discord-steamcommunity.com Open in urlscan Pro
190.115.18.199  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://discord-steamcommunity.com/nitro Page URL
2. https://discord-steamcommunity.com/nitro Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	nitro Show response discord-steamcommunity.com/	9 KB 2 KB	139ms 87ms	Document text/html	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash e1e22835fae880946b8931a8261a7b19a3e78c261b936376e0cb9a8a62e05854 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server ddos-guard strict-transport-security max-age=2628000 date Tue, 15 Feb 2022 14:33:45 GMT content-type text/html; charset=utf-8 max-age 1 cache-control no-cache etag W/"2242-7pVJjZq8do1tLTyP+AZh39faOC8" content-encoding br vary Accept-Encoding
GET H2	200	css2 fonts.googleapis.com/	3 KB 1 KB	37ms 16ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 15 Feb 2022 13:36:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 15 Feb 2022 14:33:45 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 15 Feb 2022 14:33:45 GMT
GET H2	404	style.css discord-steamcommunity.com/assets/css/	0 0	72ms 69ms	Stylesheet text/plain	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/assets/css/style.css Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers ddg-cache-status MISS strict-transport-security max-age=2628000 cache-control no-cache max-age 0 age 0 date Tue, 15 Feb 2022 14:33:45 GMT server ddos-guard
GET H2	404	stylesheet.css discord-steamcommunity.com/assets/Fonts/	0 0	69ms 66ms	Stylesheet text/plain	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/assets/Fonts/stylesheet.css Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers ddg-cache-status MISS strict-transport-security max-age=2628000 cache-control no-cache max-age 0 age 0 date Tue, 15 Feb 2022 14:33:45 GMT server ddos-guard
GET H2	200	script.js Show response discord-steamcommunity.com/js/	13 KB 5 KB	78ms 75ms	Script application/javascript	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/js/script.js Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash c46c2d7833b6753461d1c5883c450a965892ea9aa1574eb45bb373195f080fd6 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=2628000 content-encoding br last-modified Mon, 14 Feb 2022 00:21:11 GMT server ddos-guard age 0 max-age 0 etag W/"af4-17ef59ad14a" vary Accept-Encoding content-type application/javascript; charset=UTF-8 ddg-cache-status MISS cache-control no-cache date Tue, 15 Feb 2022 14:33:45 GMT accept-ranges bytes
GET H2	200	Primary Request nitro Show response discord-steamcommunity.com/	33 KB 14 KB	79ms 76ms	Document text/html	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/nitro Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/js/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash 529433a36632579b4cc6032a3e0327324ade2b1e01feab11f54350cf4b2129c9 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro Response headers server ddos-guard strict-transport-security max-age=2628000 date Tue, 15 Feb 2022 14:33:45 GMT content-type text/html max-age 0 cache-control no-cache content-encoding br vary Accept-Encoding
GET H2	200	c5c176c6161926e3f97fd3015265e4ad.js Show response discord-steamcommunity.com/js/	12 KB 5 KB	76ms 75ms	Script application/javascript	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/js/c5c176c6161926e3f97fd3015265e4ad.js Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash f86f7aefc8769146f670ef6a84087c07d415200260844bcdd57188034de0865f Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=2628000 content-encoding br last-modified Sun, 13 Feb 2022 00:02:59 GMT server ddos-guard age 0 max-age 0 etag W/"713-17ef063cb49" vary Accept-Encoding content-type application/javascript; charset=UTF-8 ddg-cache-status MISS cache-control no-cache date Tue, 15 Feb 2022 14:33:45 GMT accept-ranges bytes
GET H2	200	40631889d4a04e1311d4d8ae8067e7fe.js Show response discord-steamcommunity.com/js/	22 KB 8 KB	125ms 123ms	Script application/javascript	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/js/40631889d4a04e1311d4d8ae8067e7fe.js Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash 74771323efa691deeb337d5df443e41146c22d419d757ad3e7bf98038e33f220 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=2628000 content-encoding br last-modified Tue, 11 Jan 2022 12:44:57 GMT server ddos-guard age 0 max-age 0 etag W/"c6d-17e492b8c5f" vary Accept-Encoding content-type application/javascript; charset=UTF-8 ddg-cache-status MISS cache-control no-cache date Tue, 15 Feb 2022 14:33:45 GMT accept-ranges bytes
