Submitted URL: https://moderator-app.discord.awu.fyi/
Effective URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Securi...
Submission Tags: phishingrod
Submission: On October 30 via api from DE — Scanned from DE

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 173.255.221.194, located in Fremont, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is union.groups.io.
TLS certificate: Issued by R3 on September 1st 2023. Valid for: 3 months.
This is the only time union.groups.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 66.220.23.67 6939 (HURRICANE)
1 15 173.255.221.194 63949 (AKAMAI-LI...)
1 2a00:1450:400... 15169 (GOOGLE)
3 34.78.81.207 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:1900:401... 396982 (GOOGLE-CL...)
20 5
Apex Domain
Subdomains
Transfer
15 groups.io
union.groups.io
groups.io — Cisco Umbrella Rank: 183186
2 MB
4 spur.us
mcl.spur.us — Cisco Umbrella Rank: 812527
d0bbf216eef24965b11a1fd48d9c9022.verify-euw.spur.us
14 KB
2 awu.fyi
moderator-app.discord.awu.fyi
go.awu.fyi
2 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
979 B
20 5
Domain Requested by
14 union.groups.io 1 redirects union.groups.io
3 mcl.spur.us union.groups.io
mcl.spur.us
1 d0bbf216eef24965b11a1fd48d9c9022.verify-euw.spur.us mcl.spur.us
1 fonts.gstatic.com fonts.googleapis.com
1 groups.io union.groups.io
1 fonts.googleapis.com union.groups.io
1 go.awu.fyi 1 redirects
1 moderator-app.discord.awu.fyi 1 redirects
20 8

This site contains links to these domains. Also see Links.

Domain
groups.io
twitter.com
Subject Issuer Validity Valid
*.groups.io
R3
2023-09-01 -
2023-11-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-09 -
2024-01-01
3 months crt.sh
mcl.spur.us
R3
2023-09-07 -
2023-12-06
3 months crt.sh
groups.io
R3
2023-09-01 -
2023-11-30
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-09 -
2024-01-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Frame ID: 12189D80D9231E579CEBE80CD2A862EE
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Log In

Page URL History Show full URLs

  1. https://moderator-app.discord.awu.fyi/ HTTP 302
    https://go.awu.fyi/discord-guide HTTP 301
    https://union.groups.io/g/announcements/files/Platforms%20&%20Security%20Committee/Discord_User_Guid... HTTP 302
    https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatform... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

5
IPs

3
Countries

1771 kB
Transfer

3746 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://moderator-app.discord.awu.fyi/ HTTP 302
    https://go.awu.fyi/discord-guide HTTP 301
    https://union.groups.io/g/announcements/files/Platforms%20&%20Security%20Committee/Discord_User_Guide.pdf HTTP 302
    https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
union.groups.io/
Redirect Chain
  • https://moderator-app.discord.awu.fyi/
  • https://go.awu.fyi/discord-guide
  • https://union.groups.io/g/announcements/files/Platforms%20&%20Security%20Committee/Discord_User_Guide.pdf
  • https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
20 KB
7 KB
Document
General
Full URL
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
ed564c30d6e46381e88a19b4a3fa5de25fd75804b209430897c3db452be4f411
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 00:08:05 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY

Redirect headers

content-length
161
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Mon, 30 Oct 2023 00:08:05 GMT
location
/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
server
nginx/1.23.2
x-frame-options
DENY
tinymce.min.js
union.groups.io/tinymce-4.7.13/
343 KB
136 KB
Script
General
Full URL
https://union.groups.io/tinymce-4.7.13/tinymce.min.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
b787693680d9e0ddb220a6b68bd089863cd0284c293bb0b7ddf6755dd37e8135
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:05 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
browser-image-compression-2.0.2.min.js
union.groups.io/js/
56 KB
23 KB
Script
General
Full URL
https://union.groups.io/js/browser-image-compression-2.0.2.min.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
c6713a21756570af4c230f706faac4f0187845928bd14fd5910210d1cdc6fb87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:05 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
application-43481736bb7c3b3b15551fb9041196b6.css
union.groups.io/css/
822 KB
196 KB
Stylesheet
General
Full URL
https://union.groups.io/css/application-43481736bb7c3b3b15551fb9041196b6.css
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
e339787f29e572ad8afb5c6855535562ad78d0a5590e91344ea6903f6fb98896
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:05 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=utf-8
application-512d6dec6217cbf3f29d34d006f298ce.js
union.groups.io/js/
2 MB
519 KB
Script
General
Full URL
https://union.groups.io/js/application-512d6dec6217cbf3f29d34d006f298ce.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
f47205d65d064336d1bc0573dc05e45efad59d59ceb89764c3e7896127c2090d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:05 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
run_prettify.js
union.groups.io/js/
18 KB
9 KB
Script
General
Full URL
https://union.groups.io/js/run_prettify.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
8f2999c46ed595b8b1662439de9d521d7a2a71985cc2d17f3a8fbd9bfe9df949
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:05 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
cookieconsent-3.1.0.min.css
union.groups.io/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://union.groups.io/css/cookieconsent-3.1.0.min.css
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:05 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=utf-8
cookieconsent-3.1.0.min.js
union.groups.io/js/
20 KB
8 KB
Script
General
Full URL
https://union.groups.io/js/cookieconsent-3.1.0.min.js
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:05 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
css
fonts.googleapis.com/
2 KB
979 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Oct 2023 00:08:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 29 Oct 2023 22:25:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Oct 2023 00:08:05 GMT
mcl.js
mcl.spur.us/d/
17 KB
6 KB
Script
General
Full URL
https://mcl.spur.us/d/mcl.js?tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.78.81.207 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.81.78.34.bc.googleusercontent.com
Software
/
Resource Hash
10f1cd0bcd17b8670a9618926b10f6eecc8f899b53fea351ea45ac37028fca36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
content-encoding
gzip
date
Mon, 30 Oct 2023 00:08:06 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=43200
access-control-allow-headers
*
expires
Thu, 01 Jan 1970 00:00:00 UTC
mainlogo.png
groups.io/img/org.1/
7 KB
7 KB
Image
General
Full URL
https://groups.io/img/org.1/mainlogo.png
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
8d21574a53fff4ee0ddf7bd32d114a1a1f2adb736b54a1a3583106d41cec2a87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:06 GMT
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 28 Oct 2023 03:33:40 GMT
server
nginx/1.23.2
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
content-length
6937
google_logo.png
union.groups.io/img/
18 KB
18 KB
Image
General
Full URL
https://union.groups.io/img/google_logo.png
Requested by
Host: union.groups.io
URL: https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
aa7f38e10a197cc7406281eb82ea11b6067f365de574cbe6f7d76df0f488eb2e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:05 GMT
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 28 Oct 2023 03:33:40 GMT
server
nginx/1.23.2
x-frame-options
DENY
content-type
image/png
accept-ranges
bytes
content-length
18312
prettify.css
union.groups.io/css/
656 B
536 B
Stylesheet
General
Full URL
https://union.groups.io/css/prettify.css
Requested by
Host: union.groups.io
URL: https://union.groups.io/js/run_prettify.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
33a90fe294bbf4fe767363cc7b5534c1ce5c6495edf9efd61d1e82d932ec9449
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/login?r=https%3A%2F%2Funion.groups.io%2Fg%2Fannouncements%2Ffiles%2FPlatforms%2520%26%2520Security%2520Committee%2FDiscord_User_Guide.pdf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:06 GMT
content-security-policy
frame-ancestors 'self';
content-encoding
gzip
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/css; charset=utf-8
fa-solid-900.woff2
union.groups.io/webfonts/
320 KB
321 KB
Font
General
Full URL
https://union.groups.io/webfonts/fa-solid-900.woff2
Requested by
Host: union.groups.io
URL: https://union.groups.io/css/application-43481736bb7c3b3b15551fb9041196b6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

Referer
https://union.groups.io/css/application-43481736bb7c3b3b15551fb9041196b6.css
Origin
https://union.groups.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:06 GMT
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Origin
x-frame-options
DENY
content-type
font/woff
access-control-allow-origin
https://union.groups.io
access-control-allow-credentials
true
accept-ranges
bytes
content-length
327824
fa-regular-400.woff2
union.groups.io/webfonts/
386 KB
387 KB
Font
General
Full URL
https://union.groups.io/webfonts/fa-regular-400.woff2
Requested by
Host: union.groups.io
URL: https://union.groups.io/css/application-43481736bb7c3b3b15551fb9041196b6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

