discord-cliker.ru Open in urlscan Pro
2606:4700:3035::ac43:95d5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://discord-cliker.ru/lJvcLHmitPj7aneD
Effective URL:
https://discord-cliker.ru/lJvcLHmitPj7aneD
Submission: On July 24 via automatic, source openphish (July 24th 2022, 1:32:35 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3035::ac43:95d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is discord-cliker.ru.
TLS certificate: Issued by E1 on July 24th 2022. Valid for: 3 months.

This is the only time discord-cliker.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discord (Instant Messenger)

Domain & IP information

	IP Address	AS Autonomous System
1 13	2606:4700:303... 2606:4700:3035::ac43:95d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.216.163.127 95.216.163.127	24940 (HETZNER-AS) (HETZNER-AS)
14	4

13 2606:4700:3035::ac43:95d5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

discord-cliker.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

vsempohui.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.163.127 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.127.163.216.95.clients.your-server.de

api.qrserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	discord-cliker.ru 1 redirects discord-cliker.ru	293 KB
1	qrserver.com api.qrserver.com — Cisco Umbrella Rank: 62538	771 B
1	vsempohui.ru vsempohui.ru
14	3

	Domain	Requested by
13	discord-cliker.ru	1 redirects discord-cliker.ru
1	api.qrserver.com
1	vsempohui.ru	discord-cliker.ru
14	3

This site contains links to these domains. Also see Links.

Domain
discord.com

Subject Issuer	Validity	Valid
*.discord-cliker.ru E1	`2022-07-24` - `2022-10-22`	3 months	crt.sh
*.vsempohui.ru E1	`2022-07-10` - `2022-10-08`	3 months	crt.sh
*.qrserver.com R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://discord-cliker.ru/lJvcLHmitPj7aneD
Frame ID: 124A55400EBDDCBBEBD275F6AC4D9CF3
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discord

Page URL History Show full URLs

http://discord-cliker.ru/lJvcLHmitPj7aneD HTTP 301
https://discord-cliker.ru/lJvcLHmitPj7aneD Page URL

Page Statistics

14
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

293 kB
Transfer

645 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.com/register
Title: Register