GET H2	200	css2 fonts.googleapis.com/	3 KB 633 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 15 Feb 2022 13:35:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 15 Feb 2022 14:33:45 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 15 Feb 2022 14:33:45 GMT
GET H2	404	style.css discord-steamcommunity.com/assets/css/	0 0	73ms 72ms	Stylesheet text/plain	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/assets/css/style.css Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers ddg-cache-status MISS strict-transport-security max-age=2628000 cache-control no-cache max-age 0 age 0 date Tue, 15 Feb 2022 14:33:45 GMT server ddos-guard
GET H2	404	stylesheet.css discord-steamcommunity.com/assets/Fonts/	0 0	69ms 68ms	Stylesheet text/plain	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/assets/Fonts/stylesheet.css Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers ddg-cache-status MISS strict-transport-security max-age=2628000 cache-control no-cache max-age 0 age 0 date Tue, 15 Feb 2022 14:33:45 GMT server ddos-guard
GET H2	200	nitro.png cdn.discordapp.com/attachments/454013565381115916/938124584446754846/	7 KB 7 KB	104ms 60ms	Image image/png	162.159.133.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.discordapp.com/attachments/454013565381115916/938124584446754846/nitro.png Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c89c4f3023d02b04197a30ca20f42ca7eb2634e1432ffff7b9d641a1f71a066 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-goog-hash crc32c=/XhSjA==, md5=IDprX7M+AJp7Go7eK5lVUg== date Tue, 15 Feb 2022 14:33:45 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 76488 x-guploader-uploadid ADPycdsbEaP2dOjpQJQk0AvbfhkLfaxm3bjFKoLVC-YmMNk5O8Tc01uHZ7nhLytVa6QiEF3WzSwC8Ql5WlXM08edHOs x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7036 last-modified Tue, 01 Feb 2022 17:32:10 GMT server cloudflare cache-control public, max-age=31536000 etag "203a6b5fb33e009a7b1a8ede2b995552" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qeRNv1v3lrxp6iMG563TGeq3HY7u9zAV%2B6ZLSHD0gHjVbfSdWp%2BmDlN0Xo%2Bwuth6hI1yc2BS5Xin0PhsFbWLNP4Bki96rZ53MeuZj2ii3nRe8srCoghyAF46Oi4UewUjY55WA%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1643736730487431 content-type image/png x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp x-goog-stored-content-length 7036 accept-ranges bytes cf-ray 6ddf40cbde5b9277-FRA expires Wed, 15 Feb 2023 14:33:45 GMT
GET H2	200	uAr4JkN.png cdn.discordapp.com/attachments/454013565381115916/938891882442936400/	4 KB 5 KB	35ms 35ms	Image image/png	162.159.133.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.discordapp.com/attachments/454013565381115916/938891882442936400/uAr4JkN.png Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b9ddc2eb8cb73ef520f3dceb8a892558791c5d3d276252f4577895b08079fb19 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-goog-hash crc32c=I9mMLw==, md5=UPD/brZdvzxK0V0sBsH/jQ== date Tue, 15 Feb 2022 14:33:45 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 76488 x-guploader-uploadid ADPycduPqGbGuYt9DSYcrHat63TYhcKL7LKIxfBcUDCglMJUU4qxR8VEtVIPQ3srp1JYmMx1lV_D00PtdeqH9UY0hXM x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3805 last-modified Thu, 03 Feb 2022 20:21:08 GMT server cloudflare cache-control public, max-age=31536000 etag "50f0ff6eb65dbf3c4ad15d2c06c1ff8d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPvhVkCXrMe4dhJs%2FX%2FU9GRTnsN0FYA7CPRlz8ZDpjDUEjxEKWzv6m99U6nVYH6VaogZXZcchHdbKJVYaF4%2FbD5zPPSuZ1uXF8lMnAo9YTb9yYFcW4ipCxxzLnonz8P%2FHFY0jw%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1643919668572403 content-type image/png x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp x-goog-stored-content-length 3805 accept-ranges bytes cf-ray 6ddf40cbde5f9277-FRA expires Wed, 15 Feb 2023 14:33:45 GMT
GET H2	200	fbb865e2f908f5750cdbaa29e774e49b.js Show response discord-steamcommunity.com/js/	96 KB 38 KB	80ms 80ms	Script application/javascript	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/js/fbb865e2f908f5750cdbaa29e774e49b.js Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/js/c5c176c6161926e3f97fd3015265e4ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash e18119e1a8df4d79694184b755ffc0764416a35e407b2358c277a876e2d1cac3 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=2628000 content-encoding br last-modified Sun, 13 Feb 2022 17:18:29 GMT server ddos-guard age 0 max-age 0 etag W/"5947-17ef417d52e" vary Accept-Encoding content-type application/javascript; charset=UTF-8 ddg-cache-status MISS cache-control no-cache date Tue, 15 Feb 2022 14:33:45 GMT accept-ranges bytes
