bot.drevs.co Open in urlscan Pro
178.154.195.42  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 8 Show response bot.drevs.co/	13 KB 13 KB	320ms 161ms	Document text/html	178.154.195.42 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://bot.drevs.co/8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.154.195.42 , Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software openresty/1.19.9.1 / Resource Hash 4f9f238f28f32d9e3744915635692f7439c5e06492ac70cc2026753fa061ddbe Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Tue, 12 Mar 2024 12:09:15 GMT Server openresty/1.19.9.1 Transfer-Encoding chunked
GET H2	200	index.css static0.bothelp.io/web/css/landing/mini/	137 KB 22 KB	427ms 367ms	Stylesheet text/css	2606:4700:3030::6815:50fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static0.bothelp.io/web/css/landing/mini/index.css?v=1709129079 Requested by Host: bot.drevs.co URL: https://bot.drevs.co/8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:50fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab77246654dcb65ad47d151ac2ae55dc9bce770628442c7aea704f8000df33d7 Request headers accept-language de-DE,de;q=0.9 Referer https://bot.drevs.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 12:09:16 GMT content-encoding br cf-cache-status BYPASS last-modified Wed, 28 Feb 2024 14:04:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df3d77-2233e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciE2ObcbLdBCz%2FyMGztCyp7sYy5r8fDSxzEctRPqWXToGmif%2BJun7n67elc0qwmdTh4mD0t6ty7Ka2vYxzMT5jNuSDE1xkB5fasVxmdGG%2BtpjW%2BzsbkP%2F%2BetCo%2Fm54%2FKmMf57BVpY%2Bi%2F9Hv2%2Bhv4A48%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control private, max-age=0, must-revalidate cf-ray 8633aca2dfef65ad-FRA alt-svc h3=":443"; ma=86400
GET H2	200	index.js Show response static0.bothelp.io/web/js/landing/mini/	217 KB 64 KB	484ms 424ms	Script application/javascript	2606:4700:3030::6815:50fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static0.bothelp.io/web/js/landing/mini/index.js?v=1709129079 Requested by Host: bot.drevs.co URL: https://bot.drevs.co/8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:50fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6e9c756b2bde5ed510d257a364e896e626cdbdf9d0c484d14b1a261e1bc6c2a Request headers accept-language de-DE,de;q=0.9 Referer https://bot.drevs.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 12:09:16 GMT content-encoding br cf-cache-status BYPASS last-modified Wed, 28 Feb 2024 14:04:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65df3d77-36507" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86fxyZQRP4JUyLbsXp0icclh0CSeKt3LlnQ6PmJ927ihhiwWsG7D%2FZj8YSwJJm%2FFxw%2FM1g5Wiufe7J6NEtDi0wf%2FJI32JZhGfOdERekf4y6Xt2KC%2B14z%2B9NRs0BcLKDCuIo41%2Bxp39i0d4Vo%2FKHDSpA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control private, max-age=0, must-revalidate cf-ray 8633aca2dff165ad-FRA alt-svc h3=":443"; ma=86400
GET H2	200	1280x400.png storage2.bothelp.io/drevs/e8/e8d1/e8d12392acae6a614460ff0e837d52a7/	649 KB 650 KB	99ms 37ms	Image image/png	2606:4700:3033::ac43:8856 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://storage2.bothelp.io/drevs/e8/e8d1/e8d12392acae6a614460ff0e837d52a7/1280x400.png Requested by Host: bot.drevs.co URL: https://bot.drevs.co/8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:8856 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92d78558168134ea5b92fb0a039af32e63c2c09ca509433d0377603018e79ff2 Request headers accept-language de-DE,de;q=0.9 Referer https://bot.drevs.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 12:09:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 4b746892afe77f24 age 247 alt-svc h3=":443"; ma=86400 content-length 664744 last-modified Tue, 12 Mar 2024 03:29:07 GMT server cloudflare etag "e8d12392acae6a614460ff0e837d52a7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btcwGFA0I%2Ba4EI4Zh%2F%2BB5kWO4M5gQw2BQUJmQzxShAlqt6eZF5fVWxes6t3jSqI%2FaLOYpEGgpmm3cYmVKLDl4zydbmA4bzDR1hy%2FHJqXZavCi9ujj0sr8paoaK%2Fx%2FjPqGt03k02U7BaCGb4trTy44Uzw"}],"group":"cf-nel","max_age":604800} content-type image/png; charset=binary cache-control max-age=14400 accept-ranges bytes cf-ray 8633aca2dd94195e-FRA
GET H2	200	emojisprite_4.png static0.bothelp.io/img/	531 KB 532 KB	34ms 32ms	Image image/png	2606:4700:3030::6815:50fa CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static0.bothelp.io/img/emojisprite_4.png Requested by Host: static0.bothelp.io URL: https://static0.bothelp.io/web/css/landing/mini/index.css?v=1709129079 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:50fa , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c884b701ca540913c231779c43be90186c2b8cbc683c8932bea5491e3de43387 Request headers accept-language de-DE,de;q=0.9 Referer https://static0.bothelp.io/web/css/landing/mini/index.css?v=1709129079 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Tue, 12 Mar 2024 12:09:16 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8935011 alt-svc h3=":443"; ma=86400 content-length 544234 last-modified Wed, 29 Nov 2023 19:28:58 GMT server cloudflare etag "656790fa-84dea" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR6iXgpCnu0CPEmCCPi5V8B0hG1XvyNWzLmDXEUzBML9Ge2REeDqoK%2BCeoIug3u6Kj494wz%2FDLdQ%2FUZdGHdtfSzC1xysa7vZsTabPOpZ4uMrBJ0D7IGAW8A796qpdRbTCrRRJzCCCB2PKR2PkKXAFNw%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=315360000 accept-ranges bytes cf-ray 8633aca5dc8e65ad-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
POST H/1.1	200 OK	view-event Show response bot.drevs.co/mini/	0 181 B	103ms 102ms	XHR text/html	178.154.195.42 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://bot.drevs.co/mini/view-event Requested by Host: static0.bothelp.io URL: https://static0.bothelp.io/web/js/landing/mini/index.js?v=1709129079 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.154.195.42 , Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software openresty/1.19.9.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://bot.drevs.co/8 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Tue, 12 Mar 2024 12:09:16 GMT Server openresty/1.19.9.1 Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| URI object| html4 object| html function| html_sanitize function| __extends object| Domain object| Emoji object| WhatsHelp function| BaseSubHeader function| resizeYoutubeIframe function| HttpClient function| sendLandingView function| FbPixel function| VkPixel function| TopMail function| YAMetrika function| GoogleAnalytics function| MetriksManager function| Subheader function| MiniLandingSubmitHandler function| $ function| jQuery object| pageOptions object| subheader

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bot.drevs.co
static0.bothelp.io
storage2.bothelp.io
178.154.195.42
2606:4700:3030::6815:50fa
2606:4700:3033::ac43:8856
4f9f238f28f32d9e3744915635692f7439c5e06492ac70cc2026753fa061ddbe
92d78558168134ea5b92fb0a039af32e63c2c09ca509433d0377603018e79ff2
ab77246654dcb65ad47d151ac2ae55dc9bce770628442c7aea704f8000df33d7
c884b701ca540913c231779c43be90186c2b8cbc683c8932bea5491e3de43387
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6e9c756b2bde5ed510d257a364e896e626cdbdf9d0c484d14b1a261e1bc6c2a