discord-get.shop
Open in
urlscan Pro
185.178.208.154
Malicious Activity!
Public Scan
Effective URL: https://discord-get.shop/gift/D3Y26Y2ZmLr5
Submission: On October 05 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 1st 2021. Valid for: 3 months.
This is the only time discord-get.shop was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Discord (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 194.38.20.198 194.38.20.198 | 48693 (NTSERVICE-AS) (NTSERVICE-AS) | |
14 | 185.178.208.154 185.178.208.154 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
2 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
1 | 104.18.10.207 104.18.10.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.234 142.250.185.234 | 15169 (GOOGLE) (GOOGLE) | |
19 | 5 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
discord-get.shop |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
ajax.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
discord-get.shop
discord-get.shop |
535 KB |
2 |
imgur.com
i.imgur.com |
130 KB |
2 |
dlscord.org
1 redirects
dlscord.org |
715 B |
1 |
googleapis.com
ajax.googleapis.com |
88 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
22 KB |
19 | 5 |
Domain | Requested by | |
---|---|---|
14 | discord-get.shop |
discord-get.shop
|
2 | i.imgur.com |
discord-get.shop
|
2 | dlscord.org | 1 redirects |
1 | ajax.googleapis.com |
discord-get.shop
|
1 | maxcdn.bootstrapcdn.com |
discord-get.shop
|
19 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
discord.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dlscord.org R3 |
2021-09-28 - 2021-12-27 |
3 months | crt.sh |
discord-get.shop R3 |
2021-10-01 - 2021-12-30 |
3 months | crt.sh |
*.imgur.com DigiCert SHA2 Secure Server CA |
2020-01-15 - 2022-03-16 |
2 years | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-09-13 - 2021-11-20 |
2 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://discord-get.shop/gift/D3Y26Y2ZmLr5
Frame ID: CC59F3E5CF264163102A99BEF952E452
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
DiscordPage URL History Show full URLs
-
http://dlscord.org/gift=9B34qRDwV5KA
HTTP 301
https://dlscord.org/gift=9B34qRDwV5KA Page URL
- https://discord-get.shop/gift/D3Y26Y2ZmLr5 Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Forgot your password?
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://dlscord.org/gift=9B34qRDwV5KA
HTTP 301
https://dlscord.org/gift=9B34qRDwV5KA Page URL
- https://discord-get.shop/gift/D3Y26Y2ZmLr5 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://dlscord.org/gift=9B34qRDwV5KA HTTP 301
- https://dlscord.org/gift=9B34qRDwV5KA
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
gift=9B34qRDwV5KA
dlscord.org/ Redirect Chain
|
148 B 510 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
D3Y26Y2ZmLr5
discord-get.shop/gift/ |
36 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QYMcq6P.jpg
i.imgur.com/ |
40 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
discord-get.shop/gift/static/main/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ |
141 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
discord-get.shop/static/main/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.9101655e82ea93181bab.css
discord-get.shop/static/main/ |
1 MB 269 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
discord.png
discord-get.shop/static/main/ |
209 KB 209 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3jRPDM1.jpg
i.imgur.com/ |
90 KB 90 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
whitney.woff
discord-get.shop/static/main/ |
76 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e8acd7d9bf6207f99350ca9f9e23b168.woff
discord-get.shop/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nitro.svg
discord-get.shop/static/main/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qrnew.png
discord-get.shop/static/main/ |
921 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
discord-get.shop/static/main/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
32c4f766e4892c054dfd367dbe0fc6dc.woff
discord-get.shop/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8e12fb4f14d9c4592eb8ec9f22337b04.woff
discord-get.shop/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6c6374bad0b0b6d204d8d6dc4a18d820.woff
discord-get.shop/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
88055567e3d928bcb1e67e967081572e.woff
discord-get.shop/assets/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Discord (Instant Messenger)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| createCookie4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dlscord.org/ | Name: lumen_session Value: LIY6rH0qi4L4hvwadYugKgmGG3WMTaX7vTENNTzD |
|
.discord-get.shop/ | Name: __ddg1 Value: FycnKIjVTjXZ1S6sxpiF |
|
.discord-get.shop/ | Name: __ddgid Value: Kfl7BPXvwkgaqpvO |
|
.discord-get.shop/ | Name: __ddgmark Value: pnX65llLsAVKDIwN |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
discord-get.shop
dlscord.org
i.imgur.com
maxcdn.bootstrapcdn.com
104.18.10.207
142.250.185.234
151.101.112.193
185.178.208.154
194.38.20.198
06bafbb226ec77278d94a6eb7a69ef46ac5fb2226885e2ff44078301f6a9f43b
09f1411ea56ca24d63f776baeb71962df370d76516900334b29857b059a268a9
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
703e0c41341ad2e5143dc8d47d414e10aeaa5f052d399d951c3df0d3f1883a2e
8c639afc716a9015f533c5ac9e09512db3e5924c84b5a4bb32e13b1d0394a130
945bb6ab7ffe568c944c4b5155ab9d2e43c342e65f0f577d2d4d56546883f5e3
9b61a412809df99b7cad8d1a20ecc9a37d9b14815da87c57c0768642d7f97876
d20c22f029c24b0d1ea04ca7521be8763cfa698861615a4fe217ad1e7d2cf24e
e38f92b94915eafa226cb084c3e6ca52cd3fbf96ef75fdc154ffbb4d0b1f8064
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fdedce8213ce691fc9511a980fa1e3f5ddc095993b14065790e0c7e720fa5aa1