URL: https://hide-cs.eu/
Submission: On December 19 via api from US — Scanned from US

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 29 HTTP transactions. The main IP is 193.46.84.144, located in Lithuania and belongs to DOMENAIAS UAB Bartus pro, LT. The main domain is hide-cs.eu.
TLS certificate: Issued by E5 on November 11th 2024. Valid for: 3 months.
This is the only time hide-cs.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 193.46.84.144 51107 (DOMENAIAS...)
1 173.194.204.95 15169 (GOOGLE)
1 192.229.210.155 15133 (EDGECAST)
1 109.235.67.100 212531 (Interneto...)
1 2 162.159.137.232 13335 (CLOUDFLAR...)
1 64.233.180.94 15169 (GOOGLE)
29 6
Apex Domain
Subdomains
Transfer
24 hide-cs.eu
hide-cs.eu
www.hide-cs.eu
3 MB
2 discord.com
www.discord.com — Cisco Umbrella Rank: 498622
discord.com — Cisco Umbrella Rank: 2491
695 B
1 gstatic.com
fonts.gstatic.com
18 KB
1 hey.lt
www.hey.lt
1 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2811
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
29 6
Domain Requested by
23 hide-cs.eu hide-cs.eu
1 fonts.gstatic.com fonts.googleapis.com
1 discord.com hide-cs.eu
1 www.discord.com 1 redirects
1 www.hey.lt hide-cs.eu
1 www.hide-cs.eu hide-cs.eu
1 www.paypalobjects.com hide-cs.eu
1 fonts.googleapis.com hide-cs.eu
29 8

This site contains links to these domains. Also see Links.

Domain
www.hide-cs.eu
www.discord.com
cssetti.pl
www.cssetti.pl
www.hey.lt
Subject Issuer Validity Valid
hide-cs.eu
E5
2024-11-11 -
2025-02-09
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2024-06-13 -
2025-06-12
a year crt.sh
hey.lt
Sectigo RSA Domain Validation Secure Server CA
2024-03-04 -
2025-03-17
a year crt.sh
discord.com
WE1
2024-11-17 -
2025-02-15
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh

This page contains 2 frames:

Primary Page: https://hide-cs.eu/
Frame ID: D2D39D1D6E87CD8B72EE852F1255B36B
Requests: 28 HTTP requests in this frame

Frame: https://discord.com/widget?id=1099769385524154488&theme=dark
Frame ID: C3E4F3AC016317B00F90B145E98935E5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

HNS | PB | SURF | BM | CSDM | GG | BHOP/KZ | TRAINING | ZM HIDE-CS.EU - CS 1.6 SERVERS! |

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+_s-xclick
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

3
Countries

2877 kB
Transfer

2896 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://www.discord.com/widget?id=1099769385524154488&theme=dark HTTP 301
  • https://discord.com/widget?id=1099769385524154488&theme=dark

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
hide-cs.eu/
12 KB
3 KB
Document
General
Full URL
https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
491e891dc954b0bc34a470c984ed27c7b8a64fdbd456cf9d20d5a26aa0d36b2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
3328
content-type
text/html; charset=UTF-8
date
Thu, 19 Dec 2024 17:26:53 GMT
server
Apache/2
vary
Accept-Encoding,User-Agent
css
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.204.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f95.1e100.net
Software
ESF /
Resource Hash
d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 17:26:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 19 Dec 2024 17:26:55 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 19 Dec 2024 16:14:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
styles.css
hide-cs.eu/
9 KB
2 KB
Stylesheet
General
Full URL
https://hide-cs.eu/styles.css
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
6f53cb008bf12fb79dadbe91084873c0ac66554e5ef7f1ec68655a7d750a0f89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

content-encoding
gzip
etag
"2269-629089276cb80-gzip"
accept-ranges
bytes
content-length
1732
date
Thu, 19 Dec 2024 17:26:54 GMT
last-modified
Thu, 12 Dec 2024 01:24:14 GMT
vary
Accept-Encoding,User-Agent
server
Apache/2
content-type
text/css
paneleicon.png
hide-cs.eu/img/
6 KB
6 KB
Image
General
Full URL
https://hide-cs.eu/img/paneleicon.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
379be6a2d0f29803c19cbc6d3ac195c2e52581fc09d3df8555fa505723ca70b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
6418
etag
"1912-6234512b79280"
date
Thu, 19 Dec 2024 17:26:54 GMT
last-modified
Sun, 29 Sep 2024 17:03:54 GMT
content-type
image/png
server
Apache/2
btn_buynowCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
3 KB
3 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lac/5597) /
Resource Hash
360e247cd97e950e7a8a3f0be284a0409020589872429874b9a23dc553ab24f9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

