52-90-145-42.ipv4.nknlabs.io
Open in
urlscan Pro
52.90.145.42
Malicious Activity!
Public Scan
Submission Tags: nerfmoknah
Submission: On April 16 via api from NL — Scanned from NL
Summary
This is the only time 52-90-145-42.ipv4.nknlabs.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Discord (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 52.90.145.42 52.90.145.42 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
22 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-90-145-42.compute-1.amazonaws.com
52-90-145-42.ipv4.nknlabs.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
nknlabs.io
52-90-145-42.ipv4.nknlabs.io |
9 MB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 |
988 B |
22 | 2 |
Domain | Requested by | |
---|---|---|
21 | 52-90-145-42.ipv4.nknlabs.io |
52-90-145-42.ipv4.nknlabs.io
|
1 | fonts.googleapis.com |
52-90-145-42.ipv4.nknlabs.io
|
22 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
discord.com |
support.discord.com |
twitter.com |
www.instagram.com |
www.facebook.com |
www.youtube.com |
discordstatus.com |
feedback.discord.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2022-03-28 - 2022-06-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://52-90-145-42.ipv4.nknlabs.io/
Frame ID: F366D356BCDCB1164DFB0B65F4444C1B
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Moderator Academy ExamDetected technologies
React (JavaScript Frameworks) ExpandDetected patterns
- <[^>]+data-react
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
Page Statistics
10 Outgoing links
These are links going to different origins than the main page.
Title: Entrar
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Status
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Feedback
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
52-90-145-42.ipv4.nknlabs.io/ |
54 KB 54 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.fd715bb4c90d19661ecd.css
52-90-145-42.ipv4.nknlabs.io/assets/ |
255 KB 255 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otSDKStub.html
52-90-145-42.ipv4.nknlabs.io/assets/oneTrust/v2/scripttemplates/ |
299 B 608 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
api.html
52-90-145-42.ipv4.nknlabs.io/cdn-cgi/bm/cv/669835187/ |
299 B 607 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a6193089fb762c7874fffcc9e61fa91e.svg
52-90-145-42.ipv4.nknlabs.io/assets/ |
36 KB 36 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
779a770c34fcb823a598a7277301adaf.svg
52-90-145-42.ipv4.nknlabs.io/assets/ |
179 B 490 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1158b5aabb909516cc92.js
52-90-145-42.ipv4.nknlabs.io/assets/ |
8 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eab51d4c3cdee20a43e5.js
52-90-145-42.ipv4.nknlabs.io/assets/ |
62 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
654e9e800f382e7f2622.js
52-90-145-42.ipv4.nknlabs.io/assets/ |
9 MB 9 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 988 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm5445.html
52-90-145-42.ipv4.nknlabs.io/www.googletagmanager.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fbevents.js
52-90-145-42.ipv4.nknlabs.io/connect.facebook.net/en_US/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
be0060dafb7a0e31d2a1ca17c0708636.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 607 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3bdef1251a424500c1b3a78dea9b7e57.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 608 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e8acd7d9bf6207f99350ca9f9e23b168.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 608 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ae7c84783ad48b6d1c8e2bfbe707e0d4.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 608 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1cce82154216dc3cb04a84d011ce1201.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 607 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
e215f61cbbc2e49cea6121e0d2679aa2.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 607 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
92e32db984c8577d8b81548b43b9c061.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 607 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
746a4f241e03deffc59b08c5650cf458.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 607 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
88055567e3d928bcb1e67e967081572e.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 607 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8e12fb4f14d9c4592eb8ec9f22337b04.html
52-90-145-42.ipv4.nknlabs.io/assets/ |
299 B 607 B |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Discord (Instant Messenger)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored object| dataLayer function| fbq function| _fbq object| __LOADABLE_LOADED_CHUNKS__ object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
22 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
52-90-145-42.ipv4.nknlabs.io
fonts.googleapis.com
2a00:1450:4001:811::200a
52.90.145.42
09e8915452402bab391a71efe6a5cf955403caeaef0a673c65b84511b6d93840
34141e9a95e611f7ba839276d4fbcf27228af1a3a903c2724098fab7df60d447
472580df0fe70ff63b5ea69ef222a5dcbadfe84bc863817593fccb086696bc55
5d4fd63067f6aea29beae6f790d8c942b3b330f5aa40f6fdc471de1d87fc67df
7aa50681c56cdcf980c72ea951005d8abf2d962ab9b180950436a426aa9225a7
83804d5ab9a3a557db6ebf23efe6fdee2b536f19383f4d2d3c4abf3b63ebf223
9b895456804f07e7fce5906edccf55e6df896e6a7dae05192b04661bf453c1c2
d35ae468c649895c5d202fef7df7b136002f993d4816b47e49653d7c1764f949
e5d5284e778466ff3cec71bf016f248e81047facf07748ff844ef0d831b98bff