dlscordsteam.ru Open in urlscan Pro
2606:4700:3031::6815:4585 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dlscordsteam.ru/
Effective URL:
https://dlscordsteam.ru/
Submission: On July 15 via api (July 15th 2022, 3:10:35 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3031::6815:4585, located in United States and belongs to CLOUDFLARENET, US. The main domain is dlscordsteam.ru.
TLS certificate: Issued by E1 on July 12th 2022. Valid for: 3 months.

This is the only time dlscordsteam.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discord (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:303... 2606:4700:3031::6815:4585	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	217.69.142.100 217.69.142.100	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
25	4

9 2606:4700:3031::6815:4585 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dlscordsteam.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 217.69.142.100 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: hotbox.cldmail.ru

disc.hb.bizmrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	bizmrg.com disc.hb.bizmrg.com	825 KB
9	dlscordsteam.ru 1 redirects dlscordsteam.ru	78 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 695	111 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 258	28 KB
25	4

	Domain	Requested by
15	disc.hb.bizmrg.com	dlscordsteam.ru
9	dlscordsteam.ru	1 redirects dlscordsteam.ru
1	code.jquery.com	dlscordsteam.ru
1	cdnjs.cloudflare.com	dlscordsteam.ru
25	4

This site contains no links.

Subject Issuer	Validity	Valid
*.dlscordsteam.ru E1	`2022-07-12` - `2022-10-10`	3 months	crt.sh
bizmrg.com GeoTrust RSA CA 2018	`2020-05-27` - `2022-08-10`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dlscordsteam.ru/
Frame ID: 5ABB06656C2B3E7E25EADDDB277D2CB6
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discord Nitro free from STEAM

Page URL History Show full URLs

http://dlscordsteam.ru/ HTTP 301
https://dlscordsteam.ru/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

25
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1041 kB
Transfer

1773 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dlscordsteam.ru/ HTTP 301
https://dlscordsteam.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dlscordsteam.ru/
Redirect Chain