GET H2	404	style.css discord-steamcommunity.com/assets/css/	0 0	70ms 69ms	Stylesheet text/plain	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/assets/css/style.css Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers ddg-cache-status MISS strict-transport-security max-age=2628000 cache-control no-cache max-age 0 age 0 date Tue, 15 Feb 2022 14:33:45 GMT server ddos-guard
GET H2	404	stylesheet.css discord-steamcommunity.com/assets/Fonts/	0 0	72ms 71ms	Stylesheet text/plain	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/assets/Fonts/stylesheet.css Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers ddg-cache-status MISS strict-transport-security max-age=2628000 cache-control no-cache max-age 0 age 0 date Tue, 15 Feb 2022 14:33:45 GMT server ddos-guard
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 40a930c0b3bf8b7b2999ea877af7a3459b22745c65c47319b453df5a44ada1bf Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Content-Type image/png
GET H2	200	5d8836660e95b5308313e2232f479c4e.js Show response discord-steamcommunity.com/js/	6 KB 3 KB	75ms 75ms	Script application/javascript	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/js/5d8836660e95b5308313e2232f479c4e.js Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/js/c5c176c6161926e3f97fd3015265e4ad.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash cb0a3fb631614327155f4198ce512993594d089c683eb31538a67121d71a1677 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=2628000 content-encoding br last-modified Fri, 24 Dec 2021 03:04:01 GMT server ddos-guard age 0 max-age 0 etag W/"1cc-17dea653534" vary Accept-Encoding content-type application/javascript; charset=UTF-8 ddg-cache-status MISS cache-control no-cache date Tue, 15 Feb 2022 14:33:45 GMT accept-ranges bytes
GET H3	200	lV1aCNy.png cdn.discordapp.com/attachments/454013565381115916/939138390253785168/	1 MB 1 MB	55ms 44ms	Image image/png	162.159.133.233 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.discordapp.com/attachments/454013565381115916/939138390253785168/lV1aCNy.png Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/nitro Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f46465eb9ee694b271bce81321fe63afa576b48eedb3e573115c866a0fd6c51c Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers x-goog-hash crc32c=t2aRiA==, md5=hwtCBGryGksYh076N4vgZA== date Tue, 15 Feb 2022 14:33:45 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 76792 x-guploader-uploadid ADPycds_UFD2bP3KssA0ILYqxdAloDaJGfrvs7fgYEQokt2kbxpceyK9nrO3fFXLEos9ZoUHV4HlTqxR6oIKItcHziMoUP6cOw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1066144 last-modified Fri, 04 Feb 2022 12:40:40 GMT server cloudflare cache-control public, max-age=31536000 etag "870b42046af21a4b18874efa378be064" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNFar7Bi5UcZBJ9qP0vFzlw4fP9Pi8aQXV6qQdQHxny89z97buONQVxjOitwGam2iE3vVPhUxn35BLl3NKKXPLOz6YY5rLFcuWPXXIi9pBiYKuzVj4AwK9GfWPAeigY39dCMnQ%3D%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1643978440648007 content-type image/png x-robots-tag noindex, nofollow, noarchive, nocache, noimageindex, noodp x-goog-stored-content-length 1066144 accept-ranges bytes cf-ray 6ddf40cc8edc904e-FRA expires Wed, 15 Feb 2023 14:33:45 GMT
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v23/	30 KB 31 KB	29ms 8ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://discord-steamcommunity.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers date Tue, 15 Feb 2022 11:55:47 GMT x-content-type-options nosniff age 9478 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30876 x-xss-protection 0 last-modified Thu, 03 Feb 2022 00:11:59 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 15 Feb 2023 11:55:47 GMT
GET H2	200	login Show response discord-steamcommunity.com/	40 KB 10 KB	111ms 111ms	Fetch text/html	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/login Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/js/5d8836660e95b5308313e2232f479c4e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash 85137d9dbf674979b39a8d2771332259bc35df8b1670c83b649faee1d64800dc Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://discord-steamcommunity.com/nitro User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers strict-transport-security max-age=2628000 content-encoding br server ddos-guard max-age 0 etag W/"a1dd-Ye1UYqV48Q4hEd7jnttl/ZiAGKE" vary Accept-Encoding content-type text/html; charset=utf-8 cache-control no-cache date Tue, 15 Feb 2022 14:33:45 GMT
POST H2	200	nitro Show response discord-steamcommunity.com/	16 B 517 B	69ms 68ms	Fetch application/json	190.115.18.199 DDOS-GUARD CORP.