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://discord-cliker.ru/lJvcLHmitPj7aneD HTTP 301
https://discord-cliker.ru/lJvcLHmitPj7aneD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request lJvcLHmitPj7aneD Show response discord-cliker.ru/ Redirect Chain http://discord-cliker.ru/lJvcLHmitPj7aneD https://discord-cliker.ru/lJvcLHmitPj7aneD	1 KB 1 KB	183ms 132ms	Document text/html	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord-cliker.ru/lJvcLHmitPj7aneD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ad6a5dc1ed1fd0f2a5ffc3d1f3abd0c0204242db056fbabce68ab46fb2bb5765` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache cf-cache-status DYNAMIC cf-ray 72fd05b15ec06967-FRA content-disposition inline; filename=index.html content-encoding br content-type text/html; charset=utf-8 date Sun, 24 Jul 2022 13:32:30 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Tue, 19 Jul 2022 20:29:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVRmQMumWD3gqI8tCP2QDokWw%2B1rXrCyRFR2jaKmJL%2FKgSj2Z27gq%2BjUlinW%2BXCbUUhqAp4yxxQPEP7N3jSrOYRXj%2Fg9nyOwDjF12xqlpqxhlj%2BYsQUHwXkxXP10%2FSh1SmF5AKoAN4uzfPAloHqCQw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers CF-RAY 72fd05b0cf0b5c92-FRA Cache-Control max-age=3600 Connection keep-alive Date Sun, 24 Jul 2022 13:32:30 GMT Expires Sun, 24 Jul 2022 14:32:30 GMT Location https://discord-cliker.ru/lJvcLHmitPj7aneD NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J0RYCxEg0wW9Q1ZTOjvZr7aTT2KaYGpfCw7wmJbxePj9qNbdFo%2FgP%2BQUPZEFqaGnxPRJlPRMA1KOSXu%2FEympse6UsmbNEu959bfZr0AXgDoKamkxtM9njFsRI3%2BP7JYAFZe7bPora64Oghuodl6ZQ%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.f792202d.js Show response discord-cliker.ru/static/js/	263 KB 82 KB	294ms 291ms	Script application/javascript	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord-cliker.ru/static/js/main.f792202d.js Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/lJvcLHmitPj7aneD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5d362402f8414ab144ff0ebf4223b02eeef408e4e144ce9c99c8ce3bd6a4034` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/lJvcLHmitPj7aneD User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:30 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wX%2BVb64bgfLj9eMbLuVHy3rjrfxXjhEHvCjbYlVE37nLKzhAvISYvIQtzSSTvOSbDpVpZXvhbQbJoPOLrD4fJnAwQZxiJ9jc6K2mjHM5ejeZe1esTMo1JoYlEC4A%2BAcDSWJ2s1dlW1RSDcUm3yLsNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=main.f792202d.js cf-ray 72fd05b23ffd6967-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	main.7f229e37.css discord-cliker.ru/static/css/	12 KB 3 KB	123ms 122ms	Stylesheet text/css	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord-cliker.ru/static/css/main.7f229e37.css Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/lJvcLHmitPj7aneD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1efa2457a90fe3815f988b3a6920875c6e99f0aafcabfd4e687aeef5f5f7156` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/lJvcLHmitPj7aneD User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:30 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvOvZEglIcms2N57WDMron%2B9jM78j1nX5JiTvTfTeNuERDO9rUUO8wW0uReku4Un4DzOSkiC3yPTRjyWrc1Fu8%2FuDcsgcUnunDfVUfbqFvu2AAvymiOnLg039NBatlCyCGUWDzw9xyl5BgMYJpxPHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=main.7f229e37.css cf-ray 72fd05b248006967-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	background.3064a01197d930783984.svg discord-cliker.ru/static/media/	46 KB 16 KB	205ms 204ms	Image image/svg+xml	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://discord-cliker.ru/static/media/background.3064a01197d930783984.svg Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/static/css/main.7f229e37.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `be8d0effd38b9830ecae375c6f81fcebd9e629344ee0d455f3eea499240f77af` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/static/css/main.7f229e37.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:30 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUqxviE%2BP6PU%2Bhple36DXae2uSRIu2C1sfArLleRk%2FUCYMUN6hvtbHUpyYXXp6g8ik0BsNXo%2BqSP4ujnujE7Wycpom2rGf19vFw%2FU3lhkm%2FKYaqCE2lSa6SVHOGJQINlpJYq6PhH4en3ZtigIj43mA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml; charset=utf-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=background.3064a01197d930783984.svg cf-ray 72fd05b318edbb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	lJvcLHmitPj7aneD Show response discord-cliker.ru/api/props/	84 B 568 B	121ms 121ms	Fetch application/json	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord-cliker.ru/api/props/lJvcLHmitPj7aneD Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/static/js/main.f792202d.