http://dlscordsteam.ru/
https://dlscordsteam.ru/

27 KB
6 KB

148ms
110ms

Document
text/html

2606:4700:3031::6815:4585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dlscordsteam.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536967b7f639ee9de6a8b9cf200a1a5345f711bb71b19d72a177a6868e062e3e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72b36ce0ab058fee-FRA
content-encoding: br
content-type: text/html
date: Fri, 15 Jul 2022 15:10:30 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 12 Jul 2022 05:33:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qi%2F9dzXEg7g%2Fjk5tCNypDYg4VvrygpdLETZ93hFMKUAbdAFvHQ1oOz%2BNVFMULrd9VzYLJyp9fnLmYlVLRR6X9rKSmkI0TGObKR40WqG1XRsxrMmi4ndBvwrsK4MtIj77iXKyd5WFVezqjS48ud8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 72b36ce04b69bbce-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 15 Jul 2022 15:10:30 GMT
Expires: Fri, 15 Jul 2022 16:10:30 GMT
Location: https://dlscordsteam.ru/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcHn9oyCmTScppCRUUMwnmnVaSzbYYbDcAXI1uRb%2Bk9fmbiE%2B9ZgFIyDedwhSB05oDilxdb429xzW%2BmzKXe%2FaRVtel34WSnkIa9TZx51BaGiwkbPpyzder5ceFYPzKgATOG%2BQnAaaDSHbg%2F2%2BMs%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bc3bbacec3d800417d30026b941ed0290c2d71112073.css
dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/ 20 KB
6 KB 113ms
110ms Stylesheet
text/css 2606:4700:3031::6815:4585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/bc3bbacec3d800417d30026b941ed0290c2d71112073.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e72bfd5b2451298de330b65ffbf950c8f830c5d373435f26fce733e1264bef5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 04 Jun 2022 16:46:02 GMT
server: cloudflare
etag: W/"629b8c4a-510d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4yoIq7GFSvD8jYe1NT99TlUgvFJGojzE6jQv4ihXFpyMJFsKae8DJFDmuFbJejZKo6b98HP9U3XUu8ayePUjG9vWB2YJdF9lB4yDzfMLDjk7n4fkKquWTbtbkpLpkhepOdfNcoGPJUxarKEShE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72b36ce15c248fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f28a7a3be1b8525c1fccfa35bba3aa694c56ba44209c.css
dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/ 75 KB
18 KB 134ms
131ms Stylesheet
text/css 2606:4700:3031::6815:4585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/f28a7a3be1b8525c1fccfa35bba3aa694c56ba44209c.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2815908a70bff8204d9c9dc034dd649f3f560a90112b11ddd5e0e53583bd39c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Feb 2022 14:17:56 GMT
server: cloudflare
etag: W/"620a6494-12d95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y09m4k%2Bnl9zxWOFE34PTpcI16uiLSPuN2TUEHwEBYltjLtnao0WXrFodWvN09TXiFZgbX0GnnWAo0bR4v%2BrtHES5s8KgAjrB1hdYFdlmHciyM5MV8u%2F%2FkFG8pE3wBandy7aJVkMvDRW6FYmacQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72b36ce15c298fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 8e5687b09a0e9eb8dfe0131b6018cea248aff32c7dc7.css
dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/ 20 KB
4 KB 123ms
120ms Stylesheet
text/css 2606:4700:3031::6815:4585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/8e5687b09a0e9eb8dfe0131b6018cea248aff32c7dc7.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbdcded3c4261a3c9d79cb3cf9e641744ad1f2db504690f3a1a06f6b3893dda4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Feb 2022 14:17:57 GMT
server: cloudflare
etag: W/"620a6495-4e0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hq%2B9%2B%2F%2FNv2fp3CnWnxpEoC4ziuue83ryZC4oKVXBl4d8anL9bk6W3W2Nev3RVSp5AlCKw6x%2FxPQqeRHGWstkxJt0TgjaPS4vX2wJbnu3fqBOPIk1nuFdLVTLJ43z9VCClpvtoE7UamcHEtWQFQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72b36ce15c2a8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 41e7e56f5c31f33bef036e80089b9b4470ef2ea1c0d5.css
dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/ 10 KB
3 KB 113ms
111ms Stylesheet
text/css 2606:4700:3031::6815:4585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/41e7e56f5c31f33bef036e80089b9b4470ef2ea1c0d5.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ed5fedd4d231fd7599d828707a1af9728f3dd33876047b5b045c1cec3f5d02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Feb 2022 14:17:52 GMT
server: cloudflare
etag: W/"620a6490-2965"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gah20GeXl0P3hAxIUVvNLMCGyChFtleBdY7J0KvxGc7bwaoaVTb9wbK3iM%2Fu4Ga8gktNkcfe8mxdLImsOuTswN4duqSAAFMGl0nrkU73Sw41aq2Fihv2zMR5E0R3IIrCt6vny1pkRJEmesau50A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72b36ce15c2b8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 f1ea3663b9521e486698f21c3390f1460114eb303d2f.css
dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/ 6 KB
2 KB 120ms
117ms Stylesheet
text/css 2606:4700:3031::6815:4585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dlscordsteam.ru/e5155d85a9bc5eb4025326d870c6c7af1dfa74cf5dcc/f1ea3663b9521e486698f21c3390f1460114eb303d2f.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:4585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f653dbf761adb689f70bdfbc792ae65192e95b544d7e66dce483a4931b4c58e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 15 Apr 2022 15:36:03 GMT
server: cloudflare
etag: W/"625990e3-1722"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3qGn9RiSkC74KfhFdp9rpSG5rwhNLzpM6jNmBFc7H%2BlIT1nlCfYcYbGz532uSuSQs06vEnrN9gHX4UvFYEMP5Iuxax4d4XyMSvJx4565vtm7A2FDFjD833HZyHNzsLjK7Fsa4xSsHYPjHOGQQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72b36ce15c2f8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK css2
disc.hb.bizmrg.com/brqw/ 2 KB
2 KB 225ms
61ms Stylesheet
binary/octet-stream 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://disc.hb.bizmrg.com/brqw/css2
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: afbb224757994ccc20b0ab6ceb60eab144cd8825a392613861045e393632ec81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Last-modified: Mon, 13 Sep 2021 21:09:58 GMT
Server: nginx/1.20.2
Etag: "e97d1b143f268b7077bda24c08f20918"
Content-Type: binary/octet-stream
Connection: keep-alive
X-Host: hb-front18
X-Req-Id: uJMD79qq
Content-Length: 1714

GET
H/1.1 200
OK aos.css
disc.hb.bizmrg.com/brqw/ 25 KB
3 KB 231ms
67ms Stylesheet
text/css 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://disc.hb.bizmrg.com/brqw/aos.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:53 GMT
Server: nginx/1.20.2
Etag: W/"847da8fca8060ca1a70f976aab1210b9"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-Host: hb-front13
X-Req-Id: hmihqCcu

