deaddestroyers.xyz Open in urlscan Pro
172.67.209.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://deaddestroyers.xyz/
Effective URL:
https://deaddestroyers.xyz/
Submission: On May 09 via api (May 9th 2024, 2:58:57 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 172.67.209.58, located in United States and belongs to CLOUDFLARENET, US. The main domain is deaddestroyers.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 30th 2024. Valid for: 3 months.

This is the only time deaddestroyers.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	172.67.209.58 172.67.209.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4b50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
15	5

4 172.67.209.58 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

deaddestroyers.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b50 (United States)

ASN13335 (CLOUDFLARENET, US)

r2.guns.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	209 KB
4	deaddestroyers.xyz 1 redirects deaddestroyers.xyz	8 KB
1	guns.lol r2.guns.lol
0	discord.com Failed discord.com — Cisco Umbrella Rank: 2274 Failed
15	4

	Domain	Requested by
7	pagead2.googlesyndication.com	deaddestroyers.xyz pagead2.googlesyndication.com
4	deaddestroyers.xyz	1 redirects deaddestroyers.xyz
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	r2.guns.lol	deaddestroyers.xyz
0	discord.com Failed
15	5

This site contains no links.

Subject Issuer	Validity	Valid
deaddestroyers.xyz GTS CA 1P5	`2024-03-30` - `2024-06-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
r2.guns.lol Cloudflare Inc ECC CA-3	`2023-10-08` - `2024-10-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://deaddestroyers.xyz/
Frame ID: BDABE6A13112DDA5787145B04D7E751A
Requests: 10 HTTP requests in this frame

Frame: https://deaddestroyers.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
Frame ID: CBCBEAE56F2B21E2E187D84911738CFF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240507/r20110914/zrt_lookup_fy2021.html
Frame ID: 13A4FCE11040E6BD444F3D4BDB1E32FC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3444835140273804&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715266734&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdeaddestroyers.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715266733889&bpp=1&bdt=222&idt=264&shv=r20240507&mjsv=m202405070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2312184285955&frm=20&pv=2&ga_vid=1003307313.1715266734&ga_sid=1715266734&ga_hid=1602387082&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95331982%2C31083490%2C95331043%2C95332403&oid=2&pvsid=875464857750667&tmod=541180984&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=274
Frame ID: F3BDA333E0B32F21EB4C10BB739CA437
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F0E9FD7774E41DE999B194826A0811B7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DeadDestroyers

Page URL History Show full URLs

http://deaddestroyers.xyz/ HTTP 307
https://deaddestroyers.xyz/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

15
Requests

80 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

216 kB
Transfer

716 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://deaddestroyers.xyz/ HTTP 307
https://deaddestroyers.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://deaddestroyers.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://deaddestroyers.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

Request Chain 10

https://deaddestroyers.xyz/favicon.ico HTTP 302
https://discord.com/api/oauth2/authorize?client_id=1159255525175853127&redirect_uri=https://www.deaddestroyers.xyz/login&response_type=code&scope=identify%20guilds.join HTTP 302
https://discord.com/oauth2/authorize?client_id=1159255525175853127&redirect_uri=https://www.deaddestroyers.xyz/login&response_type=code&scope=identify%20guilds.join

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
deaddestroyers.xyz/
Redirect Chain

http://deaddestroyers.xyz/
https://deaddestroyers.xyz/

6 KB
3 KB

322ms
235ms

Document
text/html

172.67.209.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://deaddestroyers.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.209.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38568c816c0761aa2efe1e866e1585e4c813832b1cb393f8610368e9612e7a81

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88128cdc0d6f9b25-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 14:58:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7tdyF56yemYVpK7T8QpUe31rYA3PVUhypRYNxn%2Fsote6Dsxtstu7t4SvvzFw%2F4aYfaDXKxI0EbSYxsR7LT2knMa3%2FB40JPPwdQWChHzivDzQRVDtezwDniNZ7mij4JmvMzZGNo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://deaddestroyers.xyz/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 163ms
83ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3444835140273804

Requested by

Host: deaddestroyers.xyz
URL: https://deaddestroyers.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

a478fb491152987aef03be5cd19f1d510daaa5c3b604c37f93a8e714db3cea51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://deaddestroyers.xyz/
Origin: https://deaddestroyers.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 14:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51711
x-xss-protection: 0
server: cafe
etag: 7681832711155016116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 09 May 2024 14:58:53 GMT

GET
H2 206 4d974b3f-8c57-4b24-b77a-1f68acfd42de.mp3
r2.guns.lol/ 108 KB
0 353ms
207ms Media
audio/mpeg 2606:4700:20::ac43:4b50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://r2.guns.lol/4d974b3f-8c57-4b24-b77a-1f68acfd42de.mp3

