drop-ersderd.vip Open in urlscan Pro
2606:4700:3034::6815:32c5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://drop-ersderd.vip/CS2
Effective URL:
https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&o...
Submission Tags: @phish_report
Submission: On January 21 via api (January 21st 2024, 7:18:55 pm UTC) from FI — Scanned from FI

Summary HTTP 27 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3034::6815:32c5, located in United States and belongs to CLOUDFLARENET, US. The main domain is drop-ersderd.vip.
TLS certificate: Issued by GTS CA 1P5 on January 19th 2024. Valid for: 3 months.

This is the only time drop-ersderd.vip was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3034::6815:32c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	193.108.153.29 193.108.153.29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	172.64.145.151 172.64.145.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	5

12 2606:4700:3034::6815:32c5 (United States)

ASN13335 (CLOUDFLARENET, US)

drop-ersderd.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.108.153.29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-29.deploy.static.akamaitechnologies.com

community.akamai.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.145.151 (United States)

ASN13335 (CLOUDFLARENET, US)

community.cloudflare.steamstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	drop-ersderd.vip drop-ersderd.vip	173 KB
11	steamstatic.com community.akamai.steamstatic.com — Cisco Umbrella Rank: 38587 community.cloudflare.steamstatic.com — Cisco Umbrella Rank: 27784	544 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	96 KB
27	3

	Domain	Requested by
12	drop-ersderd.vip	drop-ersderd.vip
7	community.akamai.steamstatic.com	drop-ersderd.vip
4	community.cloudflare.steamstatic.com	drop-ersderd.vip
4	cdn.jsdelivr.net	drop-ersderd.vip
27	4

This site contains links to these domains. Also see Links.

Domain
store.steampowered.com
steamcommunity.com
help.steampowered.com

Subject Issuer	Validity	Valid
drop-ersderd.vip GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
cdn.akamai.steamstatic.com R3	`2023-11-16` - `2024-02-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Frame ID: 72CEA477CEA0B6B9C1FCB9C97E6BDE02
Requests: 27 HTTP requests in this frame

Frame: https://drop-ersderd.vip/m2rq5lo8a4f/
Frame ID: 5205A0078398B8262C0F7FE10D14CE7C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page URL History Show full URLs

https://drop-ersderd.vip/CS2 Page URL
https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmg... Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

27
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

813 kB
Transfer

1336 kB
Size

2
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://store.steampowered.com/

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/
Title: COMMUNITY

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/about/
Title: ABOUT

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/ru/
Title: SUPPORT

Search URL Search Domain Scan URL

URL: https://help.steampowered.com/wizard/HelpWithLogin
Title: Help, I can't sign in

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/mobile
Title: Steam Mobile App

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/about
Title: Learn More

Search URL Search Domain Scan URL

URL: https://steamcommunity.com/linkfilter/?url=http://www.geonames.org
Title: geonames.org

Search URL Search Domain Scan URL

URL: http://store.steampowered.com/privacy_agreement/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/legal/
Title: Legal

Search URL Search Domain Scan URL

URL: http://store.steampowered.com/subscriber_agreement/
Title: Steam Subscriber Agreement

Search URL Search Domain Scan URL

URL: http://store.steampowered.com/account/cookiepreferences/
Title: Cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://drop-ersderd.vip/CS2 Page URL
https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 CS2 Show response
drop-ersderd.vip/ 4 KB
2 KB 252ms
141ms Document
text/html 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/CS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5edc75f3f39fbb4e90de845bdaa4c0cdc8b6ebabd4413d38ee59c1b21517e1ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8491e7c20c9856a4-OSL
content-encoding: br
content-type: text/html
date: Sun, 21 Jan 2024 19:18:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0hVymeUpp6MkVAzAm3m%2Fk3EtzjsgIlI%2FOlQd6HJV8SK0vtqkzFw9hGcYUQv7SJIU9QXbPQbWcnfGJwwBn3D0aIV%2BCRTSy%2FDBv5lSROGJMiVDR8qJrrsCxG%2BGju%2B4ZYGlYBblouWT0S0sY0Vxavi"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 react.production.min.js Show response
cdn.jsdelivr.net/npm/react@18.2.0/umd/ 10 KB
5 KB 147ms
80ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js