GET
H/1.1 200
OK fonts.css
disc.hb.bizmrg.com/brqw/ 2 KB
640 B 226ms
62ms Stylesheet
text/css 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://disc.hb.bizmrg.com/brqw/fonts.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 06496925a0de5195950c5052cf12922e84dacf294f61a762e59cb17e5ee25294

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:57 GMT
Server: nginx/1.20.2
Etag: W/"c73a623b8eefe0c4f73d986c18f17eba"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-Host: hb-front12
X-Req-Id: 2d9RWEF53

GET
H/1.1 200
OK reset.css
disc.hb.bizmrg.com/brqw/ 7 KB
3 KB 227ms
64ms Stylesheet
text/css 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://disc.hb.bizmrg.com/brqw/reset.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 4589b220804054c719126580ddacc9f783c50e360ff74949f7edc9ad5e99d0d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:56 GMT
Server: nginx/1.20.2
Etag: W/"eb63009793f45414b169f0f54ccf9dfd"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: 2MPnfJKk7

GET
H/1.1 200
OK style.css
disc.hb.bizmrg.com/brqw/ 13 KB
3 KB 235ms
70ms Stylesheet
text/css 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://disc.hb.bizmrg.com/brqw/style.css
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 4b2977d5c4a74b986f465dd8c01f4f335d4eb892f9acdbd8c707359e0edf0d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:56 GMT
Server: nginx/1.20.2
Etag: W/"e3ff4c416289161772b0d11d82b1c9b1"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-Host: hb-front27
X-Req-Id: 2JN7UtzpN

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 48ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 237995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27748
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15851"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJb9THSQvxTTYpdZubNF0I%2FPgzNTJ32y5aiqgcGkodThttPCVOxZZvzdajvMYJBgVV1WBsok38PA%2F0zFPnPBNDOuPt5YlTDxPB%2F3eDIqI82TL4h%2FiA%2F63bvYNts%2BWXhYxWg4GYQL6aVcIq%2F5NR%2Fo%2F5mK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72b36ce18e6e994b-FRA
expires: Wed, 05 Jul 2023 15:10:30 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.11.3/ 459 KB
111 KB 53ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.3/jquery-ui.js
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:30 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-72b1e"
vary: Accept-Encoding
x-hw: 1657897830.dop244.am5.t,1657897830.cds227.am5.hn,1657897830.cds209.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 113814

GET
H/1.1 200
OK letaem.png
disc.hb.bizmrg.com/brqw/ 156 KB
156 KB 110ms
108ms Image
image/png 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://disc.hb.bizmrg.com/brqw/letaem.png
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 7ecf94aa0ac271d9e97a43713f85564b158e61d12eed28ebdc04566b1a1013e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Last-modified: Mon, 13 Sep 2021 21:09:56 GMT
Server: nginx/1.20.2
Etag: "b941bc1dfe379db6cc1f2acc5a612f41"
Content-Type: image/png
Connection: keep-alive
X-Host: hb-front12
X-Req-Id: 2gaVBWVXk
Content-Length: 159901

GET
H/1.1 200
OK 11.svg
disc.hb.bizmrg.com/brqw/ 53 KB
21 KB 112ms
111ms Image
image/svg+xml 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://disc.hb.bizmrg.com/brqw/11.svg
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: c97a58d544c374c5214915f44f9daf67ae04ee8d3f94990b9269e4d6770fa042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:55 GMT
Server: nginx/1.20.2
Etag: W/"9d51aef4c57689e5f78f1124485f6eb9"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Connection: keep-alive
X-Host: hb-front18
X-Req-Id: 2Tee8zSta

GET
H/1.1 200
OK 22.svg
disc.hb.bizmrg.com/brqw/ 79 KB
33 KB 220ms
145ms Image
image/svg+xml 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://disc.hb.bizmrg.com/brqw/22.svg
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: bd91e0c9cbe61e71d4be397aa51fea6a67035ef9acc83069863b40dd58e7e6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:31 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:55 GMT
Server: nginx/1.20.2
Etag: W/"a85c1e61d72e1236b440a8b3abf4263d"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: 5vsEGnSJ

GET
H/1.1 200
OK 33.svg
disc.hb.bizmrg.com/brqw/ 15 KB
6 KB 65ms
62ms Image
image/svg+xml 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://disc.hb.bizmrg.com/brqw/33.svg
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 183f41e22ce48a678cf4e788df7e7f999ff55a89431f99501ea3e6f414406105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:54 GMT
Server: nginx/1.20.2
Etag: W/"1f4a4af827e31434fe29b8bc36c2513c"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Connection: keep-alive
X-Host: hb-front13
X-Req-Id: 3asqKfSSa