paypal-debug-id
01de84ff3dfa8
etag
"650ca24c-adf"
x-content-type-options
nosniff
expires
Thu, 19 Dec 2024 18:26:55 GMT
traceparent
00-000000000000000000001de84ff3dfa8-85f4f7a595bd97c0-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 19 Dec 2024 17:26:55 GMT
content-type
image/gif
last-modified
Thu, 21 Sep 2023 20:06:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
2783
server
ECAcc (lac/5597)
cs1.6menu.png
hide-cs.eu/img/
3 KB
3 KB
Image
General
Full URL
https://hide-cs.eu/img/cs1.6menu.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
ca57bf3406c5a93b0351f6a9f3fc55b88c29cfe4399c3e9ba1de30bffb9f309f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
2868
etag
"b34-623456dda42c0"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:29:23 GMT
content-type
image/png
server
Apache/2
buyvip1.png
hide-cs.eu/img/
80 KB
80 KB
Image
General
Full URL
https://hide-cs.eu/img/buyvip1.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
793e657761e322b0a9e877f43face72af611e53e199db6628afda53d412a20b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
81593
etag
"13eb9-623cd91581280"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 06 Oct 2024 11:54:34 GMT
content-type
image/png
server
Apache/2
buyadmin1.png
hide-cs.eu/img/
80 KB
80 KB
Image
General
Full URL
https://hide-cs.eu/img/buyadmin1.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
d9297c263ed9b6537e25fc1544d83cdf8d553143402d333350ed387c56cd7fec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
81593
etag
"13eb9-623cd8d784040"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 06 Oct 2024 11:53:29 GMT
content-type
image/png
server
Apache/2
unban1.png
hide-cs.eu/img/
80 KB
80 KB
Image
General
Full URL
https://hide-cs.eu/img/unban1.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
e5fd1d933d35a7816d9ae938504963cbfd7099a785b80c41b7419dd4b53f055f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
81593
etag
"13eb9-623cd893ce080"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 06 Oct 2024 11:52:18 GMT
content-type
image/png
server
Apache/2
bans1.png
hide-cs.eu/img/
80 KB
80 KB
Image
General
Full URL
https://hide-cs.eu/img/bans1.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
c150533b21c8e28412a7d7cbac1ee9dec4fc4cfe8a3c3be9920fb9ef603d806a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
81593
etag
"13eb9-623cd85d72040"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 06 Oct 2024 11:51:21 GMT
content-type
image/png
server
Apache/2
HLstats1.png
hide-cs.eu/img/
80 KB
80 KB
Image
General
Full URL
https://hide-cs.eu/img/HLstats1.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
17ae134dd319cb7d7415f28d9b53a2a44b096430e1e57743b54b948891eb18a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
81593
etag
"13eb9-623cd82eb7200"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 06 Oct 2024 11:50:32 GMT
content-type
image/png
server
Apache/2
team.png
hide-cs.eu/img/
3 KB
3 KB
Image
General
Full URL
https://hide-cs.eu/img/team.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
17f66fa57588005a8872f7a16f3e02522712512272e7d1436092efafa09dc806

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
2763
etag
"acb-623454c97db40"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:20:05 GMT
content-type
image/png
server
Apache/2
royalityteam.png
hide-cs.eu/img/
36 KB
36 KB
Image
General
Full URL
https://hide-cs.eu/img/royalityteam.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
29753368882aec6674605f797cf383fadbe6e55c6928dc00635b76b3ef7d3701