Requested by

Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/CS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1803546
x-jsd-version: 18.2.0
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230087-FRA, cache-lga21968-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BazuLrVOQ5x0Ep5sFEtDaVk1Me6PRCUNYNlFZ%2BYVglYKWr39XkcVf%2BfmHjbWUgSwxFuDAbl5dxUvI3i7vcNDaU1vAmDP3TWpkReq8spYhAnPhRCqsNLy7TLuM8finFFx2dt4Du30lF4WC%2ButTQE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8491e7c34852d95f-HEL

GET
H2 200 react-dom.production.min.js Show response
cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/ 129 KB
43 KB 151ms
84ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js

Requested by

Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/CS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4989346
x-jsd-version: 18.2.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220058-FRA, cache-bma1659-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1txb9qkbVzeO0GngQ809uM8FKm%2Fawh%2FNBT0Azv1Q9aqTg6B5IPixSfBt059zJQfnEwAYTiUSqdeCx272LvDSi4UZs9r5Fs1QbJTVm%2BWDXxZa3bVrjQjV2Gd4e0KXuN1njaJhMpNS%2FX%2BZKaQcgaM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8491e7c3484bd95f-HEL

GET
H2 200 0nkplg2um3t9.min.js Show response
drop-ersderd.vip/assets/2uobj5rxw5g/ 20 KB
10 KB 1208ms
1207ms Script
application/javascript 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/assets/2uobj5rxw5g/0nkplg2um3t9.min.js
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/CS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40f47b0343ef42c4fead3c365315b9d2da1420f49e92dad69705153050189688

Request headers

Referer: https://drop-ersderd.vip/CS2
Origin: https://drop-ersderd.vip
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 21 Jan 2024 19:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ad6c12-4f5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mA9Sz52Bm6ER8GyzfS1p3CzeG%2Fvmhl5LXp1ZSRhkw18sxICXfZq%2BIzsQ%2FVvhl0K8BqBE6VMpBP3eT1mVf6D5RVdoW8I8SqtkQhjIVyqLBOa8iGtMJtJCKFQ6r7ADXukMwkP3RDYgM5QN%2BiI8Z5Hf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8491e7c2ee0d56a4-OSL
alt-svc: h3=":443"; ma=86400

GET
H2 200 1a95ef18rath7dgzn2.css
drop-ersderd.vip/assets/o5707oabp3h/ 5 KB
2 KB 100ms
100ms Stylesheet
text/css 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/assets/o5707oabp3h/1a95ef18rath7dgzn2.css
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/CS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a95ef186f815f53c4b788270966eabb9b103986bd2d3da9c4a655c059cf03a4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/CS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 21 Jan 2024 19:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ad6c12-1387"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7yfDgpQNIHruE3H7oeC5UeY81IODnRxOzcn2Cx8DUXAQlB%2BNrWUwO7zj9LX%2FjSU%2FnN4Q3nziCx0QC1QpuHMv3L8%2FGS3oh%2BNxY6AkJ2lyRCDXedicqMVLAz5MTak5DXa%2FHCTiU18XlniQ%2BnOCXvK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8491e7c2ee0756a4-OSL
alt-svc: h3=":443"; ma=86400

POST
H3 200 / Show response
drop-ersderd.vip/m2rq5lo8a4f/ Frame 5205 397 B
642 B 156ms
156ms Document
text/html 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/m2rq5lo8a4f/
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/CS2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9441d9e6dd077f03c1b888b5631e42808c24e71d49e59be7fb6cbaf15537a223

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://drop-ersderd.vip
Referer: https://drop-ersderd.vip/CS2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8491e7c4095d712a-OSL
content-encoding: br
content-type: text/html
date: Sun, 21 Jan 2024 19:18:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gR%2FtgpH%2BMhGrTt41no%2FxHVorAczEWKSl9Lz9cNJb1oTrhZKE6PJ76as0ouFVhvh2d0OJLV6l8AGN8SSGmYDUAr4Z9HZgAlb%2F92hj0nDNaEu%2BpDdw07xkXRkI9nSJ8rmucO%2BmW%2FlvKjbzPbmeWn1Z"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H3 200 / Show response
drop-ersderd.vip/api/getsiteconfig/ 830 B
1008 B 118ms
117ms Fetch
application/json 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/api/getsiteconfig/
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/assets/2uobj5rxw5g/0nkplg2um3t9.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca6b571d704ebcb470fd035a8f325f615c423c404ca6383fd9009ea93b7285ab