GET
H/1.1 200
OK 44.svg
disc.hb.bizmrg.com/brqw/ 25 KB
11 KB 68ms
67ms Image
image/svg+xml 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://disc.hb.bizmrg.com/brqw/44.svg
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 55b3d8cd7a577726ff430b6bc7fcdddc9a88a7f29d014f4323e63535ac67ba62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:54 GMT
Server: nginx/1.20.2
Etag: W/"c0da27d3ae69e4c0544f9d7b11319170"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Connection: keep-alive
X-Host: hb-front27
X-Req-Id: 3aDZN9yNR

GET
H/1.1 200
OK 55.png
disc.hb.bizmrg.com/brqw/ 287 KB
288 KB 155ms
125ms Image
image/png 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://disc.hb.bizmrg.com/brqw/55.png
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 1a3655b63a125832e069496e770bd5096944e9cd94695287ead4241f3f0d70f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:31 GMT
Last-modified: Mon, 13 Sep 2021 21:09:53 GMT
Server: nginx/1.20.2
Etag: "90e17f43426c2411b47906831576deaf"
Content-Type: image/png
Connection: keep-alive
X-Host: hb-front27
X-Req-Id: tJFTYAUX
Content-Length: 294360

GET
H/1.1 200
OK 66.png
disc.hb.bizmrg.com/brqw/ 291 KB
292 KB 82ms
82ms Image
image/png 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://disc.hb.bizmrg.com/brqw/66.png
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: fc8fe559f54194bba20a2d6a784877b7b6055defb0c39285f1ae7e92ec3c2f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:31 GMT
Last-modified: Mon, 13 Sep 2021 21:09:54 GMT
Server: nginx/1.20.2
Etag: "ff5b4f3466b1e217ba845ce0540da563"
Content-Type: image/png
Connection: keep-alive
X-Host: hb-front18
X-Req-Id: 2vY4RW2rk
Content-Length: 298455

GET
H/1.1 200
OK aos.js Show response
disc.hb.bizmrg.com/brqw/ 14 KB
5 KB 100ms
100ms Script
text/javascript 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://disc.hb.bizmrg.com/brqw/aos.js
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:52 GMT
Server: nginx/1.20.2
Etag: W/"a01f9089e8301e9eacfb9d029dc0ca5c"
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
X-Host: hb-front13
X-Req-Id: 38MUFu5W2

GET
H/1.1 200
OK app.js Show response
disc.hb.bizmrg.com/brqw/ 708 B
680 B 97ms
97ms Script
text/javascript 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://disc.hb.bizmrg.com/brqw/app.js
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: eef658dc8754130da957b5f424b6797bd7055ad181465a786151b648da275604

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Content-Encoding: gzip
Last-modified: Mon, 13 Sep 2021 21:09:52 GMT
Server: nginx/1.20.2
Etag: W/"5875cd06c3382e7c12ea9471125cbdaa"
Transfer-Encoding: chunked
Content-Type: text/javascript
Connection: keep-alive
X-Host: hb-front27
X-Req-Id: CHNb89E

GET
H/1.1 200
OK anim.js Show response
disc.hb.bizmrg.com/brqw/ 30 B
311 B 74ms
73ms Script
text/javascript 217.69.142.100
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://disc.hb.bizmrg.com/brqw/anim.js
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.69.142.100 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS: hotbox.cldmail.ru
Software: nginx/1.20.2 /
Resource Hash: 23192565482018fd06c84e84fc751fd6c6c7a9b11cb7b6e2ff535074b2e8a9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 15:10:30 GMT
Last-modified: Mon, 13 Sep 2021 21:09:52 GMT
Server: nginx/1.20.2
Etag: "7a068803ff9d18cf6a4c55c8a696eba4"
Content-Type: text/javascript
Connection: keep-alive
X-Host: hb-front11
X-Req-Id: CQSms33v
Content-Length: 30