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
36940
etag
"904c-623f4218ac980"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Tue, 08 Oct 2024 09:55:02 GMT
content-type
image/png
server
Apache/2
vectoryteam.png
hide-cs.eu/img/
41 KB
41 KB
Image
General
Full URL
https://hide-cs.eu/img/vectoryteam.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
2ae4c43b3aaaab20bc75fa999424e332ed8d99986d7cc9a849c097dff88c3a34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
42253
etag
"a50d-623f423178400"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Tue, 08 Oct 2024 09:55:28 GMT
content-type
image/png
server
Apache/2
servers.png
hide-cs.eu/img/
3 KB
3 KB
Image
General
Full URL
https://hide-cs.eu/img/servers.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
17f8a43c9d7b458b9e6ff4d77fb7868f840fb5a0d40361dbee643b36b0f4907e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
2868
etag
"b34-6234579c604c0"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:32:43 GMT
content-type
image/png
server
Apache/2
banner.png
hide-cs.eu/img/
232 KB
232 KB
Image
General
Full URL
https://hide-cs.eu/img/banner.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
a2165a866b66aec32ec2fc0d52ff847c2f81b6b218aa101a121da18883dc0dd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
237066
etag
"39e0a-6234592b03140"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:39:41 GMT
content-type
image/png
server
Apache/2
on.gif
hide-cs.eu/img/
962 B
1 KB
Image
General
Full URL
https://hide-cs.eu/img/on.gif
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
4819c65fed117a72e081f8b9348fedb88b22351339b30b13bce16bbecfb0ff8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
962
etag
"3c2-4ede26e412ec0"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Thu, 19 Dec 2013 12:37:55 GMT
content-type
image/gif
server
Apache/2
newsicon.png
hide-cs.eu/img/
3 KB
3 KB
Image
General
Full URL
https://hide-cs.eu/img/newsicon.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
1bac39a2388cc7935d7ccc4cd8c0acd380136931f40f830cb4b0848cc97a889d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
2663
etag
"a67-62345328bc400"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:12:48 GMT
content-type
image/png
server
Apache/2
advrs.jpg
www.hide-cs.eu/images/
4 KB
4 KB
Image
General
Full URL
https://www.hide-cs.eu/images/advrs.jpg
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
5db6e40c529b13c98abdfa986a9dea76ed755e3fb3a4f5042fa9d962d8229da1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

accept-ranges
bytes
content-length
3781
etag
"ec5-5f9c8e973a940"
date
Thu, 19 Dec 2024 17:26:56 GMT
last-modified
Thu, 20 Apr 2023 18:43:09 GMT
content-type
image/jpeg
server
Apache/2
count.php
www.hey.lt/
435 B
1 KB
Image
General
Full URL
https://www.hey.lt/count.php?id=hidecs
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.235.67.100 , Lithuania, ASN212531 (Interneto-vizija UAB "Interneto vizija", LT),
Reverse DNS
server.hey.lt
Software
Apache /
Resource Hash
51a078e8bc0a15a206e836786f06a9a953b02e2e2a72e244ec301255387cfc97
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
frame-ancestors 'self'
Cache-Control
max-age=604800
Pragma
no-cache
Connection
close
X-Content-Type-Options
nosniff
Referrer-Policy
same-origin
Permissions-Policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Expires
Thu, 1 Jan 1970 00:00:00 GMT
P3P
CP="NID"
Content-Length
435
Date
Thu, 19 Dec 2024 17:26:56 GMT
Content-Type
image/png
Server
Apache
X-Frame-Options
SAMEORIGIN
widget
discord.com/ Frame C3E4
Redirect Chain
  • https://www.discord.com/widget?id=1099769385524154488&theme=dark
  • https://discord.com/widget?id=1099769385524154488&theme=dark
0
0
Document
General
Full URL
https://discord.com/widget?id=1099769385524154488&theme=dark
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
162.159.137.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hide-cs.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8f4919b4b84a1b32-PHX
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Thu, 05 Oct 2023 23:01:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlzZ1ArsocKZP95wTSOdK9Kbsns8lKXCtGO5xzDYl6cJtclEvANZ9p3nIKg6mHEc24eTYfwHaD18ZYv1EG88QXGR0ZMWdWyVHJOJyQcgpOsLZqlE%2F1CUNlxBO5NN"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-build-id
8688a61c63e65df22fb849a73b303b75a3bca43d
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8f4919b40f0f1b32-PHX
content-length
167
content-type
text/html
date
Thu, 19 Dec 2024 17:26:55 GMT
expires
Thu, 19 Dec 2024 18:26:55 GMT
location
https://discord.com/widget?id=1099769385524154488&theme=dark
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXBEwTxLrN%2B7gCE%2BpoqgeR0qSpEbySnJLqI9IgjUkz%2B8XhUhnX6333tiaV0AIcFu8%2BzS9971BuxbYeMzF%2BIxHFKIJlPRoWpGDUoxtO5CrKU8FXr6lKpgNf20R7ouOSSAlg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
logo3.png
hide-cs.eu/img/
11 KB
11 KB
Image
General
Full URL
https://hide-cs.eu/img/logo3.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
07298916b812cca1a8fcd86261c47bed10810456a476cf8aeadc190753797c55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/styles.css

Response headers

accept-ranges
bytes
content-length
10875
etag
"2a7b-626ac83feacc0"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Tue, 12 Nov 2024 00:44:11 GMT
content-type
image/png
server
Apache/2
Hideban.png
hide-cs.eu/img/
734 KB
734 KB
Image
General
Full URL
https://hide-cs.eu/img/Hideban.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
065a7d9d56c6a05d0c9f7efa90d5a8f4640175c051c6ef0031b62135da82fba4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/styles.css

Response headers

accept-ranges
bytes
content-length
751536
etag
"b77b0-6290845ee8280"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Thu, 12 Dec 2024 01:02:50 GMT
content-type
image/png
server
Apache/2
panele.png
hide-cs.eu/img/
92 KB
93 KB
Image
General
Full URL
https://hide-cs.eu/img/panele.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
89fc04478dd69ada3f08742b28bfc81e362976bdbd0b9af7c3185c06eb1adbf7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/styles.css

Response headers

accept-ranges
bytes
content-length
94625
etag
"171a1-62345566d8e80"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:22:50 GMT
content-type
image/png
server
Apache/2
newsbanner.png
hide-cs.eu/img/
188 KB
188 KB
Image
General
Full URL
https://hide-cs.eu/img/newsbanner.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
774fe34493980ce54acff15b33fc1b7640c02c4947ab9af07bbddc593e85497b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/styles.css

Response headers

accept-ranges
bytes
content-length
192380
etag
"2ef7c-62345c8b0a7c0"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:54:47 GMT
content-type
image/png
server
Apache/2
DC.png
hide-cs.eu/img/
919 KB
920 KB
Image
General
Full URL
https://hide-cs.eu/img/DC.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
5ebab11483a74b08d187196c5bc321e7eee199d18f52d77d64fdf2c2ef42f25f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/styles.css

Response headers

accept-ranges
bytes
content-length
941148
etag
"e5c5c-6234528a6ce80"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:10:02 GMT
content-type
image/png
server
Apache/2
news.png
hide-cs.eu/img/
164 KB
165 KB
Image
General
Full URL
https://hide-cs.eu/img/news.png
Requested by
Host: hide-cs.eu
URL: https://hide-cs.eu/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
24da76af5918eae0d4bd403f7e9837f43c24ae50df57b960cb0341a7c5af4996

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/styles.css

Response headers

accept-ranges
bytes
content-length
168416
etag
"291e0-62345220914c0"
date
Thu, 19 Dec 2024 17:26:55 GMT
last-modified
Sun, 29 Sep 2024 17:08:11 GMT
content-type
image/png
server
Apache/2
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v29/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://hide-cs.eu
Referer
https://fonts.googleapis.com/

Response headers

age
516169
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 18:04:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Dec 2024 18:04:06 GMT
last-modified
Wed, 06 Nov 2024 17:30:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18792
x-xss-protection
0
server
sffe
favicon.ico
hide-cs.eu/
15 KB
7 KB
Other
General
Full URL
https://hide-cs.eu/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.46.84.144 , Lithuania, ASN51107 (DOMENAIAS UAB Bartus pro, LT),
Reverse DNS
mindaugas.domenai.lt
Software
Apache/2 /
Resource Hash
1f2f755ad3684296ed352b23ca3e770180f49c5475142a77e562ffb18212c3eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://hide-cs.eu/

Response headers

content-encoding
gzip
etag
"3c2e-628ca51043900-gzip"
accept-ranges
bytes
content-length
7489
date
Thu, 19 Dec 2024 17:26:57 GMT
last-modified
Sun, 08 Dec 2024 23:07:48 GMT
vary
Accept-Encoding,User-Agent
server
Apache/2
content-type
image/x-icon

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| scrolltitle string| title number| position number| titleScroll

3 Cookies

Domain/Path Name / Value
.discord.com/ Name: __cfruid
Value: a6373cd6aad1263f6eec45c5222eeef836b2ed64-1734629215
.discord.com/ Name: _cfuvid
Value: IyV9DY4k535_OnJifWtCzLtBuNzu5nhclTnkdqZp41U-1734629215599-0.0.1.1-604800000
.discord.com/ Name: cf_clearance
Value: 3RTh6junIniIKPp.g2mU.KI5rZzNx4myYuXYOXkyWJk-1734629216-1.2.1.1-xno9anrsQbRb0zYCR03LZ_DrdKmOOtD2P0pLU5lSOtMJPI2fvaIbFARj1frTmie9WEMsamTHjPu6ZUv1hU7nFAQGV2wRSuuWmq3.SMhqk8FrJIctmJsqzltMQJFPppmJgfyd0dM5E6qdLdYrdj_.DWnbNLkRuacdEV.GRp.zf5VUvFzzUyhKH.9zBepZr4xva5XV0oZ4yvoX6r6iO49vc_D5iHcXvkpPnCfD1RcaIkBJHw4iLdCSr6Vj1JkeEbDBuCZqWRQFjaVS48DFPaMawYQft7LvZ7mz6g5qMKe9Od2hBnJUV91o1Q2pWmZ_jGsg4PIeyANshUkhq84TCHUSPy5MgCDXSGl5GkjiP8B1dnvZCYrCo8EbfAIo4zs0L_dI

18 Console Messages

Source Level URL
Text
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hide-cs.eu/(Line 337)
Message:
Mixed Content: The page at 'https://hide-cs.eu/' was loaded over HTTPS, but requested an insecure element 'http://hide-cs.eu/img/on.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

discord.com
fonts.googleapis.com
fonts.gstatic.com
hide-cs.eu
www.discord.com
www.hey.lt
www.hide-cs.eu
www.paypalobjects.com
109.235.67.100
162.159.137.232
173.194.204.95
192.229.210.155
193.46.84.144
64.233.180.94
065a7d9d56c6a05d0c9f7efa90d5a8f4640175c051c6ef0031b62135da82fba4
07298916b812cca1a8fcd86261c47bed10810456a476cf8aeadc190753797c55
17ae134dd319cb7d7415f28d9b53a2a44b096430e1e57743b54b948891eb18a5
17f66fa57588005a8872f7a16f3e02522712512272e7d1436092efafa09dc806
17f8a43c9d7b458b9e6ff4d77fb7868f840fb5a0d40361dbee643b36b0f4907e
1bac39a2388cc7935d7ccc4cd8c0acd380136931f40f830cb4b0848cc97a889d
1c9c85d0b73b7321eb8ed22e0b6bcd577478dd5f99d1379a5d4cea10884033ac
1f2f755ad3684296ed352b23ca3e770180f49c5475142a77e562ffb18212c3eb
24da76af5918eae0d4bd403f7e9837f43c24ae50df57b960cb0341a7c5af4996
29753368882aec6674605f797cf383fadbe6e55c6928dc00635b76b3ef7d3701
2ae4c43b3aaaab20bc75fa999424e332ed8d99986d7cc9a849c097dff88c3a34
360e247cd97e950e7a8a3f0be284a0409020589872429874b9a23dc553ab24f9
379be6a2d0f29803c19cbc6d3ac195c2e52581fc09d3df8555fa505723ca70b5
4819c65fed117a72e081f8b9348fedb88b22351339b30b13bce16bbecfb0ff8d
491e891dc954b0bc34a470c984ed27c7b8a64fdbd456cf9d20d5a26aa0d36b2f
51a078e8bc0a15a206e836786f06a9a953b02e2e2a72e244ec301255387cfc97
5db6e40c529b13c98abdfa986a9dea76ed755e3fb3a4f5042fa9d962d8229da1
5ebab11483a74b08d187196c5bc321e7eee199d18f52d77d64fdf2c2ef42f25f
6f53cb008bf12fb79dadbe91084873c0ac66554e5ef7f1ec68655a7d750a0f89
774fe34493980ce54acff15b33fc1b7640c02c4947ab9af07bbddc593e85497b
793e657761e322b0a9e877f43face72af611e53e199db6628afda53d412a20b3
89fc04478dd69ada3f08742b28bfc81e362976bdbd0b9af7c3185c06eb1adbf7
a2165a866b66aec32ec2fc0d52ff847c2f81b6b218aa101a121da18883dc0dd0
c150533b21c8e28412a7d7cbac1ee9dec4fc4cfe8a3c3be9920fb9ef603d806a
ca57bf3406c5a93b0351f6a9f3fc55b88c29cfe4399c3e9ba1de30bffb9f309f
d2985f60e922d8796396c202ffcb9f6f6c2a57f510cb49f9babf16d025c6b058
d9297c263ed9b6537e25fc1544d83cdf8d553143402d333350ed387c56cd7fec
e5fd1d933d35a7816d9ae938504963cbfd7099a785b80c41b7419dd4b53f055f