Submitted URL: https://moderator-app.discord.awu.fyi/
Effective URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Securi...
Submission Tags: phishingrod
Submission: On December 29 via api from DE — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 173.255.221.194, located in Fremont, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is union.groups.io.
TLS certificate: Issued by R3 on November 10th 2023. Valid for: 3 months.
This is the only time union.groups.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 66.220.23.67 6939 (HURRICANE)
1 15 173.255.221.194 63949 (AKAMAI-LI...)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.78.81.207 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1900:401... 396982 (GOOGLE-CL...)
20 5
Apex Domain
Subdomains
Transfer
15 groups.io
union.groups.io
groups.io — Cisco Umbrella Rank: 177782
2 MB
4 spur.us
mcl.spur.us — Cisco Umbrella Rank: 875724
a70d3a55b224450c9316a51f919e9ab4.verify-euw.spur.us
14 KB
2 awu.fyi
moderator-app.discord.awu.fyi
go.awu.fyi
2 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
979 B
20 5
Domain Requested by
14 union.groups.io 1 redirects union.groups.io
3 mcl.spur.us union.groups.io
mcl.spur.us
1 a70d3a55b224450c9316a51f919e9ab4.verify-euw.spur.us mcl.spur.us
1 fonts.gstatic.com fonts.googleapis.com
1 groups.io union.groups.io
1 fonts.googleapis.com union.groups.io
1 go.awu.fyi 1 redirects
1 moderator-app.discord.awu.fyi 1 redirects
20 8

This site contains links to these domains. Also see Links.

Domain
groups.io
twitter.com
Subject Issuer Validity Valid
*.groups.io
R3
2023-11-10 -
2024-02-08
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
mcl.spur.us
R3
2023-10-31 -
2024-01-29
3 months crt.sh
groups.io
R3
2023-11-10 -
2024-02-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Frame ID: C0BB85628A3EACCAE15719CFE0D43B8F
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Log In

Page URL History Show full URLs

  1. https://moderator-app.discord.awu.fyi/ HTTP 302
    https://go.awu.fyi/discord-guide HTTP 301
    https://union.groups.io/g/announcements/files/Platforms%20&%20Security%20Committee/Discord_User_Guid... HTTP 302
    https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatform... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

5
IPs

3
Countries

1677 kB
Transfer

3853 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://moderator-app.discord.awu.fyi/ HTTP 302
    https://go.awu.fyi/discord-guide HTTP 301
    https://union.groups.io/g/announcements/files/Platforms%20&%20Security%20Committee/Discord_User_Guide.pdf HTTP 302
    https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
union.groups.io/
Redirect Chain
  • https://moderator-app.discord.awu.fyi/
  • https://go.awu.fyi/discord-guide
  • https://union.groups.io/g/announcements/files/Platforms%20&%20Security%20Committee/Discord_User_Guide.pdf
  • https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
20 KB
6 KB
Document
General
Full URL
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
5b85062ee0b05bb1d13bc615d5e5626b143522ff6cd672d82a9713cee04a40de
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Fri, 29 Dec 2023 00:01:37 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY

Redirect headers

content-length
161
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Fri, 29 Dec 2023 00:01:36 GMT
location
/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
tinymce.min.js
union.groups.io/tinymce-4.7.13/
343 KB
122 KB
Script
General
Full URL
https://union.groups.io/tinymce-4.7.13/tinymce.min.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
b787693680d9e0ddb220a6b68bd089863cd0284c293bb0b7ddf6755dd37e8135
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
browser-image-compression-2.0.2.min.js
union.groups.io/js/
56 KB
21 KB
Script
General
Full URL
https://union.groups.io/js/browser-image-compression-2.0.2.min.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
c6713a21756570af4c230f706faac4f0187845928bd14fd5910210d1cdc6fb87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
application-7c69a876096e6f54013269281dfc0ad6.css
union.groups.io/css/
822 KB
171 KB
Stylesheet
General
Full URL
https://union.groups.io/css/application-7c69a876096e6f54013269281dfc0ad6.css
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
2aa53e40bcba2005d7b60f1cb52bcc4be99f25d49b5190535c892cbb4324c777
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=utf-8
application-6b3b1791facc58d99b1e9c143e69bd45.js
union.groups.io/js/
2 MB
467 KB
Script
General
Full URL
https://union.groups.io/js/application-6b3b1791facc58d99b1e9c143e69bd45.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
f88a623f7bd6858f0111813bf39de9785b3e9bb396772c7a5715db29caa1500b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
run_prettify.js
union.groups.io/js/
18 KB
8 KB
Script
General
Full URL
https://union.groups.io/js/run_prettify.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
8f2999c46ed595b8b1662439de9d521d7a2a71985cc2d17f3a8fbd9bfe9df949
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
cookieconsent-3.1.0.min.css
union.groups.io/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://union.groups.io/css/cookieconsent-3.1.0.min.css
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=utf-8
content-length
1236
cookieconsent-3.1.0.min.js
union.groups.io/js/
20 KB
7 KB
Script
General
Full URL
https://union.groups.io/js/cookieconsent-3.1.0.min.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
css
fonts.googleapis.com/
2 KB
979 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 00:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 23:24:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Dec 2023 00:01:37 GMT
mcl.js
mcl.spur.us/d/
17 KB
6 KB
Script
General
Full URL
https://mcl.spur.us/d/mcl.js?tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.78.81.207 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.81.78.34.bc.googleusercontent.com
Software
/
Resource Hash
cb93ddd8c27d20902dbfc58772d08cb2b7932a42d2ddf6cd30d0ae5f23b058de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
content-encoding
gzip
date
Fri, 29 Dec 2023 00:01:38 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=43200
access-control-allow-headers
*
expires
Thu, 01 Jan 1970 00:00:00 UTC
mainlogo.png
groups.io/img/org.1/
7 KB
7 KB
Image
General
Full URL
https://groups.io/img/org.1/mainlogo.png
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
8d21574a53fff4ee0ddf7bd32d114a1a1f2adb736b54a1a3583106d41cec2a87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
content-length
6937
google_logo.png
union.groups.io/img/
18 KB
18 KB
Image
General
Full URL
https://union.groups.io/img/google_logo.png
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
aa7f38e10a197cc7406281eb82ea11b6067f365de574cbe6f7d76df0f488eb2e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:37 GMT
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
content-length
18312
prettify.css
union.groups.io/css/
656 B
554 B
Stylesheet
General
Full URL
https://union.groups.io/css/prettify.css
Requested by
Host: union.groups.io
URL: https://union.groups.io/js/run_prettify.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
33a90fe294bbf4fe767363cc7b5534c1ce5c6495edf9efd61d1e82d932ec9449
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:38 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Accept-Encoding, Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=utf-8
fa-solid-900.woff2
union.groups.io/webfonts/
320 KB
321 KB
Font
General
Full URL
https://union.groups.io/webfonts/fa-solid-900.woff2
Requested by
Host: union.groups.io
URL: https://union.groups.io/css/application-7c69a876096e6f54013269281dfc0ad6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

Referer
https://union.groups.io/css/application-7c69a876096e6f54013269281dfc0ad6.css
Origin
https://union.groups.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:38 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Origin
x-frame-options
DENY
content-type
font/woff
access-control-allow-origin
https://union.groups.io
access-control-allow-credentials
true
fa-regular-400.woff2
union.groups.io/webfonts/
386 KB
387 KB
Font
General
Full URL
https://union.groups.io/webfonts/fa-regular-400.woff2
Requested by
Host: union.groups.io
URL: https://union.groups.io/css/application-7c69a876096e6f54013269281dfc0ad6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

Referer
https://union.groups.io/css/application-7c69a876096e6f54013269281dfc0ad6.css
Origin
https://union.groups.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:38 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Origin
x-frame-options
DENY
content-type
font/woff
access-control-allow-origin
https://union.groups.io
access-control-allow-credentials
true
fa-brands-400.woff2
union.groups.io/webfonts/
108 KB
109 KB
Font
General
Full URL
https://union.groups.io/webfonts/fa-brands-400.woff2
Requested by
Host: union.groups.io
URL: https://union.groups.io/css/application-7c69a876096e6f54013269281dfc0ad6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

