gift-subsribe.com
Open in
urlscan Pro
104.21.32.186
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On December 05 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on December 3rd 2022. Valid for: 3 months.
This is the only time gift-subsribe.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Discord (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 104.21.32.186 104.21.32.186 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 162.159.128.233 162.159.128.233 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.217.18.10 172.217.18.10 | 15169 (GOOGLE) (GOOGLE) | |
15 | 185.114.247.54 185.114.247.54 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
1 | 162.159.129.233 162.159.129.233 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
30 | 6 |
ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f10.1e100.net
fonts.googleapis.com |
ASN9123 (TIMEWEB-AS, RU)
PTR: vh382.timeweb.ru
ch60545.tmweb.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
tmweb.ru
ch60545.tmweb.ru |
3 MB |
6 |
gift-subsribe.com
gift-subsribe.com |
744 KB |
1 |
discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2820 |
|
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 51 |
991 B |
1 |
discord.com
discord.com — Cisco Umbrella Rank: 1987 |
|
30 | 5 |
Domain | Requested by | |
---|---|---|
15 | ch60545.tmweb.ru |
gift-subsribe.com
|
6 | gift-subsribe.com |
gift-subsribe.com
|
1 | cdn.discordapp.com |
gift-subsribe.com
|
1 | fonts.googleapis.com |
gift-subsribe.com
|
1 | discord.com |
gift-subsribe.com
|
30 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
discord.com |
support.discord.com |
twitter.com |
www.instagram.com |
www.facebook.com |
www.youtube.com |
discordstatus.com |
blog.discord.com |
feedback.discord.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.gift-subsribe.com E1 |
2022-12-03 - 2023-03-03 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-11-19 - 2023-11-19 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
*.tmweb.ru GlobalSign GCC R3 DV TLS CA 2020 |
2022-05-05 - 2023-06-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://gift-subsribe.com/
Frame ID: 0B75A8BCFEAFEB016AB22988B085FF5F
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
DISСORD NITRО frее for 3 months on StеаmDetected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+data-react
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Download
Search URL Search Domain Scan URL
Title: Safety
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Status
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Feedback
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
gift-subsribe.com/ |
315 KB 61 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.1fafb1729b3e11fa547c.css
discord.com/assets/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
gift-subsribe.com/styles/js/ |
335 KB 98 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4e2e783.js
gift-subsribe.com/ |
335 KB 98 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3f037fd.js
gift-subsribe.com/ |
601 KB 151 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 991 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u4du1cx5lqjl
gift-subsribe.com/r73e9l8pgf3yu4/ |
1 MB 329 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb436e22ed18484e04f3e6002e407de9.svg
