorecord-bot.online/assets/62783.e18caa1168cc95380ff7.js | 188.114.97.1 | 200 OK | 100 kB |
URL GET HTTP/3login.restorecord-bot.online/assets/62783.e18caa1168cc95380ff7.js IP188.114.97.1:443
Requested byhttps://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ CertificateIssuerGoogle Trust Services LLC Subjectrestorecord-bot.online Fingerprint5B:D2:84:F2:4F:6E:A7:5F:21:5A:7C:D4:5C:8C:BF:01:6B:69:F2:B2 ValiditySun, 28 Apr 2024 21:36:34 GMT - Sat, 27 Jul 2024 21:36:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasha98ad4c95668e7f4c84026bb92b67cab 7491bc769395414fb0547fd10164defb59634ee3 68e24e65cc7a6af0a0d33cac04f39aca1e1e670d0c137724abe4a917975ede8e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/62783.e18caa1168cc95380ff7.js HTTP/1.1
Host: login.restorecord-bot.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://login.restorecord-bot.online/login?redirect_to=/oauth2/authorize?client_id=1234271199555747840&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WSsVzVhNXNyIWdRNjYpFzQalXOykFbKNjYw4EWalXNpJGckJjYzpUaPlGNXFGaxIjYrp0QMl2ZU10QKRlS3lEVKdkSUp0RKRlS3lEVKl3aUpURoRlSHxGVKdXWVpEerRlSFhGVKdEbUp0dZVlS3lEVKxmTYF2aG12YoJESNlXVDJWesJjW0VVbJZTSTpFdG1mYpdXaOh3ZU1keRRUT4VFROh3YU1kNJl3YspEWhdHaYpVa3lWS3FFRPNTU65UMVRlT1sGVNh3Yq1EMNpWT4lUaPlWUXNFM1clWwhnMZl2dplUNFR0T5dmaOFzYE1UeZpmT1cmeNNTWU5UavpWSrxWRaNHbXRmbKlXZ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 30 Apr 2024 20:49:24 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400
last-modified: Sat, 20 Jan 2024 16:45:38 GMT
etag: W/"18608-18d27c37750"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMDfZZFb6OG%2BQ4ZmulftytLwiJCf%2FDYjLD0oZkaB94x4fJ08083XSAMpL89u0sjXBTTLnN8EoRiFmOJNhZUXChrli8EV%2F2RRlJ45xsHmociycKtNZaPvRuwui6gBPiTwuBz2Q7WFv%2FOK1nt7iUIi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ca65ef9f9fb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|