www.ticketcloud.gg
Open in
urlscan Pro
2606:4700:3032::6815:9e8
Malicious Activity!
Public Scan
Submission Tags: phisherman
Submission: On July 04 via api from GB — Scanned from GB
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 13th 2021. Valid for: a year.
This is the only time www.ticketcloud.gg was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Discord (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 2606:4700:303... 2606:4700:3032::6815:9e8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:303... 2606:4700:3032::ac43:a9f7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 52.215.192.133 52.215.192.133 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
22 | 6 |
ASN13335 (CLOUDFLARENET, US)
www.ticketcloud.gg | |
ticketcloud.gg |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-192-133.eu-west-1.compute.amazonaws.com
p8tf389lp1p9.statuspage.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
ticketcloud.gg
www.ticketcloud.gg ticketcloud.gg |
741 KB |
4 |
gstatic.com
fonts.gstatic.com |
99 KB |
3 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 964 |
166 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71 |
2 KB |
2 |
statuspage.io
p8tf389lp1p9.statuspage.io |
5 KB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429 |
49 KB |
22 | 6 |
Domain | Requested by | |
---|---|---|
8 | www.ticketcloud.gg |
www.ticketcloud.gg
|
4 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | use.fontawesome.com |
www.ticketcloud.gg
use.fontawesome.com |
2 | fonts.googleapis.com |
www.ticketcloud.gg
|
2 | p8tf389lp1p9.statuspage.io |
www.ticketcloud.gg
p8tf389lp1p9.statuspage.io |
2 | cdn.jsdelivr.net |
www.ticketcloud.gg
|
1 | ticketcloud.gg |
www.ticketcloud.gg
|
22 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.ticketcloud.gg |
ticketcloud.gg |
docs.ticketcloud.gg |
status.ticketcloud.gg |
dash.ticketcloud.gg |
panel.ticketcloud.gg |
discord.gg |
twitter.com |
news.ticketcloud.gg |
feedback.ticketcloud.gg |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-10-13 - 2022-10-12 |
a year | crt.sh |
*.statuspage.io DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-12 - 2022-08-12 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-06-06 - 2022-08-29 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.ticketcloud.gg/
Frame ID: 079FD0A8237F50AA6D51DB0569C7C73D
Requests: 21 HTTP requests in this frame
Frame:
https://p8tf389lp1p9.statuspage.io/embed/frame
Frame ID: 8D4E79115D7661FC035A6BA1861C1365
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
TicketCloud | Discord Ticket Management ToolDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Premium
Search URL Search Domain Scan URL
Title: Docs
Search URL Search Domain Scan URL
Title: Status
Search URL Search Domain Scan URL
Title: Dashboard
Search URL Search Domain Scan URL
Title: Invite TicketCloud
Search URL Search Domain Scan URL
Title: Navigate to Dashboard
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Discord
Search URL Search Domain Scan URL
Title: Newsroom
Search URL Search Domain Scan URL
Title: Feedback
Search URL Search Domain Scan URL
Title: Changelogs
Search URL Search Domain Scan URL
Title: Pre-Releases
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Cookie Settings
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.ticketcloud.gg/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.15.4/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.1/dist/css/ |
159 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.ticketcloud.gg/assets/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ticketcloud_white.png
ticketcloud.gg/support/hc/en-us/assets/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-preview_1.svg
www.ticketcloud.gg/assets/images/ |
133 KB 47 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-preview_2.svg
www.ticketcloud.gg/assets/images/ |
151 KB 56 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home-preview_3.svg
www.ticketcloud.gg/assets/images/ |
103 KB 37 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sparkles.svg
www.ticketcloud.gg/assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
p8tf389lp1p9.statuspage.io/embed/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
30 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame
p8tf389lp1p9.statuspage.io/embed/ Frame 8D4E |
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hero-bg.png
www.ticketcloud.gg/assets/images/ |
565 KB 566 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
whitney-light.otf
www.ticketcloud.gg/assets/fonts/whitney/ |
26 KB 15 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Discord (Instant Messenger)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| statusEmbedTest number| uidEvent object| bootstrap2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ticketcloud.gg/ | Name: PHPSESSID Value: e852bae77a8ce6dedc98328d4a925c14 |
|
.ticketcloud.gg/ | Name: session_id Value: e852bae77a8ce6dedc98328d4a925c14 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
p8tf389lp1p9.statuspage.io
ticketcloud.gg
use.fontawesome.com
www.ticketcloud.gg
2606:4700:3032::6815:9e8
2606:4700:3032::ac43:a9f7
2606:4700::6810:5814
2a00:1450:4001:800::200a
2a00:1450:4001:813::2003
52.215.192.133
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
408e11366e6d62e8b08d71b85d20a6bfa1c1f35f3b7c6ada379cf43367ac492a
4966a91ccd36aefe27d4facdeb56196d70a275ab8dacf57e84284d5b466c58e5
554c30f1309d9baf73417a984f40cad3658796e314be46c0952a33fe8e817ad9
61ea1a1326a282c228ce7f5a3aa7d911e712d8cf568be619e512d33c7bafb22c
659a0988704b626b479d85d127c61c1bdd78a43b2143658bf44e29c1e0224765
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
7008b4345da1ecd30da1402ba8c0f9c62f0a168a8b594cac9f0e56c1c366c8e8
8091a75f84aa12e4f3582f35d304ad19783e46b628afb998a2913fe3a5624120
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a23057582b8b464d5be6a541dcb00126d0f9e027ba9166111116737788b3fe66
ab6807510010aaa210a2337a11dea877bd3162e0b0e6f3598afb9732ced0ddf0
b0071cd7ccef32768966b353e2ff09d13e07ab31148944e5545803232c2341e9
b42d67d20e526ddab626ce864204a9b3208bfb697d1bcb107014d01e8c9988c5
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d3dbc7bcd233bfac8173445517b5683e18f6ebad9d025493d37f3f26a8259b8a
da3af7a4aeb27f0346411e0ac633994b49fea3dbf9cfa9c5cea2de6d5f18c11b
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3