claim.discrdgift.ru Open in urlscan Pro
185.178.208.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://discrdnitro.com/gifts
Effective URL:
https://claim.discrdgift.ru/
Submission: On April 13 via manual (April 13th 2022, 11:29:01 am UTC) from SE — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 7 domains to perform 10 HTTP transactions. The main IP is 185.178.208.149, located in Russian Federation and belongs to DDOS-GUARD, RU. The main domain is claim.discrdgift.ru.
TLS certificate: Issued by R3 on April 6th 2022. Valid for: 3 months.

This is the only time claim.discrdgift.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2606:4700:303... 2606:4700:3030::6815:4e92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
1 1	2606:4700:303... 2606:4700:3031::6815:13a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.178.208.149 185.178.208.149	57724 (DDOS-GUARD) (DDOS-GUARD)
1	162.159.133.232 162.159.133.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.216.163.127 95.216.163.127	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:10:... 2606:4700:10::6814:ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	6

3 2606:4700:3030::6815:4e92 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

discrdnitro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:13a3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

split.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.178.208.149 (Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net

claim.discrdgift.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.133.232 (None, )

ASN13335 (CLOUDFLARENET, US)

media.discordapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.163.127 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.127.163.216.95.clients.your-server.de

api.qrserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

images4.alphacoders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	plausible.io plausible.io — Cisco Umbrella Rank: 21567	3 KB
3	discrdnitro.com 1 redirects discrdnitro.com	6 KB
1	alphacoders.com images4.alphacoders.com — Cisco Umbrella Rank: 185071	53 KB
1	qrserver.com api.qrserver.com — Cisco Umbrella Rank: 68872	870 B
1	discordapp.net media.discordapp.net — Cisco Umbrella Rank: 4461	10 KB
1	discrdgift.ru claim.discrdgift.ru	1 KB
1	split.to 1 redirects split.to	716 B
10	7

	Domain	Requested by
4	plausible.io	discrdnitro.com plausible.io claim.discrdgift.ru
3	discrdnitro.com	1 redirects discrdnitro.com
1	images4.alphacoders.com	claim.discrdgift.ru
1	api.qrserver.com	claim.discrdgift.ru
1	media.discordapp.net	claim.discrdgift.ru
1	claim.discrdgift.ru
1	split.to	1 redirects
10	7

This site contains links to these domains. Also see Links.

Domain
discrdgift.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-09` - `2023-04-09`	a year	crt.sh
plausible.io R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
claim.discrdgift.ru R3	`2022-04-06` - `2022-07-05`	3 months	crt.sh
discordapp.net Cloudflare Inc ECC CA-3	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.qrserver.com R3	`2022-02-22` - `2022-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://claim.discrdgift.ru/
Frame ID: 8BD501A19472202A35AAAEDBCD43F9A9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discord Nitro

Page URL History Show full URLs

https://discrdnitro.com/gifts HTTP 301
https://discrdnitro.com/gifts/ Page URL
https://split.to/2IS4YFb HTTP 302
https://claim.discrdgift.ru/ Page URL

Detected technologies

Plausible (Analytics) Expand

Overall confidence: 100%
Detected patterns

plausible\.io/js/plausible\.js

Page Statistics

10
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

5
Countries

74 kB
Transfer

81 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discrdgift.ru/hot
Title: Click here to claim if you can't scan

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://discrdnitro.com/gifts HTTP 301
https://discrdnitro.com/gifts/ Page URL
https://split.to/2IS4YFb HTTP 302
https://claim.discrdgift.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://discrdnitro.com/gifts HTTP 301
https://discrdnitro.com/gifts/

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
discrdnitro.com/gifts/
Redirect Chain

https://discrdnitro.com/gifts
https://discrdnitro.com/gifts/

1 KB
793 B

35ms
35ms

Document
text/html

2606:4700:3030::6815:4e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://discrdnitro.com/gifts/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4e92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb3832af13f8c61cae6c5e10b0310a62ab4d14c315b48fded09f3634ac426934