Referer
https://union.groups.io/css/application-43481736bb7c3b3b15551fb9041196b6.css
Origin
https://union.groups.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:06 GMT
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 28 Oct 2023 03:33:40 GMT
server
nginx/1.23.2
vary
Origin
x-frame-options
DENY
content-type
font/woff
access-control-allow-origin
https://union.groups.io
access-control-allow-credentials
true
accept-ranges
bytes
content-length
395444
fa-brands-400.woff2
union.groups.io/webfonts/
108 KB
109 KB
Font
General
Full URL
https://union.groups.io/webfonts/fa-brands-400.woff2
Requested by
Host: union.groups.io
URL: https://union.groups.io/css/application-43481736bb7c3b3b15551fb9041196b6.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.255.221.194 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
lb02.groups.io
Software
nginx/1.23.2 /
Resource Hash
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Request headers

Referer
https://union.groups.io/css/application-43481736bb7c3b3b15551fb9041196b6.css
Origin
https://union.groups.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 00:08:06 GMT
content-security-policy
frame-ancestors 'self';
last-modified
Sat, 28 Oct 2023 03:33:39 GMT
server
nginx/1.23.2
vary
Origin
x-frame-options
DENY
content-type
font/woff
access-control-allow-origin
https://union.groups.io
access-control-allow-credentials
true
accept-ranges
bytes
content-length
110932
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://union.groups.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 23:02:07 GMT
x-content-type-options
nosniff
age
522359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Oct 2024 23:02:07 GMT
p
d0bbf216eef24965b11a1fd48d9c9022.verify-euw.spur.us/d/
1 KB
1 KB
Fetch
General
Full URL
https://d0bbf216eef24965b11a1fd48d9c9022.verify-euw.spur.us/d/p?s=d0bbf216-eef2-4965-b11a-1fd48d9c9022
Requested by
Host: mcl.spur.us
URL: https://mcl.spur.us/d/mcl.js?tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1900:4010:942b:0:47:: Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
c71be81a4e39a4a7927ddae44ccc1589c3ab691ee1ddca0ba86a6bff3353a91b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Mon, 30 Oct 2023 00:08:06 GMT
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-headers
*
content-length
1078
expires
Thu, 01 Jan 1970 00:00:00 UTC
v
mcl.spur.us/d/
5 KB
6 KB
Fetch
General
Full URL
https://mcl.spur.us/d/v?v=0.0.20&t=js&s=d6342a6c-f85e-4934-8830-ab641dafc368&tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Requested by
Host: mcl.spur.us
URL: https://mcl.spur.us/d/mcl.js?tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.78.81.207 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.81.78.34.bc.googleusercontent.com
Software
/
Resource Hash
cfd3e72db4f47399140b40d15cc707c943f321987e9505ffcbaa33905843d7a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://union.groups.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
x-accel-expires
0
date
Mon, 30 Oct 2023 00:08:06 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-headers
*
expires
Thu, 01 Jan 1970 00:00:00 UTC
bundle
mcl.spur.us/r/
742 B
832 B
XHR
General
Full URL
https://mcl.spur.us/r/bundle?v=0.0.20&t=js&s=d6342a6c-f85e-4934-8830-ab641dafc368&tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Requested by
Host: mcl.spur.us
URL: https://mcl.spur.us/d/mcl.js?tk=1SophVlXGesVuwb0k8HeVAKMEB0ismPiCWAb787K7n5RzD4KOg6s87vfLrHyrHTWXsZ4Y9LmGA3NkXub2KXJmSqQkBCfmdeIgQWIjA2m5Py0s0jpfhmzXeKk8xJ1YTjonajS7YDCunkSh09auUxLslxq0QL7mWOPftd6wfXt6WKCDPyDcQVbFjY01NXyFfasFrwqL22K0TDlxZyi3ZcdnSbNczjNe4u63LAhlO9FBEHUco79bsqjWOMN0RjY8EOIwGhdelHiealuFPZx7c0nC0zzSPazHCWk2G9jcPx1D3rFQcBb11j7ydl6nM0E76p8g7tUpSmGsReKkvWP3HuGBClWP9zuOTH0Y1a3kI2yu1cls4oZS4JRu43YINjzAuLkexEJXscVPHeQC3HBLU6KX8FDUn3VnbCf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.78.81.207 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.81.78.34.bc.googleusercontent.com
Software
/
Resource Hash
f7cb4bc63325b3d283f969ba9b83f35ef0e6c48dc3f52e0767b768a1cdaf6e37