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `df7d6fa84afef0e23f503e339ed278b3c77d73330651fb365f4dbdcf6bac519b` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/lJvcLHmitPj7aneD User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9offiWdGFDgZNpZ%2FkcE7QE2p014U7QkDV6lHxDZetcdKtGADpH54sE3hJBDBLf997JPnJ%2BsOI4AZEPrVAYx7qns0MnlCxZ%2FcWcGh36r2QuzaUtKR%2BTxJvnczzb7AczPs5wxnc%2Fba4QColSWxtaGcmA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 72fd05b48b9ebb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	discord-logo.f99bb20c5a7ba2cc6ff10a145a83fcad.svg discord-cliker.ru/static/media/	5 KB 3 KB	122ms 122ms	Image image/svg+xml	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://discord-cliker.ru/static/media/discord-logo.f99bb20c5a7ba2cc6ff10a145a83fcad.svg Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/lJvcLHmitPj7aneD Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c0e2e6bc2ab68b04b93b578341c0051564a32dc34a38a661731c29b4d4b435f0` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/lJvcLHmitPj7aneD User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:30 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78eqP7EkcHBlyrBvR3xVv%2B3JoLvVuyzmioQE7fG2uJdFIx7iJoUwKnEboXIrWQhmk%2BB3MnObcLIwcY8fkfPry7IOZxy6y1l1T%2FkdruAWL5LeU4G%2B8t%2BaDxpSsO7aOLSCsWnTd5%2FxuYU%2BU2AU%2Bnargg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml; charset=utf-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=discord-logo.f99bb20c5a7ba2cc6ff10a145a83fcad.svg cf-ray 72fd05b49ba1bb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	nitro-banner.52689fde0af2ff4fd219.jpg discord-cliker.ru/static/media/	20 KB 20 KB	169ms 168ms	Image image/jpeg	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://discord-cliker.ru/static/media/nitro-banner.52689fde0af2ff4fd219.jpg Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/lJvcLHmitPj7aneD Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `77e3884b74cd2a9624545acd0cfa9d82f8ce2a5b27ca51a452d86a0869c03e46` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/lJvcLHmitPj7aneD User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:30 GMT cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJiPC%2FAgVqVamYAYw%2BcdFusYrLIW9xuxkrqMct62E5V4a5xB%2BqFtYAbxyr9JulpyXA7MvvNcvOdUsppWhJuVnxDwL3MvtgfFaNWCaAtSW8u3zyM1ZKcsQx8MrJ%2Bg0VzOrUPJDcPLzO8c%2FJErC2YQCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=nitro-banner.52689fde0af2ff4fd219.jpg accept-ranges bytes cf-ray 72fd05b49ba3bb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 20274
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d76b3691dc5221c440cdfdc245d77d8b21476129c525649dd2f0dc7590293c04` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Whitney-Book.dc2270bc01becea3d5b9.woff discord-cliker.ru/static/media/	76 KB 34 KB	216ms 216ms	Font application/font-woff	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord-cliker.ru/static/media/Whitney-Book.dc2270bc01becea3d5b9.woff Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/static/css/main.7f229e37.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4` Request headers Referer https://discord-cliker.ru/static/css/main.7f229e37.css Origin https://discord-cliker.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhsiz9N0TBoqBc0CwzTeoOEEzRxcDAIaVi7gee9k3v22ySP8%2FxGUuxiPUlfn0OcHc7gbvKgKzfCBji11OG5wX%2FZ8ptztX2TW0QWUVhsOVtNYYZjBtaNa6l3Kv9PthWEBLdOyMAz9tyDGsObqK1RRaw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=Whitney-Book.dc2270bc01becea3d5b9.woff cf-ray 72fd05b49baebb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	mobile.732856545cce3484d363.svg discord-cliker.ru/static/media/	585 B 896 B	129ms 129ms	Image image/svg+xml	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://discord-cliker.ru/static/media/mobile.732856545cce3484d363.svg Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/static/css/main.7f229e37.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23bac31f695500042068fa6752596347a2a17d6d2067fa92520367b5e6ff4ffd` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/static/css/main.7f229e37.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:30 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2IkKoaHN2aKoXP86DjnJh7gYFTxa7JRyFgWn7%2B9GdhR0CtPjTwYEhhHx92GTlXYER8zl%2FlheUYH1rnCoBl7KF47%2BBE3O%2F6thFkueVJykz8hj0j0O9FsEQTV5fYtoshbU%2Bbp0p2Sv9jlJprebmT0FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml; charset=utf-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=mobile.732856545cce3484d363.svg cf-ray 72fd05b49bbbbb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	Ginto-Nord-Semibold.7429f86e91b75ac681da.woff discord-cliker.ru/static/media/	61 KB 62 KB	236ms 235ms	Font application/font-woff	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord-cliker.ru/static/media/Ginto-Nord-Semibold.7429f86e91b75ac681da.woff Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/static/css/main.7f229e37.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0e9a97ab8ee2408a80d5d42ea49fc1cbf291f71a11a3a1728418074087709754` Request headers Referer https://discord-cliker.ru/static/css/main.7f229e37.css Origin https://discord-cliker.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCAsZfzeIwomY8XRalGj3299N5Gs3sL9b0R%2FIT1%2BoS0g9qUdaCGaqrEc7qiYAlpfAisQcsjJ%2FSRBOKKG6MvBjTaKhrOAQWpPc8BMFj1c76NLQArSbeQI%2FH5sujEtKzsmiNEoKDtVAvl9nmebj1rOdA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=Ginto-Nord-Semibold.7429f86e91b75ac681da.woff cf-ray 72fd05b49bbcbb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	Whitney-Medium.c267a17da13d9a7c3ba0.woff discord-cliker.ru/static/media/	75 KB 33 KB	256ms 256ms	Font application/font-woff	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord-cliker.ru/static/media/Whitney-Medium.c267a17da13d9a7c3ba0.woff Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/static/css/main.7f229e37.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae` Request headers Referer https://discord-cliker.ru/static/css/main.7f229e37.css Origin https://discord-cliker.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2DDiH61Uz3mBsyTAPpHS0AYbx8LTPtnqVJfE%2BNIkD5DIwh%2FtvXnm5nckrXyDzQFTXRwObm1eVL%2F%2FDWOR%2FqliYlEKqfvIZTOG2Y6c7xQxkc95DKv%2FbZKS804HTvk%2B3iAdgs4Rg4upT91KxrJLqQ2xw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=Whitney-Medium.c267a17da13d9a7c3ba0.woff cf-ray 72fd05b49bbfbb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	Whitney-Semibold.caae8d9abdbee216a4ca.woff discord-cliker.ru/static/media/	81 KB 36 KB	258ms 257ms	Font application/font-woff	2606:4700:3035::ac43:95d5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://discord-cliker.ru/static/media/Whitney-Semibold.caae8d9abdbee216a4ca.woff Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/static/css/main.7f229e37.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:95d5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff` Request headers Referer https://discord-cliker.ru/static/css/main.7f229e37.css Origin https://discord-cliker.ru accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 24 Jul 2022 13:32:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 19 Jul 2022 20:29:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vt0G3c%2Fb%2FZLbBd1uK%2Be3E7Z8gU3ZzBEItT8kOpXBYeTOHQVF%2FNilMHoxMqGsPdDLJDPgJSv%2BxSummprtFildXY%2BzVIOL%2Bg76VQjD92bi8MOhbhoHpMJiGQHzhpWCrqJSb4hOnq%2BN8SljSvvTnYFNBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename=Whitney-Semibold.caae8d9abdbee216a4ca.woff cf-ray 72fd05b49bc0bb7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	bVxIuRDW1sacL6FU vsempohui.ru/	0 0	224ms 142ms	Image text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://vsempohui.ru/bVxIuRDW1sacL6FU Requested by Host: discord-cliker.ru URL: https://discord-cliker.ru/lJvcLHmitPj7aneD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers
GET H2	200	/ api.qrserver.com/v1/create-qr-code/	506 B 771 B	227ms 63ms	Image image/png	95.216.163.127 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://api.qrserver.com/v1/create-qr-code/?size=160x160&data=https://discordapp.com/ra/WU9wbeeqiSS_pOzrvW8Co-0NE9QVpZdt1aThnDU2M24 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.216.163.127 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.127.163.216.95.clients.your-server.de Software nginx / Resource Hash `3def18c716ba33055b0826abd57e01f9bbc8a0ba422516d3d598bb5781cb0ac5` Request headers accept-language de-DE,de;q=0.9 Referer https://discord-cliker.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers access-control-allow-origin * date Sun, 24 Jul 2022 13:32:32 GMT server nginx access-control-allow-headers Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token access-control-max-age 7200 access-control-allow-methods POST, GET, OPTIONS, DELETE, PUT content-type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `703e0c41341ad2e5143dc8d47d414e10aeaa5f052d399d951c3df0d3f1883a2e` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.qrserver.com
discord-cliker.ru
vsempohui.ru
2606:4700:3035::ac43:95d5
2a06:98c1:3120::3
95.216.163.127
0e9a97ab8ee2408a80d5d42ea49fc1cbf291f71a11a3a1728418074087709754
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4
23bac31f695500042068fa6752596347a2a17d6d2067fa92520367b5e6ff4ffd
3def18c716ba33055b0826abd57e01f9bbc8a0ba422516d3d598bb5781cb0ac5
703e0c41341ad2e5143dc8d47d414e10aeaa5f052d399d951c3df0d3f1883a2e
77e3884b74cd2a9624545acd0cfa9d82f8ce2a5b27ca51a452d86a0869c03e46
9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff
ad6a5dc1ed1fd0f2a5ffc3d1f3abd0c0204242db056fbabce68ab46fb2bb5765
ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae
be8d0effd38b9830ecae375c6f81fcebd9e629344ee0d455f3eea499240f77af
c0e2e6bc2ab68b04b93b578341c0051564a32dc34a38a661731c29b4d4b435f0
c1efa2457a90fe3815f988b3a6920875c6e99f0aafcabfd4e687aeef5f5f7156
d5d362402f8414ab144ff0ebf4223b02eeef408e4e144ce9c99c8ce3bd6a4034
d76b3691dc5221c440cdfdc245d77d8b21476129c525649dd2f0dc7590293c04
df7d6fa84afef0e23f503e339ed278b3c77d73330651fb365f4dbdcf6bac519b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

discord-cliker.ru Open in urlscan Pro 2606:4700:3035::ac43:95d5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

293 kBTransfer

645 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

discord-cliker.ru Open in urlscan Pro
2606:4700:3035::ac43:95d5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

293 kB
Transfer

645 kB
Size

0
Cookies

14 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!