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fb3dc774bf19046-FRA
content-encoding: br
content-type: text/html
date: Wed, 13 Apr 2022 11:28:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 12 Apr 2022 16:15:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px76a2abTTmuKx8wR6DD%2FwEPFEsArbskOARP2OWNBIVGZhuYj63nQV0ojSxYo0P39oOa8c2c4TSyMwZf8YqCwXdVvDY7zrqLsdZJMtqn%2Fdzz%2FJm1q8uHIk5G7jB2Llpq3%2BlArFyHYWPn19n9FK8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fb3dc76cb109046-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 13 Apr 2022 11:28:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://discrdnitro.com/gifts/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loGOzPUF8PY0veFh8102iEyIRdes0R%2FWwM48Gni0Hp6oGI3u9Zm%2FMwd%2BzwRL2BFXljH%2BARlhBLaUTZQEPluq83znZeQ%2FeCPClL%2FbGAXM2jfqIyL5Bz33aPtU5ndjEnEIzRLd8vAc7ZmYF5HHECk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 rocket-loader.min.js Show response
discrdnitro.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 17ms
17ms Script
application/javascript 2606:4700:3030::6815:4e92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://discrdnitro.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: discrdnitro.com
URL: https://discrdnitro.com/gifts/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:4e92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discrdnitro.com/gifts/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 11:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Apr 2022 12:32:17 GMT
server: cloudflare
etag: W/"62541fd1-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJPF9OCARyhQKtIEOOQE7YfXjeALY%2BB6pxMH4SVFXLpxcgsHVwAVfcmWMLpNXKqf%2FgKRO9QRP1S8NS3WfVwZzthY5VvrKwasQIg72xS6rOlvAAO6UMOea2MUNgaI66lV8KnT3sKqAa6HJ8g2KG0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6fb3dc77ad999b63-FRA
vary: Accept-Encoding
expires: Fri, 15 Apr 2022 11:28:57 GMT

GET
H2 200 plausible.js
plausible.io/js/ 1 KB
1 KB 31ms
7ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/plausible.js

Requested by

Host: discrdnitro.com
URL: https://discrdnitro.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-138-199-37-226.datapacket.com

Software

BunnyCDN-DE1-832 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discrdnitro.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 11:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 04/13/2022 10:29:23
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
server: BunnyCDN-DE1-832
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=3600
permissions-policy: interest-cohort=()
cdn-requestid: 9ffa9ac6c041ac7de76d4b5a57b53f31
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

Primary Request / Show response
claim.discrdgift.ru/
Redirect Chain

https://split.to/2IS4YFb
https://claim.discrdgift.ru/

2 KB
1 KB

1070ms
908ms

Document
text/html

185.178.208.149
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL

https://claim.discrdgift.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.178.208.149 , Russian Federation, ASN57724 (DDOS-GUARD, RU),

Reverse DNS

ddos-guard.net

Software

ddos-guard / Express

Resource Hash

fe27f5feaf130b60c0a75aea6c2130aa538abb53ec7a42195e0ffc9cc736cc89

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://discrdnitro.com/gifts/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Wed, 13 Apr 2022 11:28:58 GMT
etag: W/"8ab-MCAUtA3By56Ccco73lgGCVAbf4c"
server: ddos-guard
x-powered-by: Express

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 6fb3dc782cdc9b2e-FRA
content-type: text/html; charset=utf-8
date: Wed, 13 Apr 2022 11:28:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://claim.discrdgift.ru/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl9O9FG1pWMvSFAgQmx4uzzdp8cjeiJosPorm2nX%2BkkNQKFLegxS8A%2Bw%2BEfq7eWzQ27iz1XpWdTiqKB8FBA4WlLsx4FY87kmZ1nJDCMhglHUW3GELdpW7m73xyGdVjuuCwIDFq05jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept, Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

POST
H2 202 event
plausible.io/api/ 2 B
471 B 32ms
16ms XHR
text/plain 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash

Request headers

Referer: https://discrdnitro.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Apr 2022 11:28:57 GMT
cdn-edgestorageid: 832
server: BunnyCDN-DE1-832
cdn-cachedat: 04/13/2022 11:28:57
cdn-pullzone: 682664
content-length: 2
x-request-id: FuVxOzXfZVgSQScHuUkE
cdn-proxyver: 1.02
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: 646b2b2e89bb6e4dfa7716a0d01194ca
cdn-requestcountrycode: DE
cdn-status: 202
cdn-requestpullsuccess: True

GET
H2 200 1499537505a4dedb975abae446f94535ca28a3b3a3.png
media.discordapp.net/attachments/921424573520551949/923054672292491304/ 10 KB
10 KB 71ms
31ms Image
image/png 162.159.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.discordapp.net/attachments/921424573520551949/923054672292491304/1499537505a4dedb975abae446f94535ca28a3b3a3.png
Requested by: Host: claim.discrdgift.ru
URL: https://claim.discrdgift.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29692ffee06060e2986b8f2ae417b967faa3c8fbd7219780283fc6a62970d622

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim.discrdgift.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 11:28:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 530905
cf-ray: 6fb3dc80bc7d91cf-FRA
x-envoy-upstream-service-time: 19
content-length: 9973
last-modified: Wed, 22 Dec 2021 03:29:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AZtpAq3wVdTakGjKUv68u25dekBO1QzCdjn8NVjMbBD8HD30pmpkLKx%2F7yl28l16aU%2B0xD6%2BspokYoX%2FSW3RTwsaSKD3a4GXqM1Xys3e4MCAZTTOHK6QepLlGrOpkMPt6HKK69r"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires: Thu, 13 Apr 2023 11:28:59 GMT

