ff-gift-event.shop Open in urlscan Pro
185.116.236.163 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ff-gift-event.shop/recharge/199-.php
Submission: On November 02 via manual (November 2nd 2024, 11:53:44 am UTC) from UA — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 9 HTTP transactions. The main IP is 185.116.236.163, located in New York, United States and belongs to MASSIVEGRID, GB. The main domain is ff-gift-event.shop.
TLS certificate: Issued by R11 on October 15th 2024. Valid for: 3 months.

This is the only time ff-gift-event.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	185.116.236.163 185.116.236.163	49683 (MASSIVEGRID) (MASSIVEGRID)
1 2	2606:4700:10:... 2606:4700:10::ac43:2910	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a09:8280:1::... 2a09:8280:1::2e:1cbb:0	40509 (FLY) (FLY)
9	4

6 185.116.236.163 (New York, United States)

ASN49683 (MASSIVEGRID, GB)
PTR: server2.akimaxhost.com

ff-gift-event.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2910 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a09:8280:1::2e:1cbb:0 (United States)

ASN40509 (FLY, US)

openui.fly.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	ff-gift-event.shop ff-gift-event.shop	8 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 30555	143 KB
1	fly.dev openui.fly.dev	312 B
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 797	5 KB
9	4

	Domain	Requested by
6	ff-gift-event.shop	ff-gift-event.shop
2	cdn.tailwindcss.com	1 redirects ff-gift-event.shop
1	openui.fly.dev	ff-gift-event.shop
1	unpkg.com	ff-gift-event.shop
9	4

This site contains no links.

Subject Issuer	Validity	Valid
*.ff-gift-event.shop R11	`2024-10-15` - `2025-01-13`	3 months	crt.sh
unpkg.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
*.fly.dev E6	`2024-10-25` - `2025-01-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ff-gift-event.shop/recharge/199-.php
Frame ID: C42C972B3B47A29DAF381F82D33AFDD5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

9
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

156 kB
Transfer

523 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cdn.tailwindcss.com/?plugins=forms,typography HTTP 302
https://cdn.tailwindcss.com/3.4.14?plugins=forms@0.5.9,typography@0.5.15

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 199-.php Show response
ff-gift-event.shop/recharge/ 5 KB
2 KB 314ms
92ms Document
text/html 185.116.236.163
MASSIVEGRID

General

Check archive.org

Show headers Download Go to

Full URL: https://ff-gift-event.shop/recharge/199-.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.116.236.163 New York, United States, ASN49683 (MASSIVEGRID, GB),
Reverse DNS: server2.akimaxhost.com
Software: /
Resource Hash: da9aa651b71c1bc7917432873cc34a6345ceb704229671b10bd5d69333bbc097

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://akimaxhost.com
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 1589
content-type: text/html; charset=UTF-8
date: Sat, 02 Nov 2024 11:53:38 GMT
vary: Accept-Encoding

GET
H2

200

3.4.14 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/?plugins=forms,typography
https://cdn.tailwindcss.com/3.4.14?plugins=forms@0.5.9,typography@0.5.15

497 KB
143 KB

33ms
33ms

Script
text/javascript

2606:4700:10::ac43:2910
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.14?plugins=forms@0.5.9,typography@0.5.15

Requested by

Host: ff-gift-event.shop
URL: https://ff-gift-event.shop/recharge/199-.php

Protocol

Server

2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb03da489705e6239bd512f16a2947c81f1b14121b3b8d94568f420361f10d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ff-gift-event.shop/

Response headers

server: cloudflare
strict-transport-security: max-age=63072000
cache-control: max-age=31536000
content-encoding: br
x-vercel-cache: MISS
cf-cache-status: HIT
age: 12745
cf-ray: 8dc3ecdf18500f87-EWR
date: Sat, 02 Nov 2024 11:53:38 GMT
content-type: text/javascript
last-modified: Tue, 29 Oct 2024 00:31:35 GMT
vary: Accept-Encoding
x-vercel-id: cle1::iad1::4bxnz-1730161895311-ab76053c03db

