lookup.guildmember.xyz Open in urlscan Pro
2606:4700:3035::6815:4549  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response lookup.guildmember.xyz/	149 KB 28 KB	434ms 307ms	Document text/html	2606:4700:3035::6815:4549 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4549 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 940af324405292a88daa7b5d57d9a1e8de90304563e7f000ae458a4bd3321a3d Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 875d71480e6c35d8-WAW content-encoding br content-type text/html; charset=utf-8 date Wed, 17 Apr 2024 15:28:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3wJxIYPKMJLn2T5R96Aq2CRuuf6sxMhLiFQivYb1rcOV11McXdiXJQlVlwzvdk7kZAmbyXrxeaE523tBU4%2BuByThjjsEel3OqD6b6WUZGqrfPzrYvkp0Jau8e9GTItyCQB7Jx%2BeLQ76Vxej2tJlYc9D2v2v"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	app.45d4d70d2e41bc34b882.css lookup.guildmember.xyz/static/assets/	2 MB 442 KB	381ms 380ms	Stylesheet text/css	2606:4700:3035::6815:4549 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4549 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 021cb1900795154820b9ab23f5621933558e336da5660f1928edab740547862f Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:01 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:11:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1703301066.0-2527732-4028375056" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FY3SsawayZqqQv9Q2%2BNU%2Bwfk6qxSUyqtpV9bHtXF0DOvDI1mRqJaAkPUEawXiff3KBSvQtXnSskuXkIkabq%2BDDpPmJp5g8pmu3NaX3jEmkqhHMXW05blx8a3ppCuiJfGLiLw1HXl1%2F%2FwEnazKmV1JIQTd56H"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 content-disposition inline; filename=app.45d4d70d2e41bc34b882.css cf-ray 875d7149f9b335d8-WAW alt-svc h3=":443"; ma=86400
GET H2	200	shared.f01e9143e31c19a68a8e.css lookup.guildmember.xyz/static/assets/	564 KB 94 KB	331ms 331ms	Stylesheet text/css	2606:4700:3035::6815:4549 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/static/assets/shared.f01e9143e31c19a68a8e.css Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:4549 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e15eab63d3de0c80c50155e9eb6f78d5b0d1fb4236e0f1cd0a2d71ef6d37083 Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:01 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:11:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1703301088.0-577592-1517756746" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrNfOITSQTdOSpcWPZm02pt1ge7ACjUcqn%2BKVIfBsud%2BNJW%2BxcuNlTVNQauJtlhRyALs0JybiQRhmo1u9bPgDcaTfTvz2q8IWZNlZ20EIEWPQ6jrKPG3rg3S8ZBQGy61kQnR2V18xOrH59k8P51UBuKuRYVw"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 content-disposition inline; filename=shared.f01e9143e31c19a68a8e.css cf-ray 875d7149f9b835d8-WAW alt-svc h3=":443"; ma=86400
GET H3	200	api.js Show response hcaptcha.com/1/	378 KB 107 KB	106ms 53ms	Script application/javascript	104.18.125.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hcaptcha.com/1/api.js Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:01 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br server cloudflare age 0 etag W/"5a68efa2b964d5c167fde3b130af8e94" vary Origin, Accept-Encoding content-type application/javascript cache-control max-age=300 cross-origin-resource-policy cross-origin cf-ray 875d714a58842d75-ARN alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 15:12:04 GMT
GET H3	200	adf75861421c2a6a6269.png lookup.guildmember.xyz/static/assets/	1 KB 2 KB	386ms 385ms	Image image/png	172.67.206.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lookup.guildmember.xyz/static/assets/adf75861421c2a6a6269.png Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144 Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:14:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301240.0-1532-1784946290" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BntlNhFMHC8fYOTqg7ZdIbQIaFl6%2BSF3hosD6%2BUTKXDOTgHWULjtZqNg4Oi3UPgTaIOv%2BZ4b6RslAfIwzNLbjO0VRZ3XKQYDPRff%2BWr7TnexS7qvYoEb%2B0TaYd6k3lSxe5lFvslSTUZe"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 content-disposition inline; filename=adf75861421c2a6a6269.png accept-ranges bytes cf-ray 875d714c7bb95b54-VIE alt-svc h3=":443"; ma=86400 content-length 1532
