urlscan.io logo urlscan.io
SecurityTrails logo

lookup.guild-shield.xyz Open in urlscan Pro
2606:4700:3037::6815:3614  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3N...
Submission: On April 05 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::6815:3614, located in United States and belongs to CLOUDFLARENET, US. The main domain is lookup.guild-shield.xyz.
TLS certificate: Issued by GTS CA 1P5 on April 4th 2024. Valid for: 3 months.
This is the only time lookup.guild-shield.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discord (Instant Messenger)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 13 172.67.222.131 13335 (CLOUDFLAR...)
3 104.18.124.91 13335 (CLOUDFLAR...)
16 3
Apex Domain
Subdomains		 Transfer
14 guild-shield.xyz
lookup.guild-shield.xyz
751 KB
3 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 5426
newassets.hcaptcha.com — Cisco Umbrella Rank: 7014
107 KB
16 2
Domain Requested by
14 lookup.guild-shield.xyz 1 redirects lookup.guild-shield.xyz
2 newassets.hcaptcha.com hcaptcha.com
1 hcaptcha.com lookup.guild-shield.xyz
16 3

This site contains no links.

Subject Issuer Validity Valid
guild-shield.xyz
GTS CA 1P5		 2024-04-04 -
2024-07-03		 3 months crt.sh
hcaptcha.com
E1		 2024-03-15 -
2024-06-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Frame ID: 9778450C6D1E5C70162A5230D4DB6688
Requests: 12 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Frame ID: 0CE949A25D32AC1278CBF0DD86A2A0A0
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Frame ID: 324ED52931A8CDF8340ED7677A83745B
Requests: 1 HTTP requests in this frame

Frame: https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 891F12BF209931ED8B58D78511630692
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Discord

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

16
Requests

94 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

858 kB
Transfer

3786 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lookup.guild-shield.xyz/ 		150 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:3614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fa7d6a8252d1dd97566a884be79b8383f306f84aaa453314fdff453fe571eed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86f9c4014f0b5d6d-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 13:08:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sx1Efc93JSo4SasvF9HsVsoPXIfp%2B5F9CefOEx6L2A%2BTHObSF6JSW84Ctsn1QUErSmyV4c%2BLl4lSL3G2vIetm3LZzs4Oz52Rb7C5UJVabF%2FhA5qhVCcjenBtv6SsfdtbbLkrT8GUX0XEEFaHuCSown%2F3y48W%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.45d4d70d2e41bc34b882.css
lookup.guild-shield.xyz/static/assets/ 		2 MB
441 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021cb1900795154820b9ab23f5621933558e336da5660f1928edab740547862f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:11:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1703301066.0-2527732-4028375056"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7aJ3bvU79LlCHs1gMp9P%2FEdHN1Bz%2B3Nnqm491w3N3L2aBc3aPK5guEDnXawEQ7obZzqOmTya4VKwyaQ0RiNtqCDnHwXqCgfVuDNf4yRdS%2B%2B6qfwBaJG2RABqUP7LXzDp4IIkYUdz47tPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=app.45d4d70d2e41bc34b882.css
cf-ray
86f9c402fa3ad6f2-CDG
alt-svc
h3=":443"; ma=86400
shared.f01e9143e31c19a68a8e.css
lookup.guild-shield.xyz/static/assets/ 		564 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/shared.f01e9143e31c19a68a8e.css
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e15eab63d3de0c80c50155e9eb6f78d5b0d1fb4236e0f1cd0a2d71ef6d37083

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:11:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1703301088.0-577592-1517756746"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qk7kTBbPBXgyik2aL2iMq6EXcqNZ1mf7LkRrHP%2BFC%2BqsCKP4g%2BTfjN4UZ2LenklqUgow1ltxaEJh0X%2Br%2FuSW%2B%2FDCfyJ2IhOpo%2BGUVKK93yK7YmnvnKoqTCRNVupg8S2dU7EL7I1SESpNqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=shared.f01e9143e31c19a68a8e.css
cf-ray
86f9c402fa3cd6f2-CDG
alt-svc
h3=":443"; ma=86400
api.js
hcaptcha.com/1/ 		378 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.124.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
server
cloudflare
age
0
etag
W/"5a68efa2b964d5c167fde3b130af8e94"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
cross-origin-resource-policy
cross-origin
cf-ray
86f9c403684d3506-WAW
alt-svc
h3=":443"; ma=86400
expires
Fri, 19 Apr 2024 01:29:52 GMT
adf75861421c2a6a6269.png
lookup.guild-shield.xyz/static/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lookup.guild-shield.xyz/static/assets/adf75861421c2a6a6269.png
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:14:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301240.0-1532-1784946290"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRP8mg3qzTxrjwQzPlsvFbEpMHJ708xwqI4zgK%2F7tMDyAaGxto5LSr%2FZhvpuV42wLFERiEJ%2FPZTekiJsCxD20jcejVDSSedJTVsraS4vPUXoNccsKEuNoljPzsn3hORrW%2B6AAs1BnQxQ6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
content-disposition
inline; filename=adf75861421c2a6a6269.png
accept-ranges
bytes
cf-ray
86f9c404dca6d6f2-CDG
alt-svc
h3=":443"; ma=86400
content-length
1532
863db41a48a43395cd55.svg
lookup.guild-shield.xyz/static/assets/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lookup.guild-shield.xyz/static/assets/863db41a48a43395cd55.svg
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a1168fc0e0e1f524d0e232aee8ee78c4272f0d201389b8e504ed84c699e1ac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:12:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1703301146.0-5367-1741102719"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dO%2BDIDRUtBT8CIMYVtZNVsultG9t9GPxOePJz0AlcArF4RLPzrqJgs7PMLLVn8wqgF7bRUYNmuHb2zdKFYI8V8iw2JMihJtZYes4eTu93dH71iz%2FIhMtNx4Y5PjFp2KOotTBUqVXPDgBLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=863db41a48a43395cd55.svg
cf-ray
86f9c404dca8d6f2-CDG
alt-svc
h3=":443"; ma=86400
script.js
lookup.guild-shield.xyz/static/js/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/js/script.js
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd95935d1002c5758ac55e6f6e71476ec159316f8b450fba4d49df440994dee2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/?from===QP9ElZpVFROlXUE5kMZpWTzsGRPRTRE9UNNR1TzkUaPlWUXN1a4dVYxQWbJNXSD10dZRUT4VEVPdXUE1kMBRVT3NGVPVzaqlkNJNkWKJlbixGbHJmaKlXZ
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 04 Apr 2024 06:41:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1712212893.9914427-34225-1501764024"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czFKOecgAPUs6YkQuJL8pq9aX3t4w7WIwZA%2BOekxau2Q0%2BnJRt%2FMwzd4R1IINPXZjAw1wtyYdWUBwhyp7YI6ItPPxdkmAPM0%2FL6qdDAHEdKboNayW%2Bs%2B0YwbqnDdMCZbDsX5O6hik1ADDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
content-disposition
inline; filename=script.js
cf-ray
86f9c404dcafd6f2-CDG
alt-svc
h3=":443"; ma=86400
b9811218b3a54ad59fb2.woff2
lookup.guild-shield.xyz/static/assets/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/b9811218b3a54ad59fb2.woff2
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Origin
https://lookup.guild-shield.xyz
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:15:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301332.0-38156-2782797628"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FEATAn5CbOfH3Hqm8%2FupeWVCq0lIzmdXIcmOQ2bh%2BLF9hIESsG8j4wHglVLy%2FtnRhOMUtG%2Fs4G7IkXwpuXV%2F%2B2Bz3IC2VTY%2BTHIDQgZp2NKux0o3yPyrfIALxyjVH0dk%2BpIOjI%2BszGceeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
content-disposition
inline; filename=b9811218b3a54ad59fb2.woff2
accept-ranges
bytes
cf-ray
86f9c4070f23d6f2-CDG
alt-svc
h3=":443"; ma=86400
content-length
38156
20ac37ed2576dd48d7dc.woff2
lookup.guild-shield.xyz/static/assets/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/20ac37ed2576dd48d7dc.woff2
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Origin
https://lookup.guild-shield.xyz
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:17:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301450.0-39764-2896371619"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IA3OxpgSfA8fOxHFJgs7b5MShRqD0n9oaw7ja%2FfuZq4GiSBEgBMXhEVing47JGweYimXDCdWnnlwphGR8BdIRhW6vHDXNLGqJIKZGoly0Fywqu5GGnJcDg%2Fzd8PvcN%2FnzvPECv0xoZ4xlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
content-disposition
inline; filename=20ac37ed2576dd48d7dc.woff2
accept-ranges
bytes
cf-ray
86f9c4071f29d6f2-CDG
alt-svc
h3=":443"; ma=86400
content-length
39764
3f46bbecb4287c0a829f.woff2
lookup.guild-shield.xyz/static/assets/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/3f46bbecb4287c0a829f.woff2
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Origin
https://lookup.guild-shield.xyz
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:17:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301478.0-39724-2957189027"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZ8%2FGztZvpjmsR1KlRDMFSkErV%2FoRbFUkukgTd0bHWSg7VECCyKprNais1eGmxH1ceHg3TEukUu4J6uocsUjB7qYFwGNL6Pp9Om2836Q9KMa6jjuHfciJS30NxRH5aJNYsA2e%2Br0hOnGPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
content-disposition
inline; filename=3f46bbecb4287c0a829f.woff2
accept-ranges
bytes
cf-ray
86f9c4071f2bd6f2-CDG
alt-svc
h3=":443"; ma=86400
content-length
39724
f84e3e81b8d0718cd917.woff2
lookup.guild-shield.xyz/static/assets/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/f84e3e81b8d0718cd917.woff2
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/static/assets/app.45d4d70d2e41bc34b882.css
Origin
https://lookup.guild-shield.xyz
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:18:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1703301488.0-39424-2876055374"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raHxGrhUxr22u3iZLg%2FpcIaV%2F58IBP5aF8TIVz8EjKL9BWiaWJVYfirDeN2g%2Bs83vN6Z4p2taScjK5yV3DsNVqUToYSOcwmlQXyywXnOJ04q7wEMgE7ZBJn6Lo306A55tHrlb12AKgMFAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
content-disposition
inline; filename=f84e3e81b8d0718cd917.woff2
accept-ranges
bytes
cf-ray
86f9c4071f2dd6f2-CDG
alt-svc
h3=":443"; ma=86400
content-length
39424
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/b1c589a/static/ Frame 0CE9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.124.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lookup.guild-shield.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
86f9c408290135c2-WAW
content-encoding
br
content-type
text/html
date
Fri, 05 Apr 2024 13:08:14 GMT
expires
Fri, 19 Apr 2024 13:08:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/b1c589a/static/ Frame 324E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.124.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lookup.guild-shield.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=1209600
cf-cache-status
HIT
cf-ray
86f9c40828f735c2-WAW
content-encoding
br
content-type
text/html
date
Fri, 05 Apr 2024 13:08:14 GMT
expires
Fri, 19 Apr 2024 13:08:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-content-type-options
nosniff
main.js
lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 891F
Redirect Chain
  • https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/
Protocol
H3
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
574ae139393b60fc306257ef8902198073c50ad3f5e52d4efd8fb1b84f7649c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7aca3I53P1J1F24HFiRLsCRrVWLs47c%2BMIrdMXuk0wInKOPUJYC8AIj2%2BFlr4iU5SliwEEqsv5zEbYUxwAMk6WmrG11Uxng%2Fuoi4Tcv%2FZCd42t7whj9WYrjmbnnOn4xTRY76V9AhaGCn3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86f9c408285ad6f2-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 05 Apr 2024 13:08:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MAxuFzZ7egiht9StYEbXisiom7jQygvFsggIM5osg7VkHbUN9wvf9gbsX%2FlgBqQ9D24lDbveg9dmFfAI%2FsrnWfZSr2%2FFruOI3w9ed3lJ%2B3keUP9Kxf3dLB9UAQyT1ATFb%2BluhAA9f0iStQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
86f9c407dfe7d6f2-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
86f9c4014f0b5d6d
lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 891F 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/86f9c4014f0b5d6d
Requested by
Host: lookup.guild-shield.xyz
URL: https://lookup.guild-shield.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Apr 2024 13:08:14 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xs8xMCUF1VH0eH6e4mQkv4hqEP5klp4myAdX2DhtxKQedzEcQmxoAvNg%2B0vPwOGOlwUeWqO0e4x5zJdW%2B%2BiwYVdLOYL4iLXtXTqGBA1J5WfHp11gn%2BQyiXd2jDx93qAR2Vj2wTYBg40EcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86f9c4090942d6f2-CDG
alt-svc
h3=":443"; ma=86400
favicon.ico
lookup.guild-shield.xyz/static/assets/images/ 		24 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lookup.guild-shield.xyz/static/assets/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.222.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://lookup.guild-shield.xyz/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:08:15 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 23 Dec 2023 03:18:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1703301522.0-24565-3433569986"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaCDJdcsALSjYDjr5bUphbAPMrSyUzS5kcv0nB7nzqU4abQTCU9Nct7ce%2FapvpKWeK0BM%2F1rdNWxvZ%2FbzB6HhQifpr2f4LoTRuB%2FMfOp7RNU7WYZDUnsQIl3STNL6Pm67v%2F6DjmqEoWrQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
content-disposition
inline; filename=favicon.ico
cf-ray
86f9c40a5a93d6f2-CDG
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| Raven object| hcaptcha function| _0x539f string| ref undefined| a2fTicket function| login function| a2fSubmit function| onSuccess function| reset function| openA2f function| closeA2f function| _0x4816 function| startLoading function| stopLoading function| openModal function| closeModal object| grecaptcha

2 Cookies

Domain/Path Name / Value
.guild-shield.xyz/ Name: cf_clearance
Value: 2iw6HaS.ftHPrEHjmOHbUlWGidyLIWaUwefLytBqkDw-1712322494-1.0.1.1-hDxsGCBaVWo_AJ21PUqIYmAb.LByEEKlezEVwcfC4FSQAcRk8WTKnmriL_pVE1Rhn9r0YXsX6N1XKneSz9ateA
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRCwNmwW3nwvkV

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://lookup.guild-shield.xyz/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://lookup.guild-shield.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.