info.discorevenge.xyz
Open in
urlscan Pro
23.21.234.173
Public Scan
URL:
https://info.discorevenge.xyz/
Submission Tags: phishingrod
Submission: On June 23 via api from DE — Scanned from DE
Submission Tags: phishingrod
Submission: On June 23 via api from DE — Scanned from DE
Summary
This website contacted 4 IPs
in 2 countries
across 3 domains to perform 4 HTTP transactions.
The main IP is 23.21.234.173, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is info.discorevenge.xyz.
TLS certificate: Issued by ip-172-31-86-210.ec2.internal on March 31st 2021. Valid for: 10 years.
This is the only time info.discorevenge.xyz was scanned on urlscan.io!
TLS certificate: Issued by ip-172-31-86-210.ec2.internal on March 31st 2021. Valid for: 10 years.
This is the only time info.discorevenge.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 | 23.21.234.173 23.21.234.173 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:827::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 4 |
2
23.21.234.173
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-234-173.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-234-173.compute-1.amazonaws.com
| info.discorevenge.xyz |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 2 |
discorevenge.xyz
info.discorevenge.xyz |
65 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
38 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 80 |
1 KB |
| 4 | 3 |
| Domain | Requested by | |
|---|---|---|
| 2 | info.discorevenge.xyz |
info.discorevenge.xyz
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
info.discorevenge.xyz
|
| 4 | 3 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| domain.ext |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| ip-172-31-86-210.ec2.internal ip-172-31-86-210.ec2.internal |
2021-03-31 - 2031-03-29 |
10 years | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-05-29 - 2023-08-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://info.discorevenge.xyz/
Frame ID: 3913FF53B17F9A8288473C75F0385A1C
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Disco Revenge InfoDetected technologies
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://domain.ext/path
Title: Twitter
Title: Twitter
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
info.discorevenge.xyz/ |
36 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
image01.jpg
info.discorevenge.xyz/assets/images/ |
55 KB 55 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
275 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ |
37 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| _scrollToTop0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
info.discorevenge.xyz
23.21.234.173
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
7e3dd64cf782befdeaacc3442c2fe6881a19dd1bccdf4f967ceac30a8dd3a315
b863e5c64aaf2b263ae31859e983ad39f22d0bbc7cd241b814ff94e6c38da7d5
d3b1ac6002c6c94af05cd38aa25c8c2675aa689ce8149b170e975e105c5f938d
e18e015045358341b5f18190d71c144a7bcf228d54bb67443e63222a567de19c