Request headers

Referer: https://drop-ersderd.vip/CS2
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sun, 21 Jan 2024 19:18:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wVDUBJOthWsMtpzk7chOOyc9HtQXLRnP8LXE8VV7wFOBplZR%2Fa0UXnywjheERDhLUWBd01Da5HkKfF6WV1%2B7XoE45tUmbWt%2FXIKUYId37tic3ifyflhvRS203HjruW6FZgnmImHYKWyxucSEok0"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 8491e7ca7a2a712a-OSL
alt-svc: h3=":443"; ma=86400

GET
H3 200 fcff4301rath7dgzn2.woff2
drop-ersderd.vip/assets/o5707oabp3h/ 28 KB
29 KB 182ms
182ms Font
font/woff2 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/assets/o5707oabp3h/fcff4301rath7dgzn2.woff2
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/assets/o5707oabp3h/1a95ef18rath7dgzn2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcff4301dc083af2be2b990bb6485e9e06ce9d2b373a7acf8a74f61ea69d861a

Request headers

Referer: https://drop-ersderd.vip/assets/o5707oabp3h/1a95ef18rath7dgzn2.css
Origin: https://drop-ersderd.vip
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:51 GMT
cf-cache-status: MISS
last-modified: Sun, 21 Jan 2024 19:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ad6c12-71b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PM%2BZCdIqfv76mNqfNmAXWCItVnXXUL9to2Ov1W23RooSWuArEdcYQquCFaWFuw3LwPiDGA6JLUd9WsySUwBCFTnlaJJMxaS5flPE4csTvu6MpGE4GDz1xb4izt4sZ9bzwmUc5EE4AzBD8%2BRD6ry5"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8491e7ca8a3d712a-OSL
alt-svc: h3=":443"; ma=86400
content-length: 29104

GET
H3 200 Primary Request / Show response
drop-ersderd.vip/3ho/login/ 635 B
749 B 100ms
100ms Document
text/html 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/assets/2uobj5rxw5g/0nkplg2um3t9.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cf21e9ad20fead077c4c566fb2dbb0d1a3c3dab1e962cd7d28178d91cbc8393

Request headers

Referer: https://drop-ersderd.vip/CS2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8491e7cddfa2712a-OSL
content-encoding: br
content-type: text/html
date: Sun, 21 Jan 2024 19:18:51 GMT
expires: Sun, 21 Jan 2024 20:18:51 GMT
last-modified: Sun, 21 Jan 2024 19:10:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3JHasEcp67Z3hAg1ws9jGn93uBSaUzz5%2B2o1oDIBYr0VtG3V1nDaJMuujb2iyIrC8K%2BqH1NMqvsLhdcVBk9dygRFiTatApx%2Bx6vaAA9mrJXKsOiOYZAXZBCUYcWDMsdIZe7u3e7kab2NTNW4LMp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 style.css
drop-ersderd.vip/3ho/login/ 4 KB
1 KB 100ms
99ms Stylesheet
text/css 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/3ho/login/style.css
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 297b6252e8893eaf6af8dd0bb7e5ea4dbd55193acea88366d3157e5b3bbd84d2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 21 Jan 2024 19:10:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ad6c2a-e30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8R962J4ojBl047yAN%2Bb7oqalAYp8yTG6lDe7XPvGXymRbVAEMhyUC6xLAb87Ywfijx6Us83ENx14Rt1Z%2FZU3kLQun6OWB8Jf6LOPfJQ4ZBP5Qcm%2F45xwZVCRN4lPUWEaXU7lOqk58tDkl%2BCWIPf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8491e7ce78a8712a-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 20:18:51 GMT

GET
H3 200 react.production.min.js Show response
cdn.jsdelivr.net/npm/react@18.2.0/umd/ 10 KB
5 KB 85ms
49ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react@18.2.0/umd/react.production.min.js

