![](/screenshots/9a1e252e-bdcf-4939-bb69-3ff797a2a762.png)
discordnitroboost.xyz
Open in
urlscan Pro
2606:4700:3031::ac43:d35a
Malicious Activity!
Public Scan
Submission: On May 22 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by E1 on May 21st 2022. Valid for: 3 months.
This is the only time discordnitroboost.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Discord (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 2606:4700:303... 2606:4700:3031::ac43:d35a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 95.216.163.127 95.216.163.127 | 24940 (HETZNER-AS) (HETZNER-AS) | |
13 | 3 |
ASN24940 (HETZNER-AS, DE)
PTR: static.127.163.216.95.clients.your-server.de
api.qrserver.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
discordnitroboost.xyz
discordnitroboost.xyz |
293 KB |
1 |
qrserver.com
api.qrserver.com — Cisco Umbrella Rank: 70506 |
776 B |
13 | 2 |
Domain | Requested by | |
---|---|---|
12 | discordnitroboost.xyz |
discordnitroboost.xyz
|
1 | api.qrserver.com | |
13 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
discord.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.discordnitroboost.xyz E1 |
2022-05-21 - 2022-08-19 |
3 months | crt.sh |
*.qrserver.com R3 |
2022-04-23 - 2022-07-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://discordnitroboost.xyz/pbkmTdBHhA10J6lC
Frame ID: 9ACF9C7D2E83EA07031F7CAD54CE32A0
Requests: 15 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: Register
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
pbkmTdBHhA10J6lC
discordnitroboost.xyz/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.f792202d.js
discordnitroboost.xyz/static/js/ |
263 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.7f229e37.css
discordnitroboost.xyz/static/css/ |
12 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
background.3064a01197d930783984.svg
discordnitroboost.xyz/static/media/ |
46 KB 16 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pbkmTdBHhA10J6lC
discordnitroboost.xyz/api/props/ |
44 B 528 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
discord-logo.f99bb20c5a7ba2cc6ff10a145a83fcad.svg
discordnitroboost.xyz/static/media/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nitro-banner.52689fde0af2ff4fd219.jpg
discordnitroboost.xyz/static/media/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Whitney-Book.dc2270bc01becea3d5b9.woff
discordnitroboost.xyz/static/media/ |
76 KB 34 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
mobile.732856545cce3484d363.svg
discordnitroboost.xyz/static/media/ |
585 B 904 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Ginto-Nord-Semibold.7429f86e91b75ac681da.woff
discordnitroboost.xyz/static/media/ |
61 KB 62 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Whitney-Medium.c267a17da13d9a7c3ba0.woff
discordnitroboost.xyz/static/media/ |
75 KB 33 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Whitney-Semibold.caae8d9abdbee216a4ca.woff
discordnitroboost.xyz/static/media/ |
81 KB 36 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.qrserver.com/v1/create-qr-code/ |
511 B 776 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Discord (Instant Messenger)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.qrserver.com
discordnitroboost.xyz
2606:4700:3031::ac43:d35a
95.216.163.127
0e9a97ab8ee2408a80d5d42ea49fc1cbf291f71a11a3a1728418074087709754
0f823bc4b56f481fbceab4158d855e5d11628198a9e404b827b755fe45d4d1c4
17106e3e51686459ab1ebacb87d0c6e836d90296d82986c05a1e06ed519b4b7f
23bac31f695500042068fa6752596347a2a17d6d2067fa92520367b5e6ff4ffd
703e0c41341ad2e5143dc8d47d414e10aeaa5f052d399d951c3df0d3f1883a2e
77e3884b74cd2a9624545acd0cfa9d82f8ce2a5b27ca51a452d86a0869c03e46
9231ab6a48732396feaa62c4ed6d5419cee16ef5657e97a779041cb0a612d0ff
a674babe90146fe1fee5e7144a9a50d40d58356a4a43918056ab60130871196c
ad6a5dc1ed1fd0f2a5ffc3d1f3abd0c0204242db056fbabce68ab46fb2bb5765
ba33ed18fe9c110039549c2b17fee622de2b27d90cfd4a375bd0184174705fae
be8d0effd38b9830ecae375c6f81fcebd9e629344ee0d455f3eea499240f77af
c0e2e6bc2ab68b04b93b578341c0051564a32dc34a38a661731c29b4d4b435f0
c1efa2457a90fe3815f988b3a6920875c6e99f0aafcabfd4e687aeef5f5f7156
d5d362402f8414ab144ff0ebf4223b02eeef408e4e144ce9c99c8ce3bd6a4034
d76b3691dc5221c440cdfdc245d77d8b21476129c525649dd2f0dc7590293c04