ch60545.tmweb.ru/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
91.svg
ch60545.tmweb.ru/ |
53 KB 19 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
81.svg
ch60545.tmweb.ru/ |
79 KB 31 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13.svg
ch60545.tmweb.ru/ |
15 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
007.svg
ch60545.tmweb.ru/ |
25 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
90e17f43426c2411b47906831576deaf.png
ch60545.tmweb.ru/ |
287 KB 288 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12.png
ch60545.tmweb.ru/ |
291 KB 292 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e6d6b255259ac878d00819a9555072ad.png
ch60545.tmweb.ru/ |
288 B 466 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
779a770c34fcb823a598a7277301adaf.svg
ch60545.tmweb.ru/ |
179 B 361 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2
discord.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e8acd7d9bf6207f99350ca9f9e23b168.woff
discord.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
3bdef1251a424500c1b3a78dea9b7e57.woff
discord.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
be0060dafb7a0e31d2a1ca17c0708636.woff
discord.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pososi_mudila.webm
cdn.discordapp.com/attachments/880449376957390941/889581462108639263/ |
0 0 |
Media
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12.js
ch60545.tmweb.ru/ |
8 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.js
ch60545.tmweb.ru/ |
67 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.js
ch60545.tmweb.ru// |
9 MB 2 MB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
41.js
ch60545.tmweb.ru/ |
20 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
54.js
ch60545.tmweb.ru/ |
134 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
61.js
ch60545.tmweb.ru/ |
105 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
92e32db984c8577d8b81548b43b9c061.woff
discord.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
8e12fb4f14d9c4592eb8ec9f22337b04.woff
discord.com/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d258b4d2dc665216b36772089c35bda1.css
gift-subsribe.com/r73e9l8pgf3yu4/u4du1cx5lqjl// |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- discord.com
- URL
- https://discord.com/assets/ae7c84783ad48b6d1c8e2bfbe707e0d4.woff2
- Domain
- discord.com
- URL
- https://discord.com/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff
- Domain
- discord.com
- URL
- https://discord.com/assets/3bdef1251a424500c1b3a78dea9b7e57.woff
- Domain
- discord.com
- URL
- https://discord.com/assets/be0060dafb7a0e31d2a1ca17c0708636.woff
- Domain
- discord.com
- URL
- https://discord.com/assets/92e32db984c8577d8b81548b43b9c061.woff
- Domain
- discord.com
- URL
- https://discord.com/assets/8e12fb4f14d9c4592eb8ec9f22337b04.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Discord (Instant Messenger)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| h04ea12584 function| h04ea14258 object| __LOADABLE_LOADED_CHUNKS__ object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| mbbd61adb5 function| mbbd615adb5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
gift-subsribe.com/ | Name: 2c9fe6f30b3ee6dd06f950291ea7a7fc Value: 5hr73e9l8pgf3yu4du1cx5lqjlhz |