Requested by

Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drop-ersderd.vip/
Origin: https://drop-ersderd.vip
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1803547
x-jsd-version: 18.2.0
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230087-FRA, cache-lga21968-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"29f1-mAiaM9DPL6Sz4bqbfuubi6Csgqc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5hqQX9a7WFMK%2BPDo7b1EyGQaguUHoFo%2BNOEttgLZ5OGx7pl4vQE44LgP4ht09irdLqsII3Wd3mQqHkwoRR%2BTgJAj0HChnfxsE%2BnLh9Xp55IjKV8%2B4GanJPwJz46vH6NGsw7UnqRPAgV1ymX4QU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8491e7ceac884e0f-HEL

GET
H3 200 react-dom.production.min.js Show response
cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/ 129 KB
43 KB 85ms
50ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-dom@18.2.0/umd/react-dom.production.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drop-ersderd.vip/
Origin: https://drop-ersderd.vip
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4989347
x-jsd-version: 18.2.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220058-FRA, cache-bma1659-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"2032a-UG2RAMqgcABaiQvUlt5kxDfW0Ag"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H46iVISag1Z14WerOhzhU5FneURiB7BqKQRZucFKhUTwF9Ty1kSI%2ByvRzb5IlU8JLMkA2AqTdvcGEUXOLmes%2BR9dKlDYLpSX5Dr9wQ4ZewtwvW7WKfcSMLVCfjnA5oSZh2v%2FFycT8P1xxEtJsUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8491e7ceac8b4e0f-HEL

GET
H3 200 9d9ef79c9feb6ef171a9.js Show response
drop-ersderd.vip/3ho/login/js/ 322 KB
90 KB 230ms
230ms Script
application/javascript 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/3ho/login/js/9d9ef79c9feb6ef171a9.js
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88c90a8cd22bdbb6bd382e3e7dba6c221bedb8940fdea4d9ef481ae480d29210

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 21 Jan 2024 19:10:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ad6c2a-509ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qH1MQokk%2BvSiRjuhenH4Fc3lv19V4jJEy4BaYOaYkhwkzaQxGsiXOc1RVJxSE9R54HasEXodkz8OAE1WNcw9dDghBtCKJruUUyBRRWZEIU9Jslsj2Ni6TGRm3b2OfvHPWRNOM0vmGcYLKmDv%2FoPw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8491e7cf19c6712a-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 20:18:51 GMT

GET
H3 200 8bfd97c7b355d7d70066.js Show response
drop-ersderd.vip/3ho/login/js/ 123 KB
33 KB 154ms
154ms Script
application/javascript 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/3ho/login/js/8bfd97c7b355d7d70066.js
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/js/9d9ef79c9feb6ef171a9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d98082379b264a9f02f3e7ad198d9751705d52bafb1030b7a10facd1a0ad8d4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/3ho/login/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 21 Jan 2024 19:10:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ad6c2a-1ea67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BhLH03y3VRIXSHBIc%2BOT8t7Z%2BsBuQyOGNWYUzhxjVT9SJQr5rC0HksHjrd%2Fgkwnea0%2B%2BVQe5vIU2rJNC5Y%2FbqvJJY0KdCRZPxtpS0prz88NJZrJqzAhNPdx7AH03A4AMSpHlVJwEaU%2FtzQtebTVe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8491e7d12db7712a-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 20:18:52 GMT

GET
H3 200 4c5430240626061e5f20.js Show response
drop-ersderd.vip/openid/auth/js/ 8 KB
3 KB 51ms
51ms Script
application/javascript 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/openid/auth/js/4c5430240626061e5f20.js
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/js/9d9ef79c9feb6ef171a9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9390479b10da7f8dffa3af5898aa0d22c7e1597ca4c739eb18835ef525ade23

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 21 Jan 2024 18:20:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3308
etag: W/"65ad6074-1f78"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtstrnaG7Um%2Fy5U%2FC5VH%2B7xyVG2NXN%2B7aZH1j1UA8jh5zSCM3C%2FQY%2BqwoOYEDqv1N2QBmI2pI1MmeMJjZfjXrJeQNd4SPJzwnalttQa2en3caEcs5CofR4dTppbFuU9K8YKO3UVU5LEBKvduFtJm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8491e7d13dea712a-OSL
alt-svc: h3=":443"; ma=86400
expires: Sun, 21 Jan 2024 19:23:44 GMT

GET
H/1.1 200
OK header_menu_hamburger.png
community.akamai.steamstatic.com/public/shared/images/responsive/ 4 KB
4 KB 249ms
60ms Image
image/png 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_menu_hamburger.png
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 19:18:52 GMT
Last-Modified: Fri, 05 Jan 2018 01:35:16 GMT
Server: nginx
ETag: "5a4ed654-ec1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3777