Redirect headers

strict-transport-security: max-age=63072000
cache-control: max-age=14400
location: /3.4.14?plugins=forms@0.5.9,typography@0.5.15
x-vercel-cache: MISS
cf-cache-status: HIT
age: 56
cf-ray: 8dc3ecde9fa40f87-EWR
date: Sat, 02 Nov 2024 11:53:38 GMT
vary: Accept-Encoding
server: cloudflare
x-vercel-id: cle1::iad1::x5vln-1730547871504-fcb7b7e78c77

GET
H2 200 unlazy.with-hashing.iife.js Show response
unpkg.com/unlazy@0.11.3/dist/ 7 KB
5 KB 145ms
53ms Script
application/javascript 2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/unlazy@0.11.3/dist/unlazy.with-hashing.iife.js

Requested by

Host: ff-gift-event.shop
URL: https://ff-gift-event.shop/recharge/199-.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36c8afeba0676e51f9475a4c230b6157ba3b40aae03e7ca5201559e63ad8119e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ff-gift-event.shop/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "1cd9-FnNjKEeAxQIcM0HYShnXrZKE3ek"
age: 2024765
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 11:53:38 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J9T0KK5WYHM25S2DQ9J580Z9-lga
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8dc3ecde994c8c99-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 24x24.svg
openui.fly.dev/openui/ 198 B
312 B 258ms
163ms Image
image/svg+xml 2a09:8280:1::2e:1cbb:0
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openui.fly.dev/openui/24x24.svg?text=%F0%9F%92%B3
Requested by: Host: ff-gift-event.shop
URL: https://ff-gift-event.shop/recharge/199-.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::2e:1cbb:0 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/2936d2942 (2024-10-30) /
Resource Hash: 9b77b2ceedb7106d1379c1da1a987f2582c42c5565f6d67fb76f304e2d87b142

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ff-gift-event.shop/

Response headers

via: 2 fly.io
content-encoding: zstd
date: Sat, 02 Nov 2024 11:53:37 GMT
content-type: image/svg+xml
server: Fly/2936d2942 (2024-10-30)
fly-request-id: 01JBPBJHS3Z5WN4W1NGECTJ184-lga

GET
H2 200 paytm.svg
ff-gift-event.shop/recharge/ 3 KB
2 KB 51ms
50ms Image
image/svg+xml 185.116.236.163
MASSIVEGRID

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ff-gift-event.shop/recharge/paytm.svg
Requested by: Host: ff-gift-event.shop
URL: https://ff-gift-event.shop/recharge/199-.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.116.236.163 New York, United States, ASN49683 (MASSIVEGRID, GB),
Reverse DNS: server2.akimaxhost.com
Software: /
Resource Hash: eebf8572313a519dc2dcd244af15c77c6f54f4af75990af61b879d0c71de8a8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ff-gift-event.shop/recharge/199-.php

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Sat, 09 Nov 2024 11:53:38 GMT
accept-ranges: bytes
access-control-allow-origin: https://akimaxhost.com
content-length: 1451
date: Sat, 02 Nov 2024 11:53:38 GMT
content-type: image/svg+xml
last-modified: Fri, 24 May 2024 19:42:50 GMT
vary: Accept-Encoding

GET
H2 200 PhonePe-Logo.wine.svg
ff-gift-event.shop/recharge/ 2 KB
990 B 28ms
28ms Image
image/svg+xml 185.116.236.163
MASSIVEGRID

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ff-gift-event.shop/recharge/PhonePe-Logo.wine.svg
Requested by: Host: ff-gift-event.shop
URL: https://ff-gift-event.shop/recharge/199-.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.116.236.163 New York, United States, ASN49683 (MASSIVEGRID, GB),
Reverse DNS: server2.akimaxhost.com
Software: /
Resource Hash: 8ad0ef189c3753ece2f649ce932e32e6c4bc4c08c2ef9c65af181d1b67ee46e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ff-gift-event.shop/recharge/199-.php

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Sat, 09 Nov 2024 11:53:38 GMT
accept-ranges: bytes
access-control-allow-origin: https://akimaxhost.com
content-length: 934
date: Sat, 02 Nov 2024 11:53:38 GMT
content-type: image/svg+xml
last-modified: Mon, 03 Jun 2024 08:20:10 GMT
vary: Accept-Encoding

