![](/screenshots/45540efa-6765-41fd-869e-f58ff172cbd0.png)
discocrd.gift
Open in
urlscan Pro
212.192.241.134
Malicious Activity!
Public Scan
Submission: On October 17 via manual from PH — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 25th 2021. Valid for: 3 months.
This is the only time discocrd.gift was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Discord (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 212.192.241.134 212.192.241.134 | 211252 (AS_DELIS) (AS_DELIS) | |
1 | 88.99.166.175 88.99.166.175 | 24940 (HETZNER-AS) (HETZNER-AS) | |
11 | 3 |
ASN24940 (HETZNER-AS, DE)
PTR: static.175.166.99.88.clients.your-server.de
cdn.igromania.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
discocrd.gift
discocrd.gift |
573 KB |
1 |
igromania.ru
cdn.igromania.ru |
20 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | discocrd.gift |
discocrd.gift
|
1 | cdn.igromania.ru |
discocrd.gift
|
11 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
discocrd.gift R3 |
2021-09-25 - 2021-12-24 |
3 months | crt.sh |
*.igromania.ru Sectigo RSA Domain Validation Secure Server CA |
2021-03-01 - 2022-04-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://discocrd.gift/QK8WQq9H67HYfs73
Frame ID: F50552E4EB68D8C5E45D8E7C571633E3
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() discocrd.gift/ |
88 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
discocrd.gift/assets/discord/js/ |
179 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
discocrd.gift/assets/discord/css/ |
1 MB 272 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
74862201f6da70cf_848x477.jpg
cdn.igromania.ru/mnt/news/f/9/8/3/3/e/88018/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() discocrd.gift/assets/ |
64 KB 64 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() discocrd.gift/assets/ |
88 KB 29 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() discocrd.gift/assets/ |
88 KB 29 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() discocrd.gift/assets/ |
88 KB 29 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() discocrd.gift/assets/ |
88 KB 29 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() discocrd.gift/assets/ |
88 KB 29 KB |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
439112b388adcac969dc066d30767b76.png
discocrd.gift/assets/discord/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Discord (Instant Messenger)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| setImmediate function| clearImmediate object| app1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
discocrd.gift/ | Name: lumen_session Value: BYSJF6qanRM3UYwc7S0q8vq8B5leQD3rh4gz74J0 |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.igromania.ru
discocrd.gift
212.192.241.134
88.99.166.175
4d9986537d166bbae14f92b55b3201bacf680c2855b8d5f1c131e47b4cc269a4
703e0c41341ad2e5143dc8d47d414e10aeaa5f052d399d951c3df0d3f1883a2e
77e3884b74cd2a9624545acd0cfa9d82f8ce2a5b27ca51a452d86a0869c03e46
b0816ec7480400f55531ac829623d9c6b038861c2cb6d4851c1f0007308bd26d
bc5d388b4af035b4bc2b0f23c62d777cb86c0df7768b0de5fb2e5f8fe60ba5a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed10b64d995295c6fe33b1f76eea1ee1abb03e4c8bd26f9f3701d68b5494a10