General Check archive.org Show headers Download Go to Full URL https://discord-steamcommunity.com/nitro Requested by Host: discord-steamcommunity.com URL: https://discord-steamcommunity.com/js/40631889d4a04e1311d4d8ae8067e7fe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 190.115.18.199 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ), Reverse DNS srv.bonniepays.com Software ddos-guard / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers Referer https://discord-steamcommunity.com/nitro Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=2628000 content-encoding gzip server ddos-guard max-age 0 etag W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA" vary Accept-Encoding content-type application/json; charset=utf-8 cache-control no-cache date Tue, 15 Feb 2022 14:33:45 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone function| _0x2f7a69 function| _0x1e059b function| _0x498f function| addTriggers function| _0x3425 function| makeAuthOnClick function| _0x19abe9 object| triggers function| _0x5a61 function| _0x10d6 object| dt string| sp number| _DT string| _DR number| t function| _loaded function| _preTry function| _0x47c7 function| _0xe186 string| winHtml function| tryLoadBlob function| _0x1927 function| _0x2969 boolean| authOpened undefined| ai function| closeAuth function| openAuth

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.discord-steamcommunity.com/	1970-01-20 09:41:11	Name: __ddg1 Value: wST5VFIOPahC20z2FYa4
			discord-steamcommunity.com/	1969-12-31 23:59:59	Name: ln Value: german
			discord-steamcommunity.com/	1970-01-20 00:57:02	Name: cookies Value: true
			discord-steamcommunity.com/	1969-12-31 23:59:59	Name: session Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsaW5raWQiOjM1NDkyLCJkb21haW5QYXRoIjoibml0cm8iLCJyZWYiOjIwOTUsImJvdERhdGEiOiI2Mi4xMDkuMzAuMTk1OjIwMDAyIiwicmFuZCI6IjA1MGUwYjZiNDQ0YTk2MGYyNzI3OGYwNjUwOTcyMGIxIiwiaWF0IjoxNjQ0OTM1NjI1LCJhdXRoR2lmdCI6eyJpbWFnZSI6IiIsInRpdGxlIjoiIiwic2VuZGVyIjoiIn0sImF1dGhUeXBlIjowLCJyZWRpcmVjdFR5cGUiOjEsInJlZGlyZWN0TGluayI6Imh0dHBzOi8vc3RvcmUuc3RlYW1wb3dlcmVkLmNvbS8iLCJ2aWV3Ijp0cnVlfQ.dv8O-nwa-5dZ9nhFebND0IlWcjZZ0C342h-H2u4BnTI

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://discord-steamcommunity.com/assets/Fonts/stylesheet.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://discord-steamcommunity.com/assets/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://discord-steamcommunity.com/assets/Fonts/stylesheet.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://discord-steamcommunity.com/assets/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://discord-steamcommunity.com/assets/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://discord-steamcommunity.com/assets/Fonts/stylesheet.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2628000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.discordapp.com
discord-steamcommunity.com
fonts.googleapis.com
fonts.gstatic.com
162.159.133.233
190.115.18.199
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200a
40a930c0b3bf8b7b2999ea877af7a3459b22745c65c47319b453df5a44ada1bf
529433a36632579b4cc6032a3e0327324ade2b1e01feab11f54350cf4b2129c9
74771323efa691deeb337d5df443e41146c22d419d757ad3e7bf98038e33f220
85137d9dbf674979b39a8d2771332259bc35df8b1670c83b649faee1d64800dc
8c89c4f3023d02b04197a30ca20f42ca7eb2634e1432ffff7b9d641a1f71a066
b9ddc2eb8cb73ef520f3dceb8a892558791c5d3d276252f4577895b08079fb19
c46c2d7833b6753461d1c5883c450a965892ea9aa1574eb45bb373195f080fd6
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb0a3fb631614327155f4198ce512993594d089c683eb31538a67121d71a1677
e18119e1a8df4d79694184b755ffc0764416a35e407b2358c277a876e2d1cac3
e1e22835fae880946b8931a8261a7b19a3e78c261b936376e0cb9a8a62e05854
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
f46465eb9ee694b271bce81321fe63afa576b48eedb3e573115c866a0fd6c51c
f86f7aefc8769146f670ef6a84087c07d415200260844bcdd57188034de0865f