GET
H3 200 af2e6ef3d2cf1a757f86aafc26073b7612b14234f9c5.js Show response
dlscordsteam.ru/28d44739e596ba4f09515320dd5e4d60808f35770cf4/ 100 KB
38 KB 119ms
118ms Script
application/javascript 2606:4700:3031::6815:4585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dlscordsteam.ru/28d44739e596ba4f09515320dd5e4d60808f35770cf4/af2e6ef3d2cf1a757f86aafc26073b7612b14234f9c5.js
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc5337e8352557275eb4798981a778ed37df10dba25e9ab09c282aab01f19da0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:30 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 04 May 2022 18:18:22 GMT
server: cloudflare
etag: W/"6272c36e-191f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eROqaef11PHmNveRHj%2Fqt3Ugi72uf%2FTFO%2B8hIsopBc3YZfIWoDOk3S2cKx1WuYcCscpSuGYvvcGgLfLdBYUqRbteGhX3mrqpiV5gEelbTKNPv6z0uSgUr%2FIeWG%2FUtmhQjOjmAC9gYieWgPDBVSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72b36ce2fe409256-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 metrica.php Show response
dlscordsteam.ru/ 0
529 B 337ms
337ms XHR
text/html 2606:4700:3031::6815:4585
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dlscordsteam.ru/metrica.php?method=LoadedCount&url=https%3A%2F%2Fdlscordsteam.ru%2F
Requested by: Host: dlscordsteam.ru
URL: https://dlscordsteam.ru/28d44739e596ba4f09515320dd5e4d60808f35770cf4/af2e6ef3d2cf1a757f86aafc26073b7612b14234f9c5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:4585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dlscordsteam.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 15:10:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDDkSa5JcmaS0ROVVqlNs6C1ndpYANsuI%2BqsT4I2ir3vyCT1aybfYxvMdPJP%2BnCv4SR3CPRlWwqi%2FY0EurG8e8mUUXHwMTmZQnbp5T6mH9AaDyBg6ko0cyR4GzvroO5UroaI3I9J%2FD1PPfhUDxo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 72b36ce41fad9256-FRA
access-control-allow-headers: X-Requested-With
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
disc.hb.bizmrg.com
dlscordsteam.ru
2001:4de0:ac18::1:a:2b
217.69.142.100
2606:4700:3031::6815:4585
2606:4700::6811:190e
02ed5fedd4d231fd7599d828707a1af9728f3dd33876047b5b045c1cec3f5d02
06496925a0de5195950c5052cf12922e84dacf294f61a762e59cb17e5ee25294
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
183f41e22ce48a678cf4e788df7e7f999ff55a89431f99501ea3e6f414406105
1a3655b63a125832e069496e770bd5096944e9cd94695287ead4241f3f0d70f4
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
23192565482018fd06c84e84fc751fd6c6c7a9b11cb7b6e2ff535074b2e8a9de
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
4589b220804054c719126580ddacc9f783c50e360ff74949f7edc9ad5e99d0d0
4b2977d5c4a74b986f465dd8c01f4f335d4eb892f9acdbd8c707359e0edf0d4b
536967b7f639ee9de6a8b9cf200a1a5345f711bb71b19d72a177a6868e062e3e
55b3d8cd7a577726ff430b6bc7fcdddc9a88a7f29d014f4323e63535ac67ba62
7ecf94aa0ac271d9e97a43713f85564b158e61d12eed28ebdc04566b1a1013e3
afbb224757994ccc20b0ab6ceb60eab144cd8825a392613861045e393632ec81
bd91e0c9cbe61e71d4be397aa51fea6a67035ef9acc83069863b40dd58e7e6d8
c2815908a70bff8204d9c9dc034dd649f3f560a90112b11ddd5e0e53583bd39c
c97a58d544c374c5214915f44f9daf67ae04ee8d3f94990b9269e4d6770fa042
d2f0522008bff05c6434e48ac8f11f7464331436a4d5d96a14a058a81a75c82e
dbdcded3c4261a3c9d79cb3cf9e641744ad1f2db504690f3a1a06f6b3893dda4
dc5337e8352557275eb4798981a778ed37df10dba25e9ab09c282aab01f19da0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72bfd5b2451298de330b65ffbf950c8f830c5d373435f26fce733e1264bef5d
eef658dc8754130da957b5f424b6797bd7055ad181465a786151b648da275604
f653dbf761adb689f70bdfbc792ae65192e95b544d7e66dce483a4931b4c58e3
fc8fe559f54194bba20a2d6a784877b7b6055defb0c39285f1ae7e92ec3c2f4a

dlscordsteam.ru Open in urlscan Pro 2606:4700:3031::6815:4585 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1041 kBTransfer

1773 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

0 Cookies

Indicators

dlscordsteam.ru Open in urlscan Pro
2606:4700:3031::6815:4585 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1041 kB
Transfer

1773 kB
Size

0
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!