Request headers

Referer
https://union.groups.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
x-accel-expires
0
content-encoding
gzip
date
Mon, 30 Oct 2023 00:08:06 GMT
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-headers
*
content-length
618
expires
Thu, 01 Jan 1970 00:00:00 UTC

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| setPullToRefresh function| gotoURL function| contentLoaded function| logError undefined| pushSubToken boolean| ignoreErrors string| lastError number| mce-data-1hduuheuu object| tinymce object| tinyMCE function| imageCompression function| DisplayShortTime function| DisplayFeedTime function| DisplayFullTime function| CompareDates function| IsToday function| DisplayDate function| DisplayHoursMins function| checkAll function| drawer object| drawerObj function| showResults function| showVote function| vote object| FullCalendar function| updateAttachments function| doUpdateAttachments function| deleteAttachment function| asyncGeneratorStep function| _asyncToGenerator function| takePicture function| _takePicture function| uploadImage function| _uploadImage object| retryTimer function| jsBundleVersion function| $ function| jQuery object| jQuery112409645813820228333 function| moment object| FullCalendarVDom object| vttjs function| WebVTT function| videojs object| jstz function| ReconnectingWebSocket function| autosize object| htmx object| cookieconsent boolean| PR_SHOULD_USE_CONTINUATION object| PR function| submitEvent function| gioDestroy function| dismiss object| $alerttemplate object| $alertnoclosetemplate object| $noticetemplate function| createAlert object| tz function| sendLoginLink function| scrollToTop object| MCL function| Monocle object| default

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d0bbf216eef24965b11a1fd48d9c9022.verify-euw.spur.us
fonts.googleapis.com
fonts.gstatic.com
go.awu.fyi
groups.io
mcl.spur.us
moderator-app.discord.awu.fyi
union.groups.io
173.255.221.194
2600:1900:4010:942b:0:47::
2a00:1450:4001:80b::200a
2a00:1450:4001:831::2003
34.78.81.207
66.220.23.67
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
10f1cd0bcd17b8670a9618926b10f6eecc8f899b53fea351ea45ac37028fca36
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
33a90fe294bbf4fe767363cc7b5534c1ce5c6495edf9efd61d1e82d932ec9449
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
8d21574a53fff4ee0ddf7bd32d114a1a1f2adb736b54a1a3583106d41cec2a87
8f2999c46ed595b8b1662439de9d521d7a2a71985cc2d17f3a8fbd9bfe9df949
aa7f38e10a197cc7406281eb82ea11b6067f365de574cbe6f7d76df0f488eb2e
b787693680d9e0ddb220a6b68bd089863cd0284c293bb0b7ddf6755dd37e8135
b85c4d4bcb7be039d30281d940426203622394a85d4cd2b43048b57a924a7d51
bdb9ca4674e16a180ad38ba1b55ea1224a38677e604f5c5e560b85194970b85a
c6713a21756570af4c230f706faac4f0187845928bd14fd5910210d1cdc6fb87
c71be81a4e39a4a7927ddae44ccc1589c3ab691ee1ddca0ba86a6bff3353a91b
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cfd3e72db4f47399140b40d15cc707c943f321987e9505ffcbaa33905843d7a9
e339787f29e572ad8afb5c6855535562ad78d0a5590e91344ea6903f6fb98896
ed564c30d6e46381e88a19b4a3fa5de25fd75804b209430897c3db452be4f411
f47205d65d064336d1bc0573dc05e45efad59d59ceb89764c3e7896127c2090d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cb4bc63325b3d283f969ba9b83f35ef0e6c48dc3f52e0767b768a1cdaf6e37