GET H3	200	863db41a48a43395cd55.svg lookup.guildmember.xyz/static/assets/	5 KB 3 KB	326ms 326ms	Image image/svg+xml	172.67.206.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://lookup.guildmember.xyz/static/assets/863db41a48a43395cd55.svg Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93a1168fc0e0e1f524d0e232aee8ee78c4272f0d201389b8e504ed84c699e1ac Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1703301146.0-5367-1741102719" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S824j3dckDVkferJWMA350iJ%2Fk2Dp0I0bbpOEx5aWslsWWb%2FIvInJDHVu6AjbB%2B8X3FfxcBCkJOtmiyDgq2RlIbS0leJzglQ1k1z4qfErf02N6ENPs48yGz2ot6CW0VqMfVsb%2Blaj%2FE5"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml; charset=utf-8 cache-control max-age=14400 content-disposition inline; filename=863db41a48a43395cd55.svg cf-ray 875d714c7bbc5b54-VIE alt-svc h3=":443"; ma=86400
GET H3	200	script.js Show response lookup.guildmember.xyz/static/js/	33 KB 10 KB	302ms 302ms	Script application/javascript	172.67.206.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/static/js/script.js Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2543eb1ed47c63f1fa8a3b6aff005e5e4ad0a694304fe5e26e6e9c481b19ebc Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/?from===QPw4WS5FERNVTWq50dRR1T0kFRPd3Yq1EMrRUT4lUaPlWUXN1a4dVYxQWbJNXSD1UeVRkT3lEVOBTQE5UMBRUT1cmaNNTWqlkNJNkWKJlbixGbHJmaKlXZ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 17 Apr 2024 03:23:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1713324206.339404-34224-1501764024" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Glhq5UfNopcKSjrtrVYn8jXS6567ip0jTqCDImUT1XjV08saIpd2Gb3V0EdW31WK52Eth0QAc%2Bba2R9F739nSTvMl3xmXC%2BIrJCPFUuHK5xawPcetH3lw8MfyUaIPjRWKBTGcrK3xJy"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 content-disposition inline; filename=script.js cf-ray 875d714c8bf45b54-VIE alt-svc h3=":443"; ma=86400
GET H3	200	b9811218b3a54ad59fb2.woff2 lookup.guildmember.xyz/static/assets/	37 KB 38 KB	362ms 361ms	Font application/octet-stream	172.67.206.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/static/assets/b9811218b3a54ad59fb2.woff2 Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104 Request headers Referer https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Origin https://lookup.guildmember.xyz Accept-Language fi-FI,fi;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:15:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301332.0-38156-2782797628" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AosI3A2TMjyPheIcPiyBIpgOV4SxwxWUb%2FNRQppVQTOvTXA3WeAdBlnx1IUln%2BKDO1ENyerGmLDMKEkWBAh8JZIUIribtX%2FNQpL6gYA%2F2ponoK5rB3hJDuL6ft9K%2Bys4plee1x91%2B7Ce"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 content-disposition inline; filename=b9811218b3a54ad59fb2.woff2 accept-ranges bytes cf-ray 875d714dbe315b54-VIE alt-svc h3=":443"; ma=86400 content-length 38156
GET H3	200	20ac37ed2576dd48d7dc.woff2 lookup.guildmember.xyz/static/assets/	39 KB 39 KB	365ms 365ms	Font application/octet-stream	172.67.206.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/static/assets/20ac37ed2576dd48d7dc.woff2 Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813 Request headers Referer https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Origin https://lookup.guildmember.xyz Accept-Language fi-FI,fi;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:17:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301450.0-39764-2896371619" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rewisXP0TfqdvrIwFFPVTON4RW2k79Br1PXcMQpVMtBWuaX8yQq8A%2FDkHFuOrcnp%2FbeQ5g%2B4ZIdYpWP0QdLNEu0tXUl%2FT4YhoRz5O4yGNS3HVKtjQIGoUD%2BWa7drIXuZQa%2FCVI%2Fb6HLZ"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 content-disposition inline; filename=20ac37ed2576dd48d7dc.woff2 accept-ranges bytes cf-ray 875d714dbe365b54-VIE alt-svc h3=":443"; ma=86400 content-length 39764
GET H3	200	3f46bbecb4287c0a829f.woff2 lookup.guildmember.xyz/static/assets/	39 KB 39 KB	433ms 432ms	Font application/octet-stream	172.67.206.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/static/assets/3f46bbecb4287c0a829f.woff2 Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc Request headers Referer https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Origin https://lookup.guildmember.xyz Accept-Language fi-FI,fi;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:17:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301478.0-39724-2957189027" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbAYrdspE6krBuOLRNS2Z9UGOACqQnRmsr4LUouYvygXYOfKrJF1VPdcaBGZHjhkOCy35EpEsLHM%2F%2Bbfe0%2BtTJ0nG%2BEPFSQZ2gLX0chtpFUfC%2FFsjqEuU75998WzaxH2mIlVqdIiNnLv"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 content-disposition inline; filename=3f46bbecb4287c0a829f.woff2 accept-ranges bytes cf-ray 875d714dbe3b5b54-VIE alt-svc h3=":443"; ma=86400 content-length 39724
GET H3	200	f84e3e81b8d0718cd917.woff2 lookup.guildmember.xyz/static/assets/	39 KB 39 KB	294ms 294ms	Font application/octet-stream	172.67.206.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/static/assets/f84e3e81b8d0718cd917.woff2 Requested by Host: lookup.guildmember.xyz URL: https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b Request headers Referer https://lookup.guildmember.xyz/static/assets/app.45d4d70d2e41bc34b882.css Origin https://lookup.guildmember.xyz Accept-Language fi-FI,fi;q=0.9;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:18:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301488.0-39424-2876055374" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=17vJDJbJNleskmP1653Ipf%2BsROs6gGyLhvumkcI7Fmnd8BZS0AjbHXgAavsBJ9EAJjObaE7lTsJn4VNX7mr8XU7zAWQH66nQ8pxNCOw9oADrGq8kKKcfcG%2Fmry%2FD%2FsfNzZ0Rziy4H8ex"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 content-disposition inline; filename=f84e3e81b8d0718cd917.woff2 accept-ranges bytes cf-ray 875d714dbe415b54-VIE alt-svc h3=":443"; ma=86400 content-length 39424
GET H3	200	hcaptcha.html newassets.hcaptcha.com/captcha/v1/b1c589a/static/ Frame DDA0	0 0	98ms 51ms	Document text/html	104.18.124.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.124.91 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cache-control public, max-age=1209600 cf-cache-status HIT cf-ray 875d714ea9c095fd-ARN content-encoding br content-type text/html date Wed, 17 Apr 2024 15:28:02 GMT expires Wed, 01 May 2024 15:28:02 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Origin, Accept-Encoding x-content-type-options nosniff
GET H3	200	hcaptcha.html newassets.hcaptcha.com/captcha/v1/b1c589a/static/ Frame E100	0 0	98ms 98ms	Document text/html	104.18.124.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/hcaptcha.html Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.124.91 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers alt-svc h3=":443"; ma=86400 cache-control public, max-age=1209600 cf-cache-status HIT cf-ray 875d714ea9c095fd-ARN content-encoding br content-type text/html date Wed, 17 Apr 2024 15:28:02 GMT expires Wed, 01 May 2024 15:28:02 GMT server cloudflare vary Origin, Accept-Encoding x-content-type-options nosniff