GET
H/1.1 200
OK header_logo.png
community.akamai.steamstatic.com/public/shared/images/responsive/ 11 KB
11 KB 306ms
63ms Image
image/png 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://community.akamai.steamstatic.com/public/shared/images/responsive/header_logo.png
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 19:18:52 GMT
Last-Modified: Fri, 05 Jan 2018 01:35:16 GMT
Server: nginx
ETag: "5a4ed654-2a6f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10863

GET
H/1.1 200
OK logo_steam.svg
community.akamai.steamstatic.com/public/shared/images/header/ 4 KB
2 KB 247ms
58ms Image
image/svg+xml 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://community.akamai.steamstatic.com/public/shared/images/header/logo_steam.svg
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 19:18:52 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Nov 2020 23:34:54 GMT
Server: nginx
ETag: "5fb45e1e-e64"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1736

GET
H/1.1 200
OK 96fx96f
community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpovbSsLQJf0ebcZThQ6tCvq4OeqPXhJ6_UhG1d8fp9hfvEyoHwjF... 6 KB
8 KB 258ms
70ms Image
image/png 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://community.akamai.steamstatic.com/economy/image/-9a81dlWLwJ2UUGcVs_nsVtzdOEdtWwKGZZLQHTxDZ7I56KU0Zwwo4NUX4oFJZEHLbXH5ApeO4YmlhxYQknCRvCo04DEVlxkKgpovbSsLQJf0ebcZThQ6tCvq4OeqPXhJ6_UhG1d8fp9hfvEyoHwjF2hpl04ZDyhI9edJw8-MF-G_le7yOm-jJO0tcmfyXpms3QmsXiIzkS31xFMcKUx0oqoGK1-/96fx96f

Requested by

Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-29.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

38aad0e44168289fda6d1356dfa26a5db666071195f9da181e6a1c7daaa8e853

Security Headers

Name

Value

Content-Security-Policy

default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;

X-Frame-Options

SAMEORIGIN

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Security-Policy: default-src blob: data: https: 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://community.akamai.steamstatic.com/ https://cdn.akamai.steamstatic.com/steamcommunity/public/assets/ https://api.steampowered.com/ https://recaptcha.net https://www.google.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.youtube.com/ https://s.ytimg.com; object-src 'none'; connect-src 'self' https://community.akamai.steamstatic.com/ https://store.steampowered.com/ https://checkout.steampowered.com/ wss://community.steam-api.com/websocket/ https://api.steampowered.com/ https://login.steampowered.com/ https://help.steampowered.com/ https://*.valvesoftware.com https://*.steambeta.net https://*.steamcontent.com https://steambroadcast.akamaized.net https://steambroadcast-test.akamaized.net https://broadcast.st.dl.eccdnx.com https://lv.queniujq.cn https://steambroadcastchat.akamaized.net http://127.0.0.1:27060 ws://127.0.0.1:27060; frame-src 'self' steam: https://store.steampowered.com/ https://help.steampowered.com/ https://login.steampowered.com/ https://www.youtube.com https://www.google.com https://sketchfab.com https://player.vimeo.com https://medal.tv https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/; frame-ancestors 'self' https://steamloopback.host ;
Date: Sun, 21 Jan 2024 19:18:52 GMT
Last-Modified: Wed, 22 Sep 2021 01:51:25 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public, max-age=540813
Connection: keep-alive
Content-Length: 6621
Expires: Sun, 28 Jan 2024 01:32:25 GMT

GET
H2 200 join_pc.png
community.cloudflare.steamstatic.com/public/shared/images/login/ 33 KB
33 KB 145ms
58ms Image
image/png 172.64.145.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://community.cloudflare.steamstatic.com/public/shared/images/login/join_pc.png
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.145.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:52 GMT
cf-cache-status: HIT
last-modified: Tue, 20 Oct 2020 23:36:29 GMT
server: cloudflare
age: 6856
etag: "5f8f747d-823a"
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
accept-ranges: bytes
cf-ray: 8491e7d249b42e12-ARN
content-length: 33338

GET
H/1.1 200
OK footerLogo_valve.png
community.akamai.steamstatic.com/public/images/skin_1/ 4 KB
4 KB 241ms
56ms Image
image/png 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://community.akamai.steamstatic.com/public/images/skin_1/footerLogo_valve.png?v=1
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 19:18:52 GMT
Last-Modified: Fri, 05 Jan 2018 01:34:51 GMT
Server: nginx
ETag: "5a4ed63b-e99"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3737

GET
H/1.1 200
OK btn_header_installsteam_download.png
community.akamai.steamstatic.com/public/shared/images/header/ 291 B
522 B 243ms
59ms Image
image/png 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://community.akamai.steamstatic.com/public/shared/images/header/btn_header_installsteam_download.png?v=1
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 19:18:52 GMT
Last-Modified: Wed, 21 Mar 2018 00:07:17 GMT
Server: nginx
ETag: "5ab1a235-123"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 291

GET
DATA 200
OK truncated
/ 61 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK new_login_bg_strong_mask.jpg
community.akamai.steamstatic.com/public/shared/images/joinsteam/ 122 KB
122 KB 240ms
63ms Image
image/jpeg 193.108.153.29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://community.akamai.steamstatic.com/public/shared/images/joinsteam/new_login_bg_strong_mask.jpg
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-29.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9a75f8cc40bbe9c9499e7b2d3bab98a447685a361489357a111479517005c954

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://drop-ersderd.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 19:18:52 GMT
Last-Modified: Wed, 24 Aug 2022 00:07:59 GMT
Server: nginx
ETag: "63056bdf-1e671"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124529

GET
H2 200 MotivaSans-Regular.ttf
community.cloudflare.steamstatic.com/public/shared/fonts/ 120 KB
120 KB 276ms
192ms Font
application/octet-stream 172.64.145.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Regular.ttf?v=4.015
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.145.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14

Request headers

Referer: https://drop-ersderd.vip/
Origin: https://drop-ersderd.vip
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:52 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Jul 2020 23:16:28 GMT
server: cloudflare
etag: "5f20b1cc-1df3c"
vary: Accept-Encoding
x-cache: MISS
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8491e7d24d8a0a2c-ARN
content-length: 122684

GET
H2 200 MotivaSans-Black.ttf
community.cloudflare.steamstatic.com/public/shared/fonts/ 118 KB
118 KB 231ms
147ms Font
application/octet-stream 172.64.145.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Black.ttf?v=4.015
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.145.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d4c8dc451e11db315d047306feea0376fbdc3a77c0ab8f5a8ab154164734d1

Request headers

Referer: https://drop-ersderd.vip/
Origin: https://drop-ersderd.vip
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:52 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Jul 2020 23:16:27 GMT
server: cloudflare
etag: "5f20b1cb-1d7f0"
vary: Accept-Encoding
x-cache: MISS
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8491e7d24d8e0a2c-ARN
content-length: 120816

GET
H2 200 MotivaSans-Medium.ttf
community.cloudflare.steamstatic.com/public/shared/fonts/ 121 KB
121 KB 184ms
100ms Font
application/octet-stream 172.64.145.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://community.cloudflare.steamstatic.com/public/shared/fonts/MotivaSans-Medium.ttf?v=4.015
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.145.151 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f

Request headers

Referer: https://drop-ersderd.vip/
Origin: https://drop-ersderd.vip
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 19:18:52 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Jul 2020 23:16:28 GMT
server: cloudflare
etag: "5f20b1cc-1e490"
vary: Accept-Encoding
x-cache: MISS
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 8491e7d24d910a2c-ARN
content-length: 124048

POST
H3 200 / Show response
drop-ersderd.vip/api/statistic/ 16 B
607 B 104ms
104ms Fetch
application/json 2606:4700:3034::6815:32c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drop-ersderd.vip/api/statistic/
Requested by: Host: drop-ersderd.vip
URL: https://drop-ersderd.vip/3ho/login/js/9d9ef79c9feb6ef171a9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:32c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://drop-ersderd.vip/openid/auth/?openid.ns=wdkry8zUHh3kz7locToxGxegNDoptV&openid.mode=lBq9wlglgTmgIpTY8NEQjKxxkYqG5Z&openid.return_to=ga7fca171Muzcbs6lJ37SWpr3J1ZKI&openid.identity=88WAXaefYoHMAZYkYFqXr4FEqxIpsw&openid.claimed_id=xI2N3zjv9Ox0ayiJVzXOzTjG1h5v25
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=utf-8