GET
H2 200 /
api.qrserver.com/v1/create-qr-code/ 605 B
870 B 155ms
41ms Image
image/png 95.216.163.127
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.qrserver.com/v1/create-qr-code/?size=250x250&data=https://discordapp.com/ra/kPoV0s5NzUwvWbYVWk8dwIsfvTcefc4M1XsuRg9iMe0
Requested by: Host: claim.discrdgift.ru
URL: https://claim.discrdgift.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.216.163.127 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.127.163.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 4c7aa71c8cc03903e3af87612846e1514142da5157f4d00405d89b6af1b7ddfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim.discrdgift.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 13 Apr 2022 11:28:59 GMT
server: nginx
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, Origin, Authorization, X-Requested-With, Client-Security-Token
access-control-max-age: 7200
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/png

GET
H2 200 plausible.js Show response
plausible.io/js/ 1 KB
1 KB 18ms
17ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/plausible.js

Requested by

Host: claim.discrdgift.ru
URL: https://claim.discrdgift.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-138-199-37-226.datapacket.com

Software

BunnyCDN-DE1-832 /

Resource Hash

2b4c9f3b3f3bc15a6ce53e7c8b1f75dac771715e958271e08ff9cf2f0137191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim.discrdgift.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 11:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 832
access-control-allow-origin: *
cdn-cachedat: 04/13/2022 10:29:23
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
server: BunnyCDN-DE1-832
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=3600
permissions-policy: interest-cohort=()
cdn-requestid: 725e8ce997bde8382b1c111ccd230982
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 thumb-1920-909912.png
images4.alphacoders.com/909/ 52 KB
53 KB 71ms
31ms Image
image/png 2606:4700:10::6814:ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images4.alphacoders.com/909/thumb-1920-909912.png
Requested by: Host: claim.discrdgift.ru
URL: https://claim.discrdgift.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c1952250d80dd9f9ab4308d1886a171d7a45a27c774b2f3c29f10f5995452a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://claim.discrdgift.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 11:28:59 GMT
cf-cache-status: HIT
last-modified: Wed, 21 Mar 2018 16:06:17 GMT
server: cloudflare
age: 770819
etag: "5ab282f9-d0d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6fb3dc80b8999293-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53459
expires: Wed, 04 May 2022 13:22:00 GMT

POST
H2 202 event Show response
plausible.io/api/ 2 B
470 B 16ms
16ms XHR
text/plain 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://claim.discrdgift.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 13 Apr 2022 11:28:58 GMT
cdn-edgestorageid: 832
server: BunnyCDN-DE1-832
cdn-cachedat: 04/13/2022 11:28:58
cdn-pullzone: 682664
content-length: 2
x-request-id: FuVxO4bHXboN4ZMHTwMF
cdn-proxyver: 1.02
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: fb0bb8cc0eb84dec3934ed335a71053d
cdn-requestcountrycode: DE
cdn-status: 202
cdn-requestpullsuccess: True

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.discrdgift.ru/	1970-01-20 11:03:05	Name: __ddg1_ Value: StTizNfMeIgOwvn08zXW

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.qrserver.com
claim.discrdgift.ru
discrdnitro.com
images4.alphacoders.com
media.discordapp.net
plausible.io
split.to
138.199.37.226
162.159.133.232
185.178.208.149
2606:4700:10::6814:ec2
2606:4700:3030::6815:4e92
2606:4700:3031::6815:13a3
95.216.163.127
0c1952250d80dd9f9ab4308d1886a171d7a45a27c774b2f3c29f10f5995452a1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29692ffee06060e2986b8f2ae417b967faa3c8fbd7219780283fc6a62970d622
2b4c9f3b3f3bc15a6ce53e7c8b1f75dac771715e958271e08ff9cf2f0137191f
4c7aa71c8cc03903e3af87612846e1514142da5157f4d00405d89b6af1b7ddfa
cb3832af13f8c61cae6c5e10b0310a62ab4d14c315b48fded09f3634ac426934
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
fe27f5feaf130b60c0a75aea6c2130aa538abb53ec7a42195e0ffc9cc736cc89

claim.discrdgift.ru Open in urlscan Pro 185.178.208.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

43 %IPv6

7 Domains

7 Subdomains

6 IPs

5 Countries

74 kBTransfer

81 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Indicators

claim.discrdgift.ru Open in urlscan Pro
185.178.208.149 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

6
IPs

5
Countries

74 kB
Transfer

81 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions