urlscan.io logo urlscan.io
SecurityTrails logo

discord-img.easygpt.work Open in urlscan Pro
2606:4700:3035::ac43:9efb  Public Scan

Go To Rescan Add Verdict Report
URL: https://discord-img.easygpt.work/
Submission Tags: phishingrod
Submission: On August 12 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3035::ac43:9efb, located in United States and belongs to CLOUDFLARENET, US. The main domain is discord-img.easygpt.work.
TLS certificate: Issued by E6 on August 11th 2024. Valid for: 3 months.
This is the only time discord-img.easygpt.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2
Apex Domain
Subdomains		 Transfer
4 easygpt.work
discord-img.easygpt.work
12 KB
1 cloudflare.com
www.cloudflare.com — Cisco Umbrella Rank: 6627
3 KB
4 2
Domain Requested by
4 discord-img.easygpt.work 1 redirects discord-img.easygpt.work
1 www.cloudflare.com
4 2

This site contains links to these domains. Also see Links.

Domain
developers.cloudflare.com
Subject Issuer Validity Valid
discord-img.easygpt.work
E6		 2024-08-11 -
2024-11-09		 3 months crt.sh
www.cloudflare.com
E6		 2024-08-01 -
2024-10-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://discord-img.easygpt.work/
Frame ID: CD36C2F098912B36C67A25CF6E54B1B6
Requests: 2 HTTP requests in this frame

Frame: https://discord-img.easygpt.work/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: 671D614922AB17D9B8BD585C4C94D095
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not Found

Page Statistics

4
Requests

75 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

15 kB
Transfer

38 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://discord-img.easygpt.work/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://discord-img.easygpt.work/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
discord-img.easygpt.work/ 		27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://discord-img.easygpt.work/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b357dbf063639d14c0a61e5b35ba420736fd2e0d262b9d0b73e44a6315bf504b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b1ddf4d9e349b9b-FRA
content-encoding
br
content-type
text/html
date
Mon, 12 Aug 2024 04:55:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5mBl0lxaPwarXsM54EDWO7YxACF2Cyt7zDlYuQEq18MERoNkIixjWYzbohHeAyE%2FX4%2FFRVWvQ1ypPqPDBe1U58U%2FqhsExCuxtPqYwXVO8%2Bfo0KYIZ7qcOo4HSuwnDCW3WT3tmmX5I62aFk1pqyVGpiS1AhkjjwE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.js
discord-img.easygpt.work/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/ Frame 671D
Redirect Chain
  • https://discord-img.easygpt.work/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://discord-img.easygpt.work/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discord-img.easygpt.work/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
Protocol
H2
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45ec773f7c940459ec70f7c4023d06c1563a8a41ae97843e8b7505dc9f03743
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 04:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=onEf%2Fd7UC6CskZ8RIXKpNOiLe305hPjP1kuQE3ujGBgdeWEP1DR%2BteCtP9cgpzhUGvjEaCq%2F3qkf5TekNwJiMWOpP7zRgc9qeMaBFVATH9PxRuWYlFpTWV%2F%2FBHCDY1AJ5%2FD5y%2Fpu%2FOLrcD1hFQvlo0hDlMR0UmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8b1ddf53bb3a9b9b-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 12 Aug 2024 04:55:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfAG0v2i%2BjTBw4adZbXodnFv9ZhCaYv7bQkdrafV4A6ucvtpypi672w%2FICirgbtlOALtPeg6kTwYGLAMHy6MA%2BiMmFqI2RMYJ%2BbGAC04zgPurKR1z9tmykY6gj4qeGHrVhAfGbXrN4lFjNxj6AkjAXzQYu3XL4s%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8b1ddf534ae49b9b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
www.cloudflare.com/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:7c60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f84307ad691800e391fccb42b4ba290a87febf001abedfbe03b34767d45e441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://discord-img.easygpt.work/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-gww-loc
EN-US
date
Mon, 12 Aug 2024 04:55:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ffb25f3edc5c56acfdf7e7cdffcb217c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aAyVsMt3tYjmj4ZeQPqnIXwrb3bMobEd9zJrnGjXo%2F80aGOdMeeJb4XqRSn%2B2XdTCyMEonqKnj4g6fcILdNBmkLqayVWevpJRrwiLVcojNwrfQpmm5BkAEjY4Y%2FHIU%2FFAcjufrBhRP1vouMs7DW5Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
permissions-policy
geolocation=(), camera=(), microphone=()
cf-ray
8b1ddf53dd225d7e-FRA
x-pgs-loc
EN-US
8b1ddf4d9e349b9b
discord-img.easygpt.work/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 671D 		0
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://discord-img.easygpt.work/cdn-cgi/challenge-platform/h/g/jsd/r/8b1ddf4d9e349b9b
Requested by
Host: discord-img.easygpt.work
URL: https://discord-img.easygpt.work/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 12 Aug 2024 04:55:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KR%2B9V0mpFoAj3roKj783zOlbTlkCyutAP4NNIAZsN7BHIX9U%2F6m4YRlLrvUEzOjquU%2B0gAWZ49fQfzliGUGBlfpuqC0G8sufH9o%2F%2BjQbBv%2FQ8joZeQZruvtkM0XMV6kaTwXPZPPFA6FemKQOl1IVrERE%2BesP%2BWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8b1ddf545bf99b9b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Domain/Path Name / Value
.www.cloudflare.com/ Name: __cf_bm
Value: PAI8K1NcvOVXZzpsxfXWZ8E6ZH69SR4nUhfPIBz92nk-1723438518-1.0.1.1-7lX0ynmAvcDJ.HvgHhEbz7xOap7H_5I7c75vWyb9Q3h18n9FzHle2v820uodm2Bf7GdkKiZIJceEDhW0iTL1r8JU9RTfj9qnOT6KklqC_n4
.easygpt.work/ Name: cf_clearance
Value: YDnV4vN3rZvYFJk8aUSOUtlTflNwz2XOkB1t8OupjkI-1723438518-1.0.1.1-ee1VGQbyaNMnto_jcWNP4rX9DglAZyW2inrFzHt_WWPfF6eXWjU96XhG3jpJBOd.fFT0RbbrDWZoKrZNSkB8QA

1 Console Messages

Source Level URL
Text
network error URL: https://discord-img.easygpt.work/
Message:
Failed to load resource: the server responded with a status of 404 ()