Referer
https://union.groups.io/css/application-7c69a876096e6f54013269281dfc0ad6.css
Origin
https://union.groups.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:01:38 GMT
content-encoding
gzip
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 23 Dec 2023 04:13:35 GMT
server
nginx/1.23.2
vary
Origin
x-frame-options
DENY
content-type
font/woff
access-control-allow-origin
https://union.groups.io
access-control-allow-credentials
true
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://union.groups.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options
nosniff
age
227249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 08:54:09 GMT
p
a70d3a55b224450c9316a51f919e9ab4.verify-euw.spur.us/d/
1 KB
1 KB
Fetch
General
Full URL
https://a70d3a55b224450c9316a51f919e9ab4.verify-euw.spur.us/d/p?s=a70d3a55-b224-450c-9316-a51f919e9ab4
Requested by
Host: mcl.spur.us
URL: https://mcl.spur.us/d/mcl.js?tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1900:4010:942b:0:51:: Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
6abf1e63e1fa3a588c8b12db3b8793b049fab4554a7417b21af59ff568cad2ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Fri, 29 Dec 2023 00:01:38 GMT
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-headers
*
content-length
1172
expires
Thu, 01 Jan 1970 00:00:00 UTC
v
mcl.spur.us/d/
5 KB
6 KB
Fetch
General
Full URL
https://mcl.spur.us/d/v?v=0.0.20&t=js&s=bdd621bd-c3d5-484c-ba1d-42a425182d5e&tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Requested by
Host: mcl.spur.us
URL: https://mcl.spur.us/d/mcl.js?tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.78.81.207 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.81.78.34.bc.googleusercontent.com
Software
/
Resource Hash
e2081e28ab67fd1e3463282117d4887c6c1b99a207075c4442f7e76fb52d48b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Fri, 29 Dec 2023 00:01:38 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-headers
*
expires
Thu, 01 Jan 1970 00:00:00 UTC
bundle
mcl.spur.us/r/
726 B
818 B
XHR
General
Full URL
https://mcl.spur.us/r/bundle?v=0.0.20&t=js&s=bdd621bd-c3d5-484c-ba1d-42a425182d5e&tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Requested by
Host: mcl.spur.us
URL: https://mcl.spur.us/d/mcl.js?tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.78.81.207 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.81.78.34.bc.googleusercontent.com
Software
/
Resource Hash
0cf3b84cf388f458dd0282970242e97f04ccef0882e93a9a589c3dbb6b826bb0

Request headers

Referer
https://union.groups.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
x-accel-expires
0
content-encoding
gzip
date
Fri, 29 Dec 2023 00:01:38 GMT
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-headers
*
content-length
604
expires
Thu, 01 Jan 1970 00:00:00 UTC

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| setPullToRefresh function| gotoURL function| contentLoaded function| logError undefined| pushSubToken boolean| ignoreErrors string| lastError number| mce-data-1hipe0nl9 object| tinymce object| tinyMCE function| imageCompression function| DisplayShortTime function| DisplayFeedTime function| DisplayFullTime function| CompareDates function| IsToday function| DisplayDate function| DisplayHoursMins function| checkAll function| drawer object| drawerObj function| showResults function| showVote function| vote object| FullCalendar function| updateAttachments function| doUpdateAttachments function| deleteAttachment function| asyncGeneratorStep function| _asyncToGenerator function| takePicture function| _takePicture function| uploadImage function| _uploadImage object| retryTimer function| jsBundleVersion function| $ function| jQuery object| jQuery1124017857495046210792 function| moment object| FullCalendarVDom object| vttjs function| WebVTT function| videojs object| jstz function| ReconnectingWebSocket function| autosize object| htmx object| cookieconsent boolean| PR_SHOULD_USE_CONTINUATION object| PR function| submitEvent function| gioDestroy function| dismiss object| $alerttemplate object| $alertnoclosetemplate object| $noticetemplate function| createAlert object| tz function| sendLoginLink function| scrollToTop object| MCL function| Monocle object| default

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a70d3a55b224450c9316a51f919e9ab4.verify-euw.spur.us
fonts.googleapis.com
fonts.gstatic.com
go.awu.fyi
groups.io
mcl.spur.us
moderator-app.discord.awu.fyi
union.groups.io
173.255.221.194
2600:1900:4010:942b:0:51::
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
34.78.81.207
66.220.23.67
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
0cf3b84cf388f458dd0282970242e97f04ccef0882e93a9a589c3dbb6b826bb0
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2aa53e40bcba2005d7b60f1cb52bcc4be99f25d49b5190535c892cbb4324c777
33a90fe294bbf4fe767363cc7b5534c1ce5c6495edf9efd61d1e82d932ec9449
5b85062ee0b05bb1d13bc615d5e5626b143522ff6cd672d82a9713cee04a40de
6abf1e63e1fa3a588c8b12db3b8793b049fab4554a7417b21af59ff568cad2ce
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
8d21574a53fff4ee0ddf7bd32d114a1a1f2adb736b54a1a3583106d41cec2a87
8f2999c46ed595b8b1662439de9d521d7a2a71985cc2d17f3a8fbd9bfe9df949
aa7f38e10a197cc7406281eb82ea11b6067f365de574cbe6f7d76df0f488eb2e
b787693680d9e0ddb220a6b68bd089863cd0284c293bb0b7ddf6755dd37e8135
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
c6713a21756570af4c230f706faac4f0187845928bd14fd5910210d1cdc6fb87
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cb93ddd8c27d20902dbfc58772d08cb2b7932a42d2ddf6cd30d0ae5f23b058de
e2081e28ab67fd1e3463282117d4887c6c1b99a207075c4442f7e76fb52d48b5
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f88a623f7bd6858f0111813bf39de9785b3e9bb396772c7a5715db29caa1500b