dynocheck.info - urlscan.io

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dynocheck.info.

This is the only time dynocheck.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discord (Instant Messenger)

Domain & IP information

	IP Address		AS Autonomous System
6	2a06:98c1:312... 2a06:98c1:3121::3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	1

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dynocheck.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	dynocheck.info dynocheck.info	450 KB
6	1

	Domain	Requested by
6	dynocheck.info	dynocheck.info
6	1

This site contains links to these domains. Also see Links.

Domain
discord.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://dynocheck.info/
Frame ID: 161E2D2881355378BA96463F3FBC93A2
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discord

Page Statistics

6
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

450 kB
Transfer

2121 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.com/Discord.ejs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response dynocheck.info/	76 KB 20 KB	171ms 139ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://dynocheck.info/ Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `eea927cf29615451a5a28f240c5ea5dbef7e6c6cfff568286c5fa892d686b7b5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 773fd2fd2c3592c5-FRA Cache-Control public, max-age=0 Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 03 Dec 2022 22:43:57 GMT Last-Modified Tue, 11 Oct 2022 16:34:31 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi%2BCBFmVbz4vC9dcMO1gm1Y77AYwmnhqxqKoiyaB36GAeYRgXfPBv%2FaDz7EZwtVKrAtV34bQ6QCF7o283mvJGwAu7Tgo5iIZM1Id5QcQauARMLjWP4ODHLAz7aNR075L0BPFbACB36OVZ0v6AA%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked X-Powered-By Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	get dynocheck.info/	2 MB 296 KB	161ms 140ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://dynocheck.info/get?css=discord Requested by Host: dynocheck.info URL: http://dynocheck.info/ Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `c01a7e0677cde8974f43428fdced85eac1998d97003c692279667f2649de33a5` Request headers accept-language nl-NL,nl;q=0.9 Referer http://dynocheck.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Sat, 03 Dec 2022 22:43:57 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC Last-Modified Thu, 03 Nov 2022 10:21:40 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare X-Powered-By Express ETag W/"1c2467-1843d02bca8" Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atC7qRekHn55DbQc2frpoEbBY7g8yqSOLEsJRFsamfpZHPWKA6l8deXSyFht3PaceHasOF4eJbqOuzmepcPWQOKLUWBhdzfSx3K0984LaREgnVDf%2BUx6qFN7C3B4Q5OnvxOqsqUI0KvPT6bBig%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive CF-RAY 773fd2fe3d299a2a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	0f4d1ff76624bb45a3fee4189279ee92.svg dynocheck.info/assets/	18 KB 18 KB	172ms 172ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://dynocheck.info/assets/0f4d1ff76624bb45a3fee4189279ee92.svg Requested by Host: dynocheck.info URL: http://dynocheck.info/ Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer http://dynocheck.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Sat, 03 Dec 2022 22:43:57 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Tue, 11 Oct 2022 16:34:31 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare X-Powered-By Express Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ80UXumPD1TM2RIXJP8xkO9ts%2BTcJdBOklgkTfO7msoaFsaopRDFBY5W9%2Bsk5udpXpmbI2WC0xOkoZ0C1dHOMtibqReyl3GlB9G0AN0haruTEohJVwnuKEg9v0P3KiU1zktCikE1Z0aW2ZG%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Cache-Control public, max-age=14400 Connection keep-alive CF-RAY 773fd2fe6de692c5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	22fd790491653d837422d80e3500cf92.svg dynocheck.info/assets/	76 KB 76 KB	180ms 180ms	Image text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://dynocheck.info/assets/22fd790491653d837422d80e3500cf92.svg Requested by Host: dynocheck.info URL: http://dynocheck.info/get?css=discord Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer http://dynocheck.info/get?css=discord User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Sat, 03 Dec 2022 22:43:58 GMT Content-Encoding gzip CF-Cache-Status EXPIRED Last-Modified Tue, 11 Oct 2022 16:34:31 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare X-Powered-By Express Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndsdgrASVIQ2munvRqPlW7lgBTqgMPubr%2BHFPoS2aet37UN5DvAIsUm1auIDVWs7gWbnyUOMQH1TqoGfF3VPpN%2BvJP5I1teaa9agOI2gSdrTPn3w6hQmdLk319cbxha3I08cmtrri%2FAlyDHiag%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Cache-Control public, max-age=14400 Connection keep-alive CF-RAY 773fd301bb6e9a2a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	88055567e3d928bcb1e67e967081572e.woff dynocheck.info/assets/	76 KB 21 KB	183ms 182ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://dynocheck.info/assets/88055567e3d928bcb1e67e967081572e.woff Requested by Host: dynocheck.info URL: http://dynocheck.info/get?css=discord Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `eea927cf29615451a5a28f240c5ea5dbef7e6c6cfff568286c5fa892d686b7b5` Request headers Referer http://dynocheck.info/get?css=discord Origin http://dynocheck.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Sat, 03 Dec 2022 22:43:58 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Tue, 11 Oct 2022 16:34:31 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare X-Powered-By Express Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gosaSQDaEWzR1Us8un2u4iUfYga3Z5JYEUB5QXStLhlDGucISh7fLA8J6Sm0O%2F0l5F0G8OZWxs6ctyWby9zJ7w1DNUu2JmZy3h%2B4oC6rlPwvu6KhOOxV9YoZUhL1Bwf9WtkN7f3lqG1bfEyMYQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Cache-Control public, max-age=14400 Connection keep-alive CF-RAY 773fd301b9f992c5-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	e8acd7d9bf6207f99350ca9f9e23b168.woff dynocheck.info/assets/	76 KB 21 KB	208ms 188ms	Font text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://dynocheck.info/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff Requested by Host: dynocheck.info URL: http://dynocheck.info/get?css=discord Protocol HTTP/1.1 Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `eea927cf29615451a5a28f240c5ea5dbef7e6c6cfff568286c5fa892d686b7b5` Request headers Referer http://dynocheck.info/get?css=discord Origin http://dynocheck.info accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36 Response headers Date Sat, 03 Dec 2022 22:43:58 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Tue, 11 Oct 2022 16:34:31 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare X-Powered-By Express Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uhzozZ6pucTTc2fIo%2FCFVPwpnhUWhlEPnLRm%2BpikvsWQA4lKnpgtn%2FNm7B2Z%2FEjY89OArKWlwav35o4WEfpej%2B3un58RioNI9D87dwUy9DDjRi4tY0TAxRk6lL6T4O0HRcUebba6eCgZ4dgbA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Vary Accept-Encoding Cache-Control public, max-age=14400 Connection keep-alive CF-RAY 773fd301dc13bb77-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://dynocheck.info/ Message: Failed to decode downloaded font: http://dynocheck.info/assets/88055567e3d928bcb1e67e967081572e.woff
other	warning	URL: http://dynocheck.info/ Message: OTS parsing error: invalid sfntVersion: 1008813135
other	warning	URL: http://dynocheck.info/ Message: Failed to decode downloaded font: http://dynocheck.info/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff
other	warning	URL: http://dynocheck.info/ Message: OTS parsing error: invalid sfntVersion: 1008813135

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dynocheck.info
2a06:98c1:3121::3
c01a7e0677cde8974f43428fdced85eac1998d97003c692279667f2649de33a5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea927cf29615451a5a28f240c5ea5dbef7e6c6cfff568286c5fa892d686b7b5

dynocheck.info Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

450 kBTransfer

2121 kBSize

0 Cookies

1 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

dynocheck.info Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

450 kB
Transfer

2121 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!