Response headers

date: Sun, 21 Jan 2024 19:18:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsVjMRtxAGQyA8%2F0Ysx%2FAB%2BBevycFqcvAbfZ5TZulRsCvAZi0%2BqQJZVuP6v8j579yGio0yY4Q93RI0FPzirodr5sma1TIOunXSM5tSTWypBxfew2%2BnErhcNlUXrY105XO6cRBUteUWDPQkU9Y9x%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 8491e7d359cf712a-OSL
alt-svc: h3=":443"; ma=86400
content-length: 16

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			drop-ersderd.vip/	1969-12-31 23:59:59	Name: hash Value: 3ho
			drop-ersderd.vip/	1969-12-31 23:59:59	Name: token Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5rX2lkIjozNDE3MjIsImlhdCI6MTcwNTg2NDcyOSwiZXhwIjoxNzA1ODY4MzI5LCJhY3Rpb25zIjpbImxvZ2luX3Zpc2l0Il19.qKYeREDmmttPlNc1QXqDB7AIxuE4iD21qgBS1QqvKJ0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
community.akamai.steamstatic.com
community.cloudflare.steamstatic.com
drop-ersderd.vip
172.64.145.151
193.108.153.29
2606:4700:3034::6815:32c5
2606:4700::6810:5714
045b433f94502cfa873a39e72d616c73ec1b4c567b7ee0f847f442651683791f
19b8db163bcc51732457efa40911b4a422f297ff3cd566467d87eab93cef0c14
1a95ef186f815f53c4b788270966eabb9b103986bd2d3da9c4a655c059cf03a4
1cf21e9ad20fead077c4c566fb2dbb0d1a3c3dab1e962cd7d28178d91cbc8393
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
23341256db7f44b1f3811880fa2bae6b7748bbf6b62c544a162e38cf0d5c5082
297b6252e8893eaf6af8dd0bb7e5ea4dbd55193acea88366d3157e5b3bbd84d2
2d98082379b264a9f02f3e7ad198d9751705d52bafb1030b7a10facd1a0ad8d4
32d4c8dc451e11db315d047306feea0376fbdc3a77c0ab8f5a8ab154164734d1
38aad0e44168289fda6d1356dfa26a5db666071195f9da181e6a1c7daaa8e853
40f47b0343ef42c4fead3c365315b9d2da1420f49e92dad69705153050189688
42c062de8dcd760b409c57fb256a68db9435008f1097d3940131ee0ac9a43d27
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
5edc75f3f39fbb4e90de845bdaa4c0cdc8b6ebabd4413d38ee59c1b21517e1ef
6cb869df089146c12efb5e9c968e911c314842624ba6f052a11346ac734cadc8
88c90a8cd22bdbb6bd382e3e7dba6c221bedb8940fdea4d9ef481ae480d29210
9441d9e6dd077f03c1b888b5631e42808c24e71d49e59be7fb6cbaf15537a223
9a75f8cc40bbe9c9499e7b2d3bab98a447685a361489357a111479517005c954
a59657d4f7db10fefd0c0812bc93e00fa5bb4469b7ab55cebd41a0a9961f8e44
a9390479b10da7f8dffa3af5898aa0d22c7e1597ca4c739eb18835ef525ade23
ae9f6c61e25d15882bf57bde193d10d375bd315c9741cabda11d700fd1bb7dd1
c3a7c646a1305017f22423030cb5a12acc9f96b64013dcef7aeb80567b542cbb
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca6b571d704ebcb470fd035a8f325f615c423c404ca6383fd9009ea93b7285ab
fc9e6260a2706ae146282d77e67bc1b74688435f8912ab4c1932641eec28bffa
fcff4301dc083af2be2b990bb6485e9e06ce9d2b373a7acf8a74f61ea69d861a

drop-ersderd.vip Open in urlscan Pro 2606:4700:3034::6815:32c5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

813 kBTransfer

1336 kBSize

2 Cookies

12 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

drop-ersderd.vip Open in urlscan Pro
2606:4700:3034::6815:32c5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

813 kB
Transfer

1336 kB
Size

2
Cookies

27 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!