Requested by

Host: deaddestroyers.xyz
URL: https://deaddestroyers.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://deaddestroyers.xyz/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 14:58:54 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-2976811/2976812
alt-svc: h3=":443"; ma=86400
Content-Length: 2976812
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 28 Mar 2024 03:56:27 GMT
server: cloudflare
etag: "dc1a35d4f128e2d32e3d66807f905ed7-1"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTgNygywJtK51SKegacEIyxke3M7X7Qlp%2BrJ3CT%2B6QAy5rInRtvWVC9MkDRJkDFr5ayA1Hbx3dfjSJ%2BVGmZ2KtNGXwBAjRaSzzYVBcJmRbb0UB4gDCyPni1Sc1uIDITKWO%2FFgw%2B%2Ba07r"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
x-frame-options: SAMEORIGIN
cache-control: max-age=14400
cf-ray: 88128cde9ade365a-FRA

GET
H3

200

main.js Show response
deaddestroyers.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/ Frame CBCB
Redirect Chain

https://deaddestroyers.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://deaddestroyers.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

8 KB
4 KB

49ms
49ms

Script
application/javascript

172.67.209.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://deaddestroyers.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

Requested by

Host: deaddestroyers.xyz
URL: https://deaddestroyers.xyz/

Protocol

Server

172.67.209.58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587820c48f8898d3e676dd2b74c9b5de54a736ec577f6edefc562e1509763907

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 09 May 2024 14:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfTqQjba%2Fk7O2twS3NpOM8y%2FdhLytB57gv2TR3xmw88%2FBDkv5%2B7b8E1M6r4yoJasHefztlx6Ta2XRdBa%2FIx5wB0o2MasT1Tca1ld8x9ZpWX7t9LeRe5%2BykYJ37Lq8%2FFF%2FoLG%2F%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 88128cddff539b25-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 09 May 2024 14:58:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DLOsWwEaLnZ595T0vhaxMMAneWOdnhdPZHhZXGmPif%2Behrbly1aCC24XUi9RxEM74Kpx3cxbY44lZWVq7y7CVBHbx%2BfIV7u%2FKNOi%2BBFECPE50%2BJqMYDvnkohhbCTscPqgqTsFq0%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 88128cddaf0b9b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 88128cdc0d6f9b25 Show response
deaddestroyers.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame CBCB 0
604 B 63ms
61ms XHR
text/plain 172.67.209.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://deaddestroyers.xyz/cdn-cgi/challenge-platform/h/g/jsd/r/88128cdc0d6f9b25
Requested by: Host: deaddestroyers.xyz
URL: https://deaddestroyers.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.209.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 May 2024 14:58:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNVYMKetAOFEt46i%2FuTdXfHFTBRI2T%2BBiN06je8SmOg3jPdT564V84sJ63%2Fda%2FD%2Fvb%2F6HmcvGcAr3hN4gr53ovHW3OYjymMbG2S3r89XuP5QcLwWUGfjmRkufuQ3NpVfuzbaOtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 88128cde9fdb9b25-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/ 412 KB
139 KB 169ms
94ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3444835140273804&plah=deaddestroyers.xyz&aplac=true&bust=31083490

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3444835140273804

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

79d9b56d1b53cc858027f9ec15e6b919a037c015d5b36cfcd631723c532bac00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://deaddestroyers.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 14:58:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142544
x-xss-protection: 0
server: cafe
etag: 17391051869640734788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 May 2024 14:58:53 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240507/r20110914/ Frame 13A4 0
0 119ms
40ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240507/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3444835140273804&plah=deaddestroyers.xyz&aplac=true&bust=31083490

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://deaddestroyers.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 40766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 May 2024 03:39:28 GMT
etag: 5035419970550746386
expires: Thu, 23 May 2024 03:39:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame F3BD 0
0 243ms
170ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3444835140273804&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1715266734&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdeaddestroyers.xyz%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMTE4IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4xMTgiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjExOCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1715266733889&bpp=1&bdt=222&idt=264&shv=r20240507&mjsv=m202405070101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=2312184285955&frm=20&pv=2&ga_vid=1003307313.1715266734&ga_sid=1715266734&ga_hid=1602387082&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95331982%2C31083490%2C95331043%2C95332403&oid=2&pvsid=875464857750667&tmod=541180984&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=274

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://deaddestroyers.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 May 2024 14:58:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
69ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=overlay&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: deaddestroyers.xyz
URL: https://deaddestroyers.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://deaddestroyers.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 14:58:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=overlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: deaddestroyers.xyz
URL: https://deaddestroyers.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://deaddestroyers.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 14:58:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 84ms
84ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240507&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

aac170de6d0e22a82053909f403ce8f1f2101ea21b9639a2d1de25c308991884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://deaddestroyers.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 14:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12385
x-xss-protection: 0

GET

authorize
discord.com/oauth2/
Redirect Chain

https://deaddestroyers.xyz/favicon.ico
https://discord.com/api/oauth2/authorize?client_id=1159255525175853127&redirect_uri=https://www.deaddestroyers.xyz/login&response_type=code&scope=identify%20guilds.join
https://discord.com/oauth2/authorize?client_id=1159255525175853127&redirect_uri=https://www.deaddestroyers.xyz/login&response_type=code&scope=identify%20guilds.join

0
0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 468ms
75ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://deaddestroyers.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 14:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 May 2024 14:58:54 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F0E9 0
0 121ms
39ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://deaddestroyers.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 7353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 May 2024 12:56:22 GMT
expires: Fri, 09 May 2025 12:56:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: discord.com
URL: https://discord.com/oauth2/authorize?client_id=1159255525175853127&redirect_uri=https://www.deaddestroyers.xyz/login&response_type=code&scope=identify%20guilds.join

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240507&jk=875464857750667&bg=!0tGl0Z7NAAZxHNKdURw7ADQBe5WfOMYTu39YEi06-O-CK5082dUohYO3oQnIMDjhAu4MQMilUpW2hnd_zWbt86QI46bMAgAAACNSAAAAAmgBB34ANcxfYzXYvodPAIyehoc3hcF7GGIsI65nYjD3xOnrD7jKk3CIYwmhYze6EvabZR2CJm_Z5KPNmQKok0JPeLsXIl7cgCspOG4AboDQmB8fPCz634zmYgFuqqe9beip0nfaCN1V-J-7_ClsFQaOK6sEL6Uao2OalvxAzcfmHeYAST-hSCG1uuW-PVpKfMXD9NHHlKNv4OnC5EGg6juq2UzdK8zpAnEJCO5HxkfWM9bARe4carz7KfCz8IKsbW4gZGQ_gz7AFFNzCcA4XZdiSfXFRKImtL_EWXtceOFYnN50baPzrkD8JLTAlO9kwr0y31n6H51e0Y7rlgSGrHxg2kvwcjtlKhGjlKRaewkR-VYiRDyKMFKJzhuNsDeWZ5rnJvfvGT-UypNNrne2YqivLjV-K0x4Tna5LJjRyL59XtjcKf-f5HzRyNrVMVjJ8mUGxUt2fArHVWm4k7utsTMgqKx_q8TE2jqSOhA-tP-d6wnLoklI6jhQ51-zStdvzppL0UUwp05V5uTzUWNPvgSTwDwnBBFa5jk4I8DTerrSRLn5xf1YtrRqhXo-Tp0x1NMVmpYG8QRT0XHcYJ4LVPFwvGy_kMb9M8gHFXy0TWrvvUVarzmDunXL-rKvq2O9ef1HZ5FSjDZ1SBB-VAOqhOcLwaFMQ4L4jWstFaXbKBUxii65NVaRXzRfMcVOEfx9QGb6_ssoVcuR6leqASrtuDHZ78Nhctn1PwpO6riPYe63JEQO4045016kjXuh_6vEETxQh9rYDRCK6lfKcI5Xu9PZE_2tqz5BwJFPwgXRWfy1cnE8tSEzcy1oP0fh8H4JgP11-7np0FTH_OEFr6eUptjQGgcTa1QOGPgK85Bfjqq68qWCHM1UX0hvWaba9ZxIw4rWxqI8oAC0MvhIn_EFdARRr2brPdYFWo8Db42P_H-IjHQkZZsvy5jpP3sn7VO4_8j6z_eSakSPGE1Z-xxj98B80HVitNc

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.deaddestroyers.xyz/	1970-01-21 05:13:22	Name: cf_clearance Value: lv4rdMTgU23Qd9cOfEQ8FYBGRw54qR17UJpaIqth0Pw-1715266733-1.0.1.1-QioR4dDXFb8PcDfj3gHbmUgoEaTQlx6nvV4cgNCFRW0.oYyH78reah0jYvJxGZpEHE_fmTEkQUCZMGrvXEMhqg
.discord.com/	1969-12-31 23:59:59	Name: __cfruid Value: fdb3c17d7ddbcb0ff0b9404cdaca9d6c239c2186-1715266735
.discord.com/	1969-12-31 23:59:59	Name: _cfuvid Value: xR5iNjsEKnHHx9.sDdscmMiVL7MtFaeTOCvMkB4F6Xo-1715266735058-0.0.1.1-604800000

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://deaddestroyers.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deaddestroyers.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deaddestroyers.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://deaddestroyers.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

deaddestroyers.xyz
discord.com
pagead2.googlesyndication.com
r2.guns.lol
tpc.googlesyndication.com
discord.com
pagead2.googlesyndication.com
172.67.209.58
216.58.212.162
2606:4700:20::ac43:4b50
2a00:1450:4001:830::2001
38568c816c0761aa2efe1e866e1585e4c813832b1cb393f8610368e9612e7a81
587820c48f8898d3e676dd2b74c9b5de54a736ec577f6edefc562e1509763907
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
79d9b56d1b53cc858027f9ec15e6b919a037c015d5b36cfcd631723c532bac00
a478fb491152987aef03be5cd19f1d510daaa5c3b604c37f93a8e714db3cea51
aac170de6d0e22a82053909f403ce8f1f2101ea21b9639a2d1de25c308991884
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

deaddestroyers.xyz Open in urlscan Pro 172.67.209.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

80 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

5 IPs

3 Countries

216 kBTransfer

716 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

3 Cookies

4 Console Messages

Indicators

deaddestroyers.xyz Open in urlscan Pro
172.67.209.58 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

216 kB
Transfer

716 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions