urlscan.io logo urlscan.io
SecurityTrails logo

3v.fi Open in urlscan Pro
2001:41d0:8:bbdc::2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://discord.moderate.tv/
Effective URL: https://3v.fi/ms-gatekeeper/get-started
Submission Tags: phishingrod
Submission: On December 30 via api from DE — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2001:41d0:8:bbdc::2, located in France and belongs to OVH, FR. The main domain is 3v.fi.
TLS certificate: Issued by R3 on October 31st 2022. Valid for: 3 months.
This is the only time 3v.fi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a01:4f9:2a:2... 24940 (HETZNER-AS)
3 2001:41d0:8:b... 16276 (OVH)
5 2600:9000:206... 16509 (AMAZON-02)
8 2
Apex Domain
Subdomains		 Transfer
5 jtvnw.net
static-cdn.jtvnw.net — Cisco Umbrella Rank: 6673
4 KB
3 3v.fi
3v.fi
4 KB
1 moderate.tv
discord.moderate.tv
104 B
8 3
Domain Requested by
5 static-cdn.jtvnw.net 3v.fi
3 3v.fi 3v.fi
1 discord.moderate.tv 1 redirects
8 3

This site contains links to these domains. Also see Links.

Domain
discord.com
Subject Issuer Validity Valid
3v.fi
R3		 2022-10-31 -
2023-01-29		 3 months crt.sh
static-cdn.jtvnw.net
Amazon		 2022-03-30 -
2023-04-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://3v.fi/ms-gatekeeper/get-started
Frame ID: F8D3DB1931DD03BC4ECE0EDDFF038E86
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Link Discord - MS Gatekeeper

Page URL History Show full URLs

  1. https://discord.moderate.tv/ HTTP 302
    https://3v.fi/ms-gatekeeper/get-started Page URL

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

8 kB
Transfer

6 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://discord.moderate.tv/ HTTP 302
    https://3v.fi/ms-gatekeeper/get-started Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request get-started
3v.fi/ms-gatekeeper/
Redirect Chain
  • https://discord.moderate.tv/
  • https://3v.fi/ms-gatekeeper/get-started
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3v.fi/ms-gatekeeper/get-started
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:8:bbdc::2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx / Express
Resource Hash
bb279e2f2219d93d2f8a357225a059b7c073bd5b337fa6368bd1833faede1bc8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self'; img-src 'self' *.3v.fi https://static-cdn.jtvnw.net https://ttv-api.s3.amazonaws.com; connect-src 'self'
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'none'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self'; img-src 'self' *.3v.fi https://static-cdn.jtvnw.net https://ttv-api.s3.amazonaws.com; connect-src 'self'
content-type
text/html; charset=utf-8
date
Fri, 30 Dec 2022 03:13:15 GMT
etag
W/"a9c-iMkmyi5ToSLwIdFRhOIXuFzaJVE"
server
nginx
strict-transport-security
max-age=31536000
x-powered-by
Express

Redirect headers

alt-svc
h3=":443"; ma=2592000
content-length
0
date
Fri, 30 Dec 2022 03:13:15 GMT
location
https://3v.fi/ms-gatekeeper/get-started
server
Caddy
main.css
3v.fi/ms-gatekeeper/ 		956 B
828 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://3v.fi/ms-gatekeeper/main.css
Requested by
Host: 3v.fi
URL: https://3v.fi/ms-gatekeeper/get-started
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:8:bbdc::2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx / Express
Resource Hash
9c5bd45cfecb0ab6123484f6e08900d9500888f8a2fb84c70d2b8de98dd49329
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self'; img-src 'self' *.3v.fi https://static-cdn.jtvnw.net https://ttv-api.s3.amazonaws.com; connect-src 'self'
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://3v.fi/ms-gatekeeper/get-started
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 03:13:15 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
default-src 'none'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self'; img-src 'self' *.3v.fi https://static-cdn.jtvnw.net https://ttv-api.s3.amazonaws.com; connect-src 'self'
last-modified
Sat, 18 May 2019 23:53:44 GMT
server
nginx
x-powered-by
Express
etag
W/"3bc-16acd5d9ae8"
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
1
static-cdn.jtvnw.net/badges/v1/3267646d-33f0-4b17-b3df-f923a41db1d0/ 		420 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.jtvnw.net/badges/v1/3267646d-33f0-4b17-b3df-f923a41db1d0/1
Requested by
Host: 3v.fi
URL: https://3v.fi/ms-gatekeeper/get-started
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:c600:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5a2f193085ae6da06e3b9b108cedda1e666c9d5c2682a03be692b7bab785410b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://3v.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 00:49:34 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
8621
x-cache
Hit from cloudfront
content-length
420
last-modified
Fri, 06 Dec 2019 17:49:14 GMT
server
nginx
etag
"636259ae7b0ba24db5a85060ca2b5693"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
zpiXWmscfkqNsx9-aRnSuhMDVB_bXCZxTKjRslIK0dmuKm0Qtzf_BQ==
expires
Fri, 30 Dec 2022 04:49:34 GMT
1
static-cdn.jtvnw.net/badges/v1/d12a2e27-16f6-41d0-ab77-b780518f00a3/ 		442 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.jtvnw.net/badges/v1/d12a2e27-16f6-41d0-ab77-b780518f00a3/1
Requested by
Host: 3v.fi
URL: https://3v.fi/ms-gatekeeper/get-started
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:c600:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0f123f67da76248517f303510c56804bd7b3b9f2ef643dc220b3a2eff372dbd1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://3v.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 03:10:16 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
179
x-cache
Hit from cloudfront
content-length
442
last-modified
Thu, 05 Dec 2019 19:17:41 GMT
server
nginx
etag
"062d393fdbbd9f7e1d8f413fac386168"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
r5m0uK1xRqZQC2fMXSz11y3xR8g6P033e2M9wBc4yp7y4JJJ4aLF9A==
expires
Fri, 30 Dec 2022 07:10:16 GMT
1
static-cdn.jtvnw.net/badges/v1/d97c37bd-a6f5-4c38-8f57-4e4bef88af34/ 		290 B
763 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.jtvnw.net/badges/v1/d97c37bd-a6f5-4c38-8f57-4e4bef88af34/1
Requested by
Host: 3v.fi
URL: https://3v.fi/ms-gatekeeper/get-started
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:c600:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aad827aacd500517ed24b8cc5958443b558848c664a368d82fed7710c59b56ca

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://3v.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 00:41:54 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
9107
x-cache
Hit from cloudfront
content-length
290
last-modified
Thu, 05 Dec 2019 19:17:42 GMT
server
nginx
etag
"356ebb34d79a31be07013c11b70b50ab"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
mHEMXYdbLY5dW_vuINfjgAh84XBpVllEo70DtSGntD6j0-mYv8YI6Q==
expires
Fri, 30 Dec 2022 04:41:28 GMT
1
static-cdn.jtvnw.net/badges/v1/b817aba4-fad8-49e2-b88a-7cc744dfa6ec/ 		326 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.jtvnw.net/badges/v1/b817aba4-fad8-49e2-b88a-7cc744dfa6ec/1
Requested by
Host: 3v.fi
URL: https://3v.fi/ms-gatekeeper/get-started
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:c600:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7a2079352ba7f1635b3fa50d2ee4b574a1cfbdcc10b7e714a7e6be95c8446099

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://3v.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 02:51:55 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
1280
x-cache
Hit from cloudfront
content-length
326
last-modified
Fri, 06 Dec 2019 17:49:20 GMT
server
nginx
etag
"4bf72fa0c993bfe9e6a793b808a68845"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
45t8edFcC44BIO1JbtR3HIWTS9quYCWul56UwvDsTwwq2aDJ0fwqCg==
expires
Fri, 30 Dec 2022 06:51:55 GMT
1
static-cdn.jtvnw.net/badges/v1/ca3db7f7-18f5-487e-a329-cd0b538ee979/ 		423 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.jtvnw.net/badges/v1/ca3db7f7-18f5-487e-a329-cd0b538ee979/1
Requested by
Host: 3v.fi
URL: https://3v.fi/ms-gatekeeper/get-started
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:c600:19:f28c:cd8e:cd41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
18047c5282aed5077f53469178e9f17b24aaf76d31aa8df8d14c59c3c22ea7bb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://3v.fi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 23:58:54 GMT
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C1
age
11661
x-cache
Hit from cloudfront
content-length
423
last-modified
Mon, 25 Feb 2019 20:15:59 GMT
server
nginx
etag
"8befe976d501d80a288044d96b870e0a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
7zMFLRyOu3otkH5yNan-uMnPQMiU5LO2LreUDGvt5rrk9w-V4e9-hg==
expires
Fri, 30 Dec 2022 03:58:54 GMT
discord.js
3v.fi/ms-gatekeeper/ 		916 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3v.fi/ms-gatekeeper/discord.js
Requested by
Host: 3v.fi
URL: https://3v.fi/ms-gatekeeper/get-started
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:8:bbdc::2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx / Express
Resource Hash
32b4df1fd9460ba6ed234e0747285194df880cbb675e6c17881fd66aa5ea2ddb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self'; img-src 'self' *.3v.fi https://static-cdn.jtvnw.net https://ttv-api.s3.amazonaws.com; connect-src 'self'
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://3v.fi/ms-gatekeeper/get-started
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 03:13:15 GMT
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self'; img-src 'self' *.3v.fi https://static-cdn.jtvnw.net https://ttv-api.s3.amazonaws.com; connect-src 'self'
last-modified
Sat, 17 Apr 2021 21:21:02 GMT
server
nginx
x-powered-by
Express
etag
W/"394-178e1b55bbb"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
916

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
3v.fi/ Name: connect.sid
Value: s%3ASKltABtGP7MmN2MYUXwjLiwM1GZpkUYN.%2FD%2BqkR7Au%2FjMVqA1LHFXakaUhTqqzVL6%2B646tR8FAZ8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; style-src 'self' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; script-src 'self'; img-src 'self' *.3v.fi https://static-cdn.jtvnw.net https://ttv-api.s3.amazonaws.com; connect-src 'self'
Strict-Transport-Security max-age=31536000