|
.discordapp.com/ | Name: __cf_bm Value: 3FoNF9H_bOpRRUjaqJA8xcrmG1uSt.UvI5GyAb4SKbc-1670241308-0-AX/q3jLI/6mu1kcASY3gzdW1KbFtqgL6tQSyxlt3NA5yNoDY6wS2MO6DnQ5JZNBwvQl9rlsthxmNBZgGNTcpolI= |
|
gift-subsribe.com/ | Name: cc26fb4586d4cfdd29dffb9e58d826cc Value: vVEg9h9fX8 |
|
gift-subsribe.com/ | Name: dda761a699422d52cfcd3500efb4c831 Value: da785fc0d0dc293c7556af345185c02f |
|
gift-subsribe.com/ | Name: dae356c7c34bb9cc7a1c0db49d3cb55a Value: 5TG1VT2NWTnROT1NiU0FISHpuZ3BmblVzZFR4d2M2eGJUaHhHZFR4U01LdV8tSlVPY19OdE5uZk9jTzluME9GcWRoOWFmMWZuOTFGbWR3U245bk4zOUt6ZTloaW1mbmZPTl9wXzBCY19kX1VhOTFvQWZPR0hmT2EzZmhObTloem0wNDlPOWhjcWNoeGw5bk51MEJpQmNWTkVObmN1Tk9RX2pzVXE5Vk5FTm5jcU5PUV82SjVtZkJmbGR3cGV2MWpuY0FscWZHcElqS1NhaktHT0xoVEV2dzhFTl9wXzBCMF9kbEVfNko1T2Z3R19jS1lwY25GM2NCVV85S1NsZk96QmNoal85MVNfMEJGQjl3VW4wVjNwMm52Xy1KVXYtNHptZGhqYTBuVWxmQno0ZjQwNGZCWUFjT1ltOWhhQjkxOUg5T0ZwZGhHYS1reHk5bU5FTmxwSWZLVW5kaGNnME9ZZWYxZk9kS1VsMG56M2ZoOV9jaFRIZEtOQmMxemdmaGF5djEza05fcF82SjVhZGhIbDlLU2EwT040OUtOM2ZoTnAwd3ozZEtsbDBuR0gwQm9wOU9GZzlKM3AybnZfLUpVdi00RmVjNFVsZEthQTlLMEFjQjlfME9vNGNLVG5mMVNPME9TSDlodnUwbmZfLWt4eTltTkVObHBJMEJsbmMxR19jaEZCOU9mX2NPZkhjd291MEJZQWRobEhmaDluZndONGNCRnl2MTNrTl9wXzZKPUI5aFk0ZjQ5SGR3VEg5S29COTFUX2RLdkJjQnZnOU9ITzlodm05S2psZEozcDJudl8tSlV2LUJvQWNPb2VmT2F1MDRvMzloeG45T3ZwZm5HT2ZoR0hkSzAzMEswQWNLU18ta3h5OW1ORU5scEkwQlllZjFvbWYxU2xmQlVsMEJmX2ZuY0I5d1VfZjR6dTBCYXA5MUZCOWhjeWJ3ZklOX3BfNko9cWNoYWdjdzBtY2hZZTBuYzNmQlNPY2hIbGZLbF9mNHpxZHdGQmZuenFmSjM4MDQ9Xy1KVXYtNEZtZktIX2YxRm05MWM0Zk96bWNLOV9jQjBBZkJOcGRobE9jQlRfOTFvZy1uZkJ2bVVqLUpVT2ZtTnRObHBJMkF4bDJscEkwa1VJMDRFX3JGQ0M%3D |
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.discordapp.com
ch60545.tmweb.ru
discord.com
fonts.googleapis.com
gift-subsribe.com
discord.com
104.21.32.186
162.159.128.233
162.159.129.233
172.217.18.10
185.114.247.54
0274c4a7cda86aff477c5a7bfea460aa0c5b726d5d682dfdc41bc2fbd8f09673
12a123ea135eee68c9fc076b72caa6114374197b435b64d6f0c533f44bed298c
183f41e22ce48a678cf4e788df7e7f999ff55a89431f99501ea3e6f414406105
1a3655b63a125832e069496e770bd5096944e9cd94695287ead4241f3f0d70f4
1c122c2f07ed797aa69ec4f77342a4e80996100bc3a641a0760bac8ad53ffa8e
21d34772ed80c8be7ab9e7338498bdfe2f66c77b61542cc48e103fd77ecd7f60
2bbd6cbc1b13e81feb03d03b9007caae0edfeb9da049a56fd24c38e7eacd05f4
34141e9a95e611f7ba839276d4fbcf27228af1a3a903c2724098fab7df60d447
43ecb899a10d42f0e461e31ce83e65ea2622ab1f05ec9a428e799e4c5e31c81d
4b5f11f65c936f5040c3450d15061a1260e97c246745cd38c17e367918023dd4
52076a7de2eb9c3b6e123b22dc408a57200eaa8527227e2243cc6533f60d9696
55b3d8cd7a577726ff430b6bc7fcdddc9a88a7f29d014f4323e63535ac67ba62
6539c7741e1edeb3e36ea1eaf5adad21365bb5fdadfb3ab2e370f34a557b96ec
99cff2170c703fa4c82f251c633f2b46099d1a19b26d343f2bc8cf1615f4a464
a693353c773c5722c49c3f56cafc092bb20ee3b3a877b0f0922c73f80e6bc2b7
b029309fdff071e7f924c5ce80332cb823f82faca3a49d1801e62b48f230350b
bd91e0c9cbe61e71d4be397aa51fea6a67035ef9acc83069863b40dd58e7e6d8
c97a58d544c374c5214915f44f9daf67ae04ee8d3f94990b9269e4d6770fa042
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5488085f2615f1ad85fabf5e8f623f2a029d5778aa834447177a15d029e9ce5
e9be03c9d3ae2ee214087253d9e634bf019c46739087e086f7c104679bd98360
fc8fe559f54194bba20a2d6a784877b7b6055defb0c39285f1ae7e92ec3c2f4a