Submitted URL: http://tiffanys.academy/
Effective URL: https://tiffanys.academy/page/bouncy.php?&bpae=GbhGd78molx7j3PVlb%2FioyhR%2FDONYWIgu3efTlpw0d3tv2l%2F9ErF2gt4GKOr6RZCVVAR...
Submission: On May 06 via api from IN — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 5 domains to perform 3 HTTP transactions. The main IP is 2600:3c02::f03c:91ff:fee2:5b0f, located in Atlanta, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is tiffanys.academy.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 20th 2024. Valid for: a year.
This is the only time tiffanys.academy was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2600:3c02::f0... 63949 (AKAMAI-LI...)
1 2 15.197.224.234 16509 (AMAZON-02)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 172.67.206.74 13335 (CLOUDFLAR...)
1 1 104.18.32.130 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains
Transfer
2 platdom-1.online
platdom-1.online — Cisco Umbrella Rank: 370994
175 B
2 tiffanys.academy
tiffanys.academy
3 KB
1 bcgame.top
bcgame.top — Cisco Umbrella Rank: 642557
1005 B
1 partnerbcgame.com
partnerbcgame.com — Cisco Umbrella Rank: 500661
625 B
1 gotrackier.com
info.gotrackier.com
470 B
3 5
Domain Requested by
2 platdom-1.online 1 redirects tiffanys.academy
2 tiffanys.academy tiffanys.academy
1 bcgame.top 1 redirects
1 partnerbcgame.com 1 redirects
1 info.gotrackier.com 1 redirects
3 5

This site contains no links.

Subject Issuer Validity Valid
*.parklogic.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-20 -
2025-02-19
a year crt.sh

This page contains 1 frames:

Frame: http://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi
Frame ID: AC6FCD53648AC5FFDC502DF98B860804
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://tiffanys.academy/ HTTP 307
    https://tiffanys.academy/ Page URL
  2. https://tiffanys.academy/page/bouncy.php?&bpae=GbhGd78molx7j3PVlb%2FioyhR%2FDONYWIgu3efTlpw0d3tv2l%2F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

3
Requests

0 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

2
IPs

2
Countries

3 kB
Transfer

3 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tiffanys.academy/ HTTP 307
    https://tiffanys.academy/ Page URL
  2. https://tiffanys.academy/page/bouncy.php?&bpae=GbhGd78molx7j3PVlb%2FioyhR%2FDONYWIgu3efTlpw0d3tv2l%2F9ErF2gt4GKOr6RZCVVARyuBBi1gkZGLf5H%2BRLzX1IOxMcjIQQ4xA02xAJqnmGd%2BxcRcqNmCoc6uLrO20Yo11pAD%2FetiK8HCeIgW%2BBeafFn%2BVCVML4p%2BXk8cK%2FneCXVuDH5rJ2BEn17DVCdKKShcQIO6RWCLzHgOf1tl0yJ75oRvPjSfUHylMRXNoCRE1WaCrKVsLIGa8Go%2B1APzKdRxtSsaPCETjv%2FFZInprg1qAyDoaPp%2Brm1rALskGV0IZrB5nTZyYcCWbkcV4X8p6%2Fmm3FA5DfT%2BbPj8yqZAoeaeyYklRcnuqWZaLkY4uU3axNwF0v3Dy8mnOVhrLGTTZBFI1d3Xmtp1BNlXvqU7dphoi45E9q1pSDkTD1wSlyeYGL9hTOOHTuj0qGLorGz6ap5gihRBTTeSGdojdIgoxfupsHqOLu65Frj2DVQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://tiffanys.academy/ HTTP 307
  • https://tiffanys.academy/
Request Chain 1
  • http://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi HTTP 307
  • https://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi HTTP 302
  • https://info.gotrackier.com/sl/KNvwvzD/?pub_id=2&source=Fil-6013bf049a40554bfc1d1f60 HTTP 302
  • https://partnerbcgame.com/d81c7ef6d?visit_id=66389cd0427114034650d9d1 HTTP 302
  • https://bcgame.top/i-4cxse6dr-n/?spin=true&stag=33636_66389cd087609bad92addd3d HTTP 302
  • https://bcgame.top/?spin=true&stag=33636_66389cd087609bad92addd3d&i=4cxse6dr&s=&c=&utm_source=4cxse6dr HTTP 307
  • http://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
tiffanys.academy/
Redirect Chain
  • http://tiffanys.academy/
  • https://tiffanys.academy/
2 KB
2 KB
Document
General
Full URL
https://tiffanys.academy/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2212
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 May 2024 09:03:11 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By
PHP/5.5.38

