urlscan.io logo urlscan.io
SecurityTrails logo

lookup.guild-shield.xyz Open in urlscan Pro
2606:4700:3037::6815:3614  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3N...
Submission Tags: @phish_report
Submission: On April 05 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::6815:3614, located in United States and belongs to CLOUDFLARENET, US. The main domain is lookup.guild-shield.xyz.
TLS certificate: Issued by GTS CA 1P5 on April 4th 2024. Valid for: 3 months.
This is the only time lookup.guild-shield.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discord (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 13 172.67.222.131 13335 (CLOUDFLAR...)
1 104.18.125.91 13335 (CLOUDFLAR...)
2 104.18.124.91 13335 (CLOUDFLAR...)
16 4
Apex Domain
Subdomains		 Transfer
14 guild-shield.xyz
lookup.guild-shield.xyz
751 KB
3 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 5426
newassets.hcaptcha.com — Cisco Umbrella Rank: 7014
107 KB
16 2
Domain Requested by
14 lookup.guild-shield.xyz 1 redirects lookup.guild-shield.xyz
2 newassets.hcaptcha.com hcaptcha.com
1 hcaptcha.com lookup.guild-shield.xyz
16 3

This site contains no links.

Subject Issuer Validity Valid
guild-shield.xyz
GTS CA 1P5		 2024-04-04 -
2024-07-03		 3 months crt.sh
hcaptcha.com
E1		 2024-03-15 -
2024-06-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Frame ID: 0F635FDDD04E8FF8F3B813C86F319A39
Requests: 12 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Frame ID: BF1289C959CBF4D8EEDA83D6EF8D7F3A
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Frame ID: 3191634412F8FB2943E52D48F655BD2C
Requests: 1 HTTP requests in this frame

Frame: https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 9718C5D4056ECFCBD1ADA4FA246941CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Discord

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

16
Requests

94 %
HTTPS

25 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

858 kB
Transfer

3786 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lookup.guild-shield.xyz/ 		150 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
562d3efb4645d42c075938954079c166f1249ac89df0be08391dffc032a430fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fi-FI,fi;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86f7a70a4f365bbb-VIE
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 06:58:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=onhc9mujB%2BGhF51BRrFKxyxlC5EVmNhBnPb%2BFV2z6sFzJ6depSFmZ00gd9UaxHJ3O99YvCf3%2BadtSYmVU6Z%2B%2Bbr70It%2FD3xKHDjYBvwDEVeStyWve0S1i3FteB4lVHwKWEtaO0ZyJJPODu5A7SD%2BaYairAT3Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.45d4d70d2e41bc34b882.css
lookup.guild-shield.xyz/static/assets/ 		2 MB
441 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021cb1900795154820b9ab23f5621933558e336da5660f1928edab740547862f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:11:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1703301066.0-2527732-4028375056"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfZz%2BAJSDV97xO2FdU%2BtM%2FQrmYJ9U5wAujfg6nsepcOZRVhMqSSewFjwWknNtVSy%2BP6N6pFX7QpcguiVDNMSakrxHod7%2BAituSAQsgND6ycY9pW0dcforyhtvBfyvq4YdXw1%2FqJgYAiNQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=app.45d4d70d2e41bc34b882.css
cf-ray
86f7a70c191b5b4f-VIE
alt-svc
h3=":443"; ma=86400
shared.f01e9143e31c19a68a8e.css
lookup.guild-shield.xyz/static/assets/ 		564 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/shared.f01e9143e31c19a68a8e.css
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e15eab63d3de0c80c50155e9eb6f78d5b0d1fb4236e0f1cd0a2d71ef6d37083

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:11:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1703301088.0-577592-1517756746"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dROORe47z7Uvg8Il%2Bm8JcLO2kl7p7P11nRIgmSQh8eCbEs%2BVTjFrIQHnJ1G7YbbHfsr60ZGcpfGnTfisa80kvUE6FwusPr9Gt3HyQ5tnjXR3mjcJiKBMXzxfIjFG4TwueGmRQPM7LXaVGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=shared.f01e9143e31c19a68a8e.css
cf-ray
86f7a70c191f5b4f-VIE
alt-svc
h3=":443"; ma=86400
api.js
hcaptcha.com/1/ 		378 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
server
cloudflare
age
0
etag
W/"5a68efa2b964d5c167fde3b130af8e94"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cross-origin-resource-policy
cross-origin
cf-ray
86f7a70c5a5f70b3-ARN
alt-svc
h3=":443"; ma=86400
expires
Fri, 19 Apr 2024 00:14:28 GMT
adf75861421c2a6a6269.png
lookup.guild-shield.xyz/static/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lookup.guild-shield.xyz/static/assets/adf75861421c2a6a6269.png
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:14:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301240.0-1532-1784946290"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=70QZqNx4jVtBVkziVKI%2BW3ocwK9Qrtr6ReKRj9Ed5FDVPk3NiEHveTmIEESasJy8oGP83oVAZr7Ws65HfS9cfVLxqBPGLl4ybpR9qkeJlS2ezWwQl9kcCU%2BCJlXciiso04INobKxK7FaXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
content-disposition
inline; filename=adf75861421c2a6a6269.png
accept-ranges
bytes
cf-ray
86f7a70ded995b4f-VIE
alt-svc
h3=":443"; ma=86400
content-length
1532
863db41a48a43395cd55.svg
lookup.guild-shield.xyz/static/assets/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lookup.guild-shield.xyz/static/assets/863db41a48a43395cd55.svg
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a1168fc0e0e1f524d0e232aee8ee78c4272f0d201389b8e504ed84c699e1ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:12:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1703301146.0-5367-1741102719"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4SgdmEx6HrI6JUNHt00gFIGKP518y4eqOPxWLlaW%2BaLhktyhef4ltJ4Ir8YH8ZXx9OlooDld6HdOAhb7PNTy0UQ589aEaeHcx8m%2F56Wsagj2ailEdAUix63dHO1nLV1Wp123C%2BQr8vXnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=863db41a48a43395cd55.svg
cf-ray
86f7a70ded9b5b4f-VIE
alt-svc
h3=":443"; ma=86400
script.js
lookup.guild-shield.xyz/static/js/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/js/script.js
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd95935d1002c5758ac55e6f6e71476ec159316f8b450fba4d49df440994dee2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Apr 2024 06:41:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1712212893.9914427-34225-1501764024"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X60or8ZyNnwSccRkLOS8%2FWsXEj1EFT1gaZF5HheSq2J3BNsZ5IziscyQOT4GWEVzLxpYzBvEXMsYO6DBz9CmjuX2I4LvGvP%2Byxc3KrKFV0ur32l1uUjpwaSbdQZ8%2FyHdnuNTeXm2OVyRXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=script.js
cf-ray
86f7a70e0dca5b4f-VIE
alt-svc
h3=":443"; ma=86400
b9811218b3a54ad59fb2.woff2
lookup.guild-shield.xyz/static/assets/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/b9811218b3a54ad59fb2.woff2
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Origin
https://lookup.guild-shield.xyz
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:15:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301332.0-38156-2782797628"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1ygAU%2FaUOWt20GVFMfiMdCUtUPLWWC6kmBxtKt8ipJQX%2B1aDmGZG9tk4jtkh5xkHYKZQ3HLbYGfF2YKE%2F7cz2S6IGM3xYx4czs1obrVbrihegCXkLQZYcyVQWMRTGPCxP%2FOhzGLy2wKCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
content-disposition
inline; filename=b9811218b3a54ad59fb2.woff2
accept-ranges
bytes
cf-ray
86f7a710cb1f5b4f-VIE
alt-svc
h3=":443"; ma=86400
content-length
38156
20ac37ed2576dd48d7dc.woff2
lookup.guild-shield.xyz/static/assets/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/20ac37ed2576dd48d7dc.woff2
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Origin
https://lookup.guild-shield.xyz
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:17:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301450.0-39764-2896371619"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRaWCxJau7OTv3bULgyZjEgIiLmoZ0t2V9glc40nbVPny9mzhFJZESmcH1wWaHQL%2B6D%2FGBfExQOeOgOzKnyCCqN0pxh3FP4YPZlSjzra8He7yEQd%2BoA3v2jh%2FPjoVz5F4smzHfSVt6RhWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
content-disposition
inline; filename=20ac37ed2576dd48d7dc.woff2
accept-ranges
bytes
cf-ray
86f7a710cb225b4f-VIE
alt-svc
h3=":443"; ma=86400
content-length
39764
3f46bbecb4287c0a829f.woff2
lookup.guild-shield.xyz/static/assets/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/3f46bbecb4287c0a829f.woff2
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Origin
https://lookup.guild-shield.xyz
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:17:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301478.0-39724-2957189027"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djPRfGI3qChOHWTgGlC678w%2FNWo7%2FDJi%2BDKawO95ziG1h80CmiUuKWqGfupp0dvNQt58LBm73Q5b7O1KBAsHNYlF2u0FE7NMkdlU2EJjC8fN%2FiTvaZ4jaGL1uODsnQlqobjuRhYXrBIEoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