GET H3	200	fi.json Show response newassets.hcaptcha.com/captcha/v1/b1c589a/static/i18n/	9 KB 4 KB	101ms 54ms	XHR application/json	104.18.125.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/i18n/fi.json Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f4c9afac040e2b0a6d41ec0cc3853b8ea3dc25ab449883f0ea803fb3792a7d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br alt-svc h3=":443"; ma=86400 server cloudflare etag W/"c85eea96f9f2220bcf13dac3e4297a6d" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding access-control-max-age 3000 access-control-allow-methods GET, HEAD access-control-allow-origin * content-type application/json cache-control public, max-age=1209600 cf-ray 875d714ebfe65ef7-ARN expires Wed, 01 May 2024 15:28:02 GMT
GET H3	200	fi.json Show response newassets.hcaptcha.com/captcha/v1/b1c589a/static/i18n/	9 KB 0	101ms 101ms	XHR application/json	104.18.125.91 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/b1c589a/static/i18n/fi.json Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.125.91 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f4c9afac040e2b0a6d41ec0cc3853b8ea3dc25ab449883f0ea803fb3792a7d2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare etag W/"c85eea96f9f2220bcf13dac3e4297a6d" vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding access-control-max-age 3000 access-control-allow-methods GET, HEAD access-control-allow-origin * content-type application/json cache-control public, max-age=1209600 cf-ray 875d714ebfe65ef7-ARN alt-svc h3=":443"; ma=86400 expires Wed, 01 May 2024 15:28:02 GMT
GET H3	200	favicon.ico lookup.guildmember.xyz/static/assets/images/	24 KB 13 KB	321ms 321ms	Other image/x-icon	172.67.206.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://lookup.guildmember.xyz/static/assets/images/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.206.14 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7 Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://lookup.guildmember.xyz/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1 Response headers date Wed, 17 Apr 2024 15:28:02 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:18:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1703301522.0-24565-3433569986" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FqpOGs8eST5tSY3R1PAXBLkverDOyR2solH4V4lVc66IK3RWOETVU69bD%2B7ooTAfBiqY91nn0A4gYuLH1ENUpSgC9AksoNsJbFT%2BtOq0gsl6bGwJJ86%2BzsuUTxdU6qRpCdt%2BAhMX8knR"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 content-disposition inline; filename=favicon.ico cf-ray 875d7150dd935b54-VIE alt-svc h3=":443"; ma=86400

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| Raven object| hcaptcha function| _0x539f string| ref undefined| a2fTicket function| login function| a2fSubmit function| onSuccess function| reset function| openA2f function| closeA2f function| _0x4816 function| startLoading function| stopLoading function| openModal function| closeModal object| grecaptcha

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://lookup.guildmember.xyz/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hcaptcha.com
lookup.guildmember.xyz
newassets.hcaptcha.com
104.18.124.91
104.18.125.91
172.67.206.14
2606:4700:3035::6815:4549
01908359050da30c842f89d13af0447be961b00b67b46eb61114d1fa48f1bdc9
021cb1900795154820b9ab23f5621933558e336da5660f1928edab740547862f
128e20b3b15c65dd470cb9d0dc8fe10e2ff9f72fac99ee621b01a391ef6b81c7
13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc
3f4c9afac040e2b0a6d41ec0cc3853b8ea3dc25ab449883f0ea803fb3792a7d2
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b
8e15eab63d3de0c80c50155e9eb6f78d5b0d1fb4236e0f1cd0a2d71ef6d37083
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104
93a1168fc0e0e1f524d0e232aee8ee78c4272f0d201389b8e504ed84c699e1ac
940af324405292a88daa7b5d57d9a1e8de90304563e7f000ae458a4bd3321a3d
a2543eb1ed47c63f1fa8a3b6aff005e5e4ad0a694304fe5e26e6e9c481b19ebc
ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144