Redirect headers

Location
https://tiffanys.academy/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request bouncy.php
tiffanys.academy/page/
766 B
1 KB
Document
General
Full URL
https://tiffanys.academy/page/bouncy.php?&bpae=GbhGd78molx7j3PVlb%2FioyhR%2FDONYWIgu3efTlpw0d3tv2l%2F9ErF2gt4GKOr6RZCVVARyuBBi1gkZGLf5H%2BRLzX1IOxMcjIQQ4xA02xAJqnmGd%2BxcRcqNmCoc6uLrO20Yo11pAD%2FetiK8HCeIgW%2BBeafFn%2BVCVML4p%2BXk8cK%2FneCXVuDH5rJ2BEn17DVCdKKShcQIO6RWCLzHgOf1tl0yJ75oRvPjSfUHylMRXNoCRE1WaCrKVsLIGa8Go%2B1APzKdRxtSsaPCETjv%2FFZInprg1qAyDoaPp%2Brm1rALskGV0IZrB5nTZyYcCWbkcV4X8p6%2Fmm3FA5DfT%2BbPj8yqZAoeaeyYklRcnuqWZaLkY4uU3axNwF0v3Dy8mnOVhrLGTTZBFI1d3Xmtp1BNlXvqU7dphoi45E9q1pSDkTD1wSlyeYGL9hTOOHTuj0qGLorGz6ap5gihRBTTeSGdojdIgoxfupsHqOLu65Frj2DVQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Requested by
Host: tiffanys.academy
URL: https://tiffanys.academy/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:3c02::f03c:91ff:fee2:5b0f Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38 / PHP/5.5.38
Resource Hash
64eb984eb4431acfd16f901ecd4b149e72b10c68f22a1d5fa5bb692b8c0e5d15

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://tiffanys.academy/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache
Connection
close
Content-Length
766
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 May 2024 09:03:11 GMT
Pragma
no-cache
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
X-Powered-By
PHP/5.5.38
px
platdom-1.online/api/v1/
Redirect Chain
  • http://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi
  • https://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi
  • https://info.gotrackier.com/sl/KNvwvzD/?pub_id=2&source=Fil-6013bf049a40554bfc1d1f60
  • https://partnerbcgame.com/d81c7ef6d?visit_id=66389cd0427114034650d9d1
  • https://bcgame.top/i-4cxse6dr-n/?spin=true&stag=33636_66389cd087609bad92addd3d
  • https://bcgame.top/?spin=true&stag=33636_66389cd087609bad92addd3d&i=4cxse6dr&s=&c=&utm_source=4cxse6dr
  • http://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi
0
0
Document
General
Full URL
http://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi
Requested by
Host: tiffanys.academy
URL: https://tiffanys.academy/page/bouncy.php?&bpae=GbhGd78molx7j3PVlb%2FioyhR%2FDONYWIgu3efTlpw0d3tv2l%2F9ErF2gt4GKOr6RZCVVARyuBBi1gkZGLf5H%2BRLzX1IOxMcjIQQ4xA02xAJqnmGd%2BxcRcqNmCoc6uLrO20Yo11pAD%2FetiK8HCeIgW%2BBeafFn%2BVCVML4p%2BXk8cK%2FneCXVuDH5rJ2BEn17DVCdKKShcQIO6RWCLzHgOf1tl0yJ75oRvPjSfUHylMRXNoCRE1WaCrKVsLIGa8Go%2B1APzKdRxtSsaPCETjv%2FFZInprg1qAyDoaPp%2Brm1rALskGV0IZrB5nTZyYcCWbkcV4X8p6%2Fmm3FA5DfT%2BbPj8yqZAoeaeyYklRcnuqWZaLkY4uU3axNwF0v3Dy8mnOVhrLGTTZBFI1d3Xmtp1BNlXvqU7dphoi45E9q1pSDkTD1wSlyeYGL9hTOOHTuj0qGLorGz6ap5gihRBTTeSGdojdIgoxfupsHqOLu65Frj2DVQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Protocol
HTTP/1.1
Server
15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ab226b763647f1870.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://tiffanys.academy/page/bouncy.php?&bpae=GbhGd78molx7j3PVlb%2FioyhR%2FDONYWIgu3efTlpw0d3tv2l%2F9ErF2gt4GKOr6RZCVVARyuBBi1gkZGLf5H%2BRLzX1IOxMcjIQQ4xA02xAJqnmGd%2BxcRcqNmCoc6uLrO20Yo11pAD%2FetiK8HCeIgW%2BBeafFn%2BVCVML4p%2BXk8cK%2FneCXVuDH5rJ2BEn17DVCdKKShcQIO6RWCLzHgOf1tl0yJ75oRvPjSfUHylMRXNoCRE1WaCrKVsLIGa8Go%2B1APzKdRxtSsaPCETjv%2FFZInprg1qAyDoaPp%2Brm1rALskGV0IZrB5nTZyYcCWbkcV4X8p6%2Fmm3FA5DfT%2BbPj8yqZAoeaeyYklRcnuqWZaLkY4uU3axNwF0v3Dy8mnOVhrLGTTZBFI1d3Xmtp1BNlXvqU7dphoi45E9q1pSDkTD1wSlyeYGL9hTOOHTuj0qGLorGz6ap5gihRBTTeSGdojdIgoxfupsHqOLu65Frj2DVQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Mon, 06 May 2024 09:03:14 GMT

Redirect headers

Location
http://platdom-1.online/api/v1/px?xmlid=awqnFFJvJFXFl00vZ0c2CnLKF3Pvi5FX7TFkcACi
Non-Authoritative-Reason
HttpsUpgrades

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| forwardingUrl string| destinationUrl boolean| addDetection undefined| inIframe undefined| inPopUp

9 Cookies

Domain/Path Name / Value
info.gotrackier.com/ Name: sess_660bd0469f834577ff130820
Value: 660bc352b54ce254f4021046
.gotrackier.com/ Name: __cf_bm
Value: aK2vCPpeRbzSpMQbicDYHd_3BvVkNEYZbaYc7rKq71s-1714986192-1.0.1.1-UUGCnxMoA.0A.5rVpEcL56eWaFBbm1aHBdePTyOcJrQveircwQeXuxJBuhE7jgzKpk8aEP752v1JReXi_17J6A
partnerbcgame.com/ Name: 6b86b273ff34fce19d6b
Value: 66389cd087609bad92addd3d
.bcgame.top/ Name: invitation-code
Value:
.bcgame.top/ Name: invitation-url
Value: https%3A%2F%2Fbcgame.top%3A443%2Fi-4cxse6dr-n%2F%3Fspin%3Dtrue%26stag%3D33636_66389cd087609bad92addd3d
.bcgame.top/ Name: invitation-alias-code
Value: 4cxse6dr
.bcgame.top/ Name: invitation-view-id
Value:
.bcgame.top/ Name: utm_source
Value: 4cxse6dr
.bcgame.top/ Name: __cf_bm
Value: xKWXIA38QLvYE1j6u7nA9zFPkLswcJuWTUsT0u5B_Cw-1714986193-1.0.1.1-nqkVAe5QyeuUk7x4jz3PPHBgGw3HBepRUQ_qAVHITkReD.tHtO8jrbi_AK_2wMJE8sN5E1MZCa1qpK_RZ8V7mw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bcgame.top
info.gotrackier.com
partnerbcgame.com
platdom-1.online
tiffanys.academy
104.18.32.130
15.197.224.234
172.67.206.74
2600:3c02::f03c:91ff:fee2:5b0f
2606:4700:10::6816:16fd
64eb984eb4431acfd16f901ecd4b149e72b10c68f22a1d5fa5bb692b8c0e5d15