content-disposition
inline; filename=3f46bbecb4287c0a829f.woff2
accept-ranges
bytes
cf-ray
86f7a710cb255b4f-VIE
alt-svc
h3=":443"; ma=86400
content-length
39724
f84e3e81b8d0718cd917.woff2
lookup.guild-shield.xyz/static/assets/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/f84e3e81b8d0718cd917.woff2
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Origin
https://lookup.guild-shield.xyz
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:57 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:18:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301488.0-39424-2876055374"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2BYxOwma8XlZ%2F4T7QPZJdfJ9K0Fu6M4baArhsmLWsbj3rkfa7yTJoHbVhl8oaY6daeiW2%2B4RRARBC7Ce9zlAgWkkqsuj4i0M9VILK0HoQcjpbevjr3VYojOZwec5wxQmI9pr8oxcKo82Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
content-disposition
inline; filename=f84e3e81b8d0718cd917.woff2
accept-ranges
bytes
cf-ray
86f7a710cb275b4f-VIE
alt-svc
h3=":443"; ma=86400
content-length
39424
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/b1c589a/static/ Frame BF12 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.124.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lookup.guild-shield.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fi-FI,fi;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
86f7a7116d1715e8-ARN
content-encoding
br
content-type
text/html
date
Fri, 05 Apr 2024 06:58:56 GMT
expires
Fri, 19 Apr 2024 06:58:56 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/b1c589a/static/ Frame 3191 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.124.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lookup.guild-shield.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fi-FI,fi;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
86f7a7116d1515e8-ARN
content-encoding
br
content-type
text/html
date
Fri, 05 Apr 2024 06:58:56 GMT
expires
Fri, 19 Apr 2024 06:58:56 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
main.js
lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 9718
Redirect Chain
  • https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/
Protocol
H3
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81772da5d8e278bb7c98bc2494bf21f8b7fa2ac7805da9b92b99006a842b08e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Apr 2024 06:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25Z6FGAUYoeELWO%2FZznD5427x3oUS4aA3Yyyx2LaeBJyesY1X%2FbG7t54thpdSQNOmwsnltEMqsQvNO3R92OHuk1IscQr5dtHa6FK4uqUuZDaD0JlsepWy%2BdFKIawJV%2FUsMyfmmn8JsS3NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86f7a711be105b4f-VIE
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 05 Apr 2024 06:58:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXG7Zn3QIK8DJyOghPFkeMP7KXHZMkxYQYl%2BcoEoQuvRg0BEoFkSAOSvA%2BXy3eiCNIZRy9%2F5rXfPUQVwt7OW1EgNw9PQSCOrttK9UN%2B9cgUHJM9ZHWVNaKaXTc4QwZKVuPSsfFLT5F507Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
86f7a7114c465b4f-VIE
alt-svc
h3=":443"; ma=86400
content-length
0
86f7a70a4f365bbb
lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9718 		0
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/86f7a70a4f365bbb
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Apr 2024 06:58:57 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LU35Jxkzx0mSf2AwXBLGWk6tdql8jBwV5LK%2BERK4LrlaPuGwuyVDelVCFfu3re%2BjnPJ4TVP0xWBD%2FeirURz21wzXioZDp2DBdFgwlN0jZpmciOQsqh1ipBsyNqLWQE8M3eBT4%2FkXAg8CHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86f7a7128fde5b4f-VIE
alt-svc
h3=":443"; ma=86400
favicon.ico
lookup.guild-shield.xyz/static/assets/images/ 		24 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 06:58:57 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:18:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1703301522.0-24565-3433569986"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXZIu0xRk%2BOU4hIUvxJdJTmlWUV0c4UkO2fuaF7Umgt4ewOP65mhj3z%2Foc%2FNFoBHsmqW7ec15yXAQphDuXEyYMS3MW4Mpu9f9fqBQacEE7KzwRltwVOp3l8OCanevQ%2FkjIj2S1z%2BJvkp0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
content-disposition
inline; filename=favicon.ico
cf-ray
86f7a71329d05b4f-VIE
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| Raven object| hcaptcha function| _0x539f string| ref undefined| a2fTicket function| login function| a2fSubmit function| onSuccess function| reset function| openA2f function| closeA2f function| _0x4816 function| startLoading function| stopLoading function| openModal function| closeModal object| grecaptcha

1 Cookies

Domain/Path Name / Value
.guild-shield.xyz/ Name: cf_clearance
Value: Ww46v5bvPU6.xYZm1fylMFHCpgZSMjR5AfYhjjvy370-1712300337-1.0.1.1-WC95LzGT5l9m0sIW6ObvFxd6FV7XqZBS3TK7AyJvJYN4UwV4WXN2olFC2IxjDulHd.SbPo.ZViuykDxN6zenkQ

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://lookup.guild-shield.xyz/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o