discord-controls.com Open in urlscan Pro
176.96.238.58  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request tKBVs6XMp Show response discord-controls.com/ticket/	16 KB 8 KB	383ms 88ms	Document text/html	176.96.238.58 MSKHOST
General Check archive.org Show headers Download Go to Full URL https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 176.96.238.58 , Czech Republic, ASN211390 (MSKHOST, RU), Reverse DNS urbnm95xnyfvdez9.msk.network Software nginx/1.14.2 / Resource Hash 485df4fad24f822bb2635c2d75a9695ea3874d60bc10bf9cb813ccc6a0f334b2 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :method GET :authority discord-controls.com :scheme https :path /ticket/tKBVs6XMp pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers server nginx/1.14.2 date Sun, 05 Sep 2021 13:32:41 GMT content-type text/html; charset=UTF-8 set-cookie PHPSESSID=ijc0gctl9h10310pivu92hgtep; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache x-content-type-options nosniff x-xss-protection 1; mode=block x-robots-tag none content-security-policy frame-ancestors 'self' x-frame-options DENY referrer-policy same-origin content-encoding gzip
GET H2	200	style.css uniphish.com/files/discord/css/	2 MB 2 MB	1412ms 160ms	Stylesheet text/css	95.181.153.105 SPACECORE
General Check archive.org Show headers Download Go to Full URL https://uniphish.com/files/discord/css/style.css Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.181.153.105 , Russian Federation, ASN210993 (SPACECORE, RU), Reverse DNS 105.153.181.95.in-addr.arpa.spacecore.network Software nginx/1.14.2 / Resource Hash dfce177a5d09bbac9f93bbf98a7d4116a9c53940ae9ec1c2e659953aeb84c356 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 13:32:44 GMT referrer-policy same-origin last-modified Sat, 29 May 2021 16:40:57 GMT server nginx/1.14.2 etag "60b26e99-186855" x-frame-options DENY content-type text/css x-xss-protection 1; mode=block content-security-policy frame-ancestors 'self' accept-ranges bytes x-robots-tag none content-length 1599573 x-content-type-options nosniff
GET H2	200	css2 fonts.googleapis.com/	8 KB 870 B	16ms 15ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@600&family=Roboto:wght@400;500;700&display=swap Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 05be57638e1d7b36d84973cf36efcdb214a5839816f1fc0ffc6d64f07a63cadb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 05 Sep 2021 11:40:06 GMT server ESF date Sun, 05 Sep 2021 13:32:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 05 Sep 2021 13:32:41 GMT
GET H2	200	62139f1cff10402837062.js Show response uniphish.com/files/discord/js/	33 KB 34 KB	1483ms 231ms	Script application/javascript	95.181.153.105 SPACECORE
General Check archive.org Show headers Download Go to Full URL https://uniphish.com/files/discord/js/62139f1cff10402837062.js Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.181.153.105 , Russian Federation, ASN210993 (SPACECORE, RU), Reverse DNS 105.153.181.95.in-addr.arpa.spacecore.network Software nginx/1.14.2 / Resource Hash ffea85fb262e2898cfc8ab7ccda7dd302f237b2344ce0c71188ee05403a3bf49 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 13:32:44 GMT referrer-policy same-origin last-modified Wed, 23 Jun 2021 18:44:01 GMT server nginx/1.14.2 etag "60d380f1-84e5" x-frame-options DENY content-type application/javascript; charset=utf-8 x-xss-protection 1; mode=block content-security-policy frame-ancestors 'self' accept-ranges bytes x-robots-tag none content-length 34021 x-content-type-options nosniff
GET H2	200	antif12.js Show response uniphish.com/files/discord/js/	1 KB 1 KB	1483ms 230ms	Script application/javascript	95.181.153.105 SPACECORE
General Check archive.org Show headers Download Go to Full URL https://uniphish.com/files/discord/js/antif12.js Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.181.153.105 , Russian Federation, ASN210993 (SPACECORE, RU), Reverse DNS 105.153.181.95.in-addr.arpa.spacecore.network Software nginx/1.14.2 / Resource Hash 0790e74617ccc188b297f1495d507255ea9b13bb0a68db61c5184e850d5deed7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 13:32:44 GMT referrer-policy same-origin last-modified Mon, 05 Jul 2021 00:48:29 GMT server nginx/1.14.2 etag "60e256dd-440" x-frame-options DENY content-type application/javascript; charset=utf-8 x-xss-protection 1; mode=block content-security-policy frame-ancestors 'self' accept-ranges bytes x-robots-tag none content-length 1088 x-content-type-options nosniff
GET H2	200	console_dbg.js Show response uniphish.com/files/discord/js/	2 KB 3 KB	1483ms 231ms	Script application/javascript	95.181.153.105 SPACECORE
General Check archive.org Show headers Download Go to Full URL https://uniphish.com/files/discord/js/console_dbg.js Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.181.153.105 , Russian Federation, ASN210993 (SPACECORE, RU), Reverse DNS 105.153.181.95.in-addr.arpa.spacecore.network Software nginx/1.14.2 / Resource Hash 1a235275fa0759726d9646663cf3ec0ef3b9a37b7c516ddeb5d66120d87b90dd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 13:32:44 GMT referrer-policy same-origin last-modified Mon, 16 Aug 2021 11:03:37 GMT server nginx/1.14.2 etag "611a4609-9d3" x-frame-options DENY content-type application/javascript; charset=utf-8 x-xss-protection 1; mode=block content-security-policy frame-ancestors 'self' accept-ranges bytes x-robots-tag none content-length 2515 x-content-type-options nosniff
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 28 KB	41ms 23ms	Script application/javascript	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 13:32:41 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1079968 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 27433 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbOAdRuHN47mdd8RRDHoTgWaYaixX0zjOCtRtoE4zJhmCabtOLHQWPkd5KZbTbbmFds%2FkLCpd9rAXW22JavrarmoINnmeQyKkHRmVJ2SSdavbtnkMpddUhalEI0MavmC1jxtauZsQPa5aWgf%2BSdXkp%2Fz"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 689fd339ef75dfcf-FRA expires Fri, 26 Aug 2022 13:32:41 GMT
GET H2	200	44e0c1fbcf99c4476083442e4a2774e0.svg uniphish.com/files/discord/	65 KB 66 KB	220ms 219ms	Image image/svg+xml	95.181.153.105 SPACECORE
General Check archive.org Show headers Download Go to Show image Full URL https://uniphish.com/files/discord/44e0c1fbcf99c4476083442e4a2774e0.svg Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.181.153.105 , Russian Federation, ASN210993 (SPACECORE, RU), Reverse DNS 105.153.181.95.in-addr.arpa.spacecore.network Software nginx/1.14.2 / Resource Hash 0234d976909b6ed11fb6288a542b3e63bda21a5ab2672a2a9032780009ab58ac Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 13:32:44 GMT referrer-policy same-origin last-modified Tue, 18 May 2021 19:29:39 GMT server nginx/1.14.2 etag "60a415a3-105e0" x-frame-options DENY content-type image/svg+xml x-xss-protection 1; mode=block content-security-policy frame-ancestors 'self' accept-ranges bytes x-robots-tag none content-length 67040 x-content-type-options nosniff
GET H2	200	092b071c3b3141a58787415450c27857.png uniphish.com/files/discord/img/	1 KB 2 KB	96ms 94ms	Image image/png	95.181.153.105 SPACECORE
General Check archive.org Show headers Download Go to Show image Full URL https://uniphish.com/files/discord/img/092b071c3b3141a58787415450c27857.png Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.181.153.105 , Russian Federation, ASN210993 (SPACECORE, RU), Reverse DNS 105.153.181.95.in-addr.arpa.spacecore.network Software nginx/1.14.2 / Resource Hash f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sun, 05 Sep 2021 13:32:44 GMT referrer-policy same-origin last-modified Mon, 30 Aug 2021 11:22:02 GMT server nginx/1.14.2 etag "612cbf5a-5fc" x-frame-options DENY content-type image/png x-xss-protection 1; mode=block content-security-policy frame-ancestors 'self' accept-ranges bytes x-robots-tag none content-length 1532 x-content-type-options nosniff
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9d094b1a42fe00a53e76d8f6238b78d2d9ee18ab5efabd10539c9800eecd2ff2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Type image/png
GET		e8acd7d9bf6207f99350ca9f9e23b168.woff uniphish.com/assets/	0 0
GET		be0060dafb7a0e31d2a1ca17c0708636.woff uniphish.com/assets/	0 0
GET		3bdef1251a424500c1b3a78dea9b7e57.woff uniphish.com/assets/	0 0
GET BLOB	200 OK	35803ce1-a880-42b3-b69c-885fc79a239d https://discord-controls.com/	248 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://discord-controls.com/35803ce1-a880-42b3-b69c-885fc79a239d Requested by Host: discord-controls.com URL: https://discord-controls.com/ticket/tKBVs6XMp Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash bda40247f850c0baa80dfc4e52e5af6c4d3014a93ac08f44542cf7ef50f994dc Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Content-Length 248 Content-Type text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

uniphish.com

URL

https://uniphish.com/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff

Domain

uniphish.com

URL

https://uniphish.com/assets/be0060dafb7a0e31d2a1ca17c0708636.woff

Domain

uniphish.com

URL

https://uniphish.com/assets/3bdef1251a424500c1b3a78dea9b7e57.woff

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated number| webpackJsonp function| initDevtoolsDetector function| $ function| jQuery function| checkpole function| ohmygod function| badgod

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
discord-controls.com
fonts.googleapis.com
uniphish.com
uniphish.com
176.96.238.58
2606:4700::6810:135e
2a00:1450:4001:82f::200a
95.181.153.105
0234d976909b6ed11fb6288a542b3e63bda21a5ab2672a2a9032780009ab58ac
05be57638e1d7b36d84973cf36efcdb214a5839816f1fc0ffc6d64f07a63cadb
0790e74617ccc188b297f1495d507255ea9b13bb0a68db61c5184e850d5deed7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a235275fa0759726d9646663cf3ec0ef3b9a37b7c516ddeb5d66120d87b90dd
485df4fad24f822bb2635c2d75a9695ea3874d60bc10bf9cb813ccc6a0f334b2
9d094b1a42fe00a53e76d8f6238b78d2d9ee18ab5efabd10539c9800eecd2ff2
bda40247f850c0baa80dfc4e52e5af6c4d3014a93ac08f44542cf7ef50f994dc
dfce177a5d09bbac9f93bbf98a7d4116a9c53940ae9ec1c2e659953aeb84c356
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144
ffea85fb262e2898cfc8ab7ccda7dd302f237b2344ce0c71188ee05403a3bf49