GET
H3 200 bhim.svg
ff-gift-event.shop/recharge/ 5 KB
3 KB 28ms
28ms Image
image/svg+xml 185.116.236.163
MASSIVEGRID

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ff-gift-event.shop/recharge/bhim.svg
Requested by: Host: ff-gift-event.shop
URL: https://ff-gift-event.shop/recharge/199-.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.116.236.163 New York, United States, ASN49683 (MASSIVEGRID, GB),
Reverse DNS: server2.akimaxhost.com
Software: /
Resource Hash: 364faeaec7d77762532b71b2168e1f8a34a082ced290cebe361f8c61011693cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ff-gift-event.shop/recharge/199-.php

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Sat, 09 Nov 2024 11:53:38 GMT
accept-ranges: bytes
access-control-allow-origin: https://akimaxhost.com
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2298
date: Sat, 02 Nov 2024 11:53:38 GMT
content-type: image/svg+xml
last-modified: Fri, 24 May 2024 19:42:50 GMT
vary: Accept-Encoding

GET
H3 200 Google_Pay-Logo.wine.svg
ff-gift-event.shop/recharge/ 2 KB
851 B 28ms
28ms Image
image/svg+xml 185.116.236.163
MASSIVEGRID

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ff-gift-event.shop/recharge/Google_Pay-Logo.wine.svg
Requested by: Host: ff-gift-event.shop
URL: https://ff-gift-event.shop/recharge/199-.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.116.236.163 New York, United States, ASN49683 (MASSIVEGRID, GB),
Reverse DNS: server2.akimaxhost.com
Software: /
Resource Hash: 118284c3c8d12365da0980840fde9a634d024e7397c17ae5290027e0e985d4e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ff-gift-event.shop/recharge/199-.php

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Sat, 09 Nov 2024 11:53:38 GMT
accept-ranges: bytes
access-control-allow-origin: https://akimaxhost.com
content-length: 806
date: Sat, 02 Nov 2024 11:53:38 GMT
content-type: image/svg+xml
last-modified: Mon, 03 Jun 2024 08:23:18 GMT
vary: Accept-Encoding

GET
H3 404 favicon.ico
ff-gift-event.shop/ 708 B
790 B 28ms
28ms Other
text/html 185.116.236.163
MASSIVEGRID

General

Check archive.org

Show headers Download Go to

Full URL: https://ff-gift-event.shop/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.116.236.163 New York, United States, ASN49683 (MASSIVEGRID, GB),
Reverse DNS: server2.akimaxhost.com
Software: /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://ff-gift-event.shop/recharge/199-.php

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-origin: https://akimaxhost.com
content-length: 708
pragma: no-cache
date: Sat, 02 Nov 2024 11:53:38 GMT
content-type: text/html

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| tailwind string| /template.html function| selectButton object| UnLazy

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ff-gift-event.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tailwindcss.com
ff-gift-event.shop
openui.fly.dev
unpkg.com
185.116.236.163
2606:4700:10::ac43:2910
2606:4700::6811:f5cb
2a09:8280:1::2e:1cbb:0
118284c3c8d12365da0980840fde9a634d024e7397c17ae5290027e0e985d4e8
364faeaec7d77762532b71b2168e1f8a34a082ced290cebe361f8c61011693cd
36c8afeba0676e51f9475a4c230b6157ba3b40aae03e7ca5201559e63ad8119e
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
5eb03da489705e6239bd512f16a2947c81f1b14121b3b8d94568f420361f10d9
8ad0ef189c3753ece2f649ce932e32e6c4bc4c08c2ef9c65af181d1b67ee46e9
9b77b2ceedb7106d1379c1da1a987f2582c42c5565f6d67fb76f304e2d87b142
da9aa651b71c1bc7917432873cc34a6345ceb704229671b10bd5d69333bbc097
eebf8572313a519dc2dcd244af15c77c6f54f4af75990af61b879d0c71de8a8c

ff-gift-event.shop Open in urlscan Pro 185.116.236.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

156 kBTransfer

523 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ff-gift-event.shop Open in urlscan Pro
185.116.236.163 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

156 kB
Transfer

523 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions