etgiftitems.com Open in urlscan Pro
107.180.116.192 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://etgiftitems.com/mixdesign.club/themeforest/unio/css/overlays/02.html
Submission Tags: @ecarlesi threat phishing Search All
Submission: On April 23 via api (April 23rd 2024, 2:11:09 pm UTC) from IT — Scanned from IT

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 107.180.116.192, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is etgiftitems.com.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.

This is the only time etgiftitems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	107.180.116.192 107.180.116.192	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 2	23.38.98.78 23.38.98.78	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.56.202.168 23.56.202.168	16625 (AKAMAI-AS) (AKAMAI-AS)
8	4

1 107.180.116.192 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 192.116.180.107.host.secureserver.net

etgiftitems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.98.78 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-78.deploy.static.akamaitechnologies.com

img1.wsimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.56.202.168 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-168.deploy.static.akamaitechnologies.com

csp.secureserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	secureserver.net events.api.secureserver.net Failed csp.secureserver.net — Cisco Umbrella Rank: 13060
2	wsimg.com 1 redirects img1.wsimg.com — Cisco Umbrella Rank: 10156	21 KB
1	etgiftitems.com etgiftitems.com	936 B
8	3

	Domain	Requested by
4	csp.secureserver.net	img1.wsimg.com
2	img1.wsimg.com	1 redirects etgiftitems.com
1	etgiftitems.com
0	events.api.secureserver.net Failed	img1.wsimg.com
8	4

This site contains no links.

Subject Issuer	Validity	Valid
www.etgiftitems.com R3	`2024-04-23` - `2024-07-22`	3 months	crt.sh
*.secureserver.net Starfield Secure Certificate Authority - G2	`2023-10-10` - `2024-11-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://etgiftitems.com/mixdesign.club/themeforest/unio/css/overlays/02.html
Frame ID: 0784C5CA770C720B7609E1B343A8181D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Not Found

Page Statistics

8
Requests

63 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

21 kB
Transfer

105 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 02.html Show response
etgiftitems.com/mixdesign.club/themeforest/unio/css/overlays/ 2 KB
936 B 589ms
181ms Document
text/html 107.180.116.192
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://etgiftitems.com/mixdesign.club/themeforest/unio/css/overlays/02.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 107.180.116.192 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 192.116.180.107.host.secureserver.net
Software: Apache /
Resource Hash: a7719cb065bb46bb9db1b7f6a3dd424e7f4b50f171f32ce8294148be15804cef

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 794
content-type: text/html
date: Tue, 23 Apr 2024 14:11:03 GMT
etag: W/"9c0190-4e3-616c6b2f4fe80-br"
last-modified: Tue, 23 Apr 2024 14:11:03 GMT
server: Apache
vary: Accept-Encoding

GET
H2

200

scc-c2.min.js Show response
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain

https://img1.wsimg.com/traffic-assets/js/tccl.min.js
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

103 KB
20 KB

39ms
39ms

Script
text/javascript

23.38.98.78
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by: Host: etgiftitems.com
URL: https://etgiftitems.com/mixdesign.club/themeforest/unio/css/overlays/02.html
Protocol: H2
Server: 23.38.98.78 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-78.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://etgiftitems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

x-amz-version-id: NUbpk_ypfZoRQFFJE7rB4qpj7fMsB7r1
content-encoding: gzip
date: Tue, 23 Apr 2024 14:11:04 GMT
x-amz-request-id: 44SWT47S694C4W4K
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.2.5
content-length: 20488
x-amz-id-2: 32mf9SgdW/F/fDnZ5jHpXGomDkPi0yXUHNGHPcy+4hogYd0YWk6SYz4LWTSB8wD0+rWrCQNLTD1+sdMdS/ME6g==
last-modified: Fri, 22 Mar 2024 13:06:20 GMT
etag: "fdf3f3c180ae2aa6864f9c46a83a37a9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Apr 2024 14:41:04 GMT

Redirect headers

location: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin: *
date: Tue, 23 Apr 2024 14:11:04 GMT
cache-control: max-age=31536000
timing-allow-origin: *
content-length: 0
expires: Wed, 23 Apr 2025 14:11:04 GMT

GET event
events.api.secureserver.net/t/1/tl/ 0
0

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 605ms
166ms Preflight
application/json 23.56.202.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.56.202.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-202-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://etgiftitems.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Tue, 23 Apr 2024 14:11:05 GMT
Expires: Tue, 23 Apr 2024 14:11:05 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: Wrsq9H-GIAMEItg=
x-amzn-requestid: 822a5c44-8cb8-475f-a4c3-d50f2d995e3c
x-amzn-trace-id: Root=1-6627c179-01ea446e6535ca324c685fdf
x-envoy-upstream-service-time: 23

OPTIONS
H/1.1 200
OK eventbus
csp.secureserver.net/ 0
0 648ms
160ms Preflight
application/json 23.56.202.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.56.202.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-202-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://etgiftitems.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type,authorization
Access-Control-Allow-Methods: OPTIONS,POST
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Content-Type: application/json
Date: Tue, 23 Apr 2024 14:11:05 GMT
Expires: Tue, 23 Apr 2024 14:11:05 GMT
Pragma: no-cache
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id: Wrsq-Ea5IAMEl0g=
x-amzn-requestid: 907891d7-c092-485c-bb75-7a123aec02f3
x-amzn-trace-id: Root=1-6627c179-79caa250215726135a449c5c
x-envoy-upstream-service-time: 14

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 233ms
233ms Fetch
application/json 23.56.202.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.56.202.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-202-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://etgiftitems.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 23 Apr 2024 14:11:05 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-6627c179-0ef4c156693147e05816913e
x-amzn-requestid: f469c9b7-4c40-42af-980f-fa2d5e37143e
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 110
Connection: keep-alive
x-amz-apigw-id: Wrsq_Et5IAMEmDw=
Content-Length: 0
Expires: Tue, 23 Apr 2024 14:11:05 GMT

POST
H/1.1 202
Accepted eventbus
csp.secureserver.net/ 0
0 277ms
277ms Fetch
application/json 23.56.202.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.secureserver.net/eventbus

Requested by

Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.56.202.168 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-202-168.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://etgiftitems.com/
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 23 Apr 2024 14:11:05 GMT
Strict-Transport-Security: max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id: Root=1-6627c179-3510f88d065857b10b2e8b88
x-amzn-requestid: c888d86c-6baf-446e-9555-0f155ba45993
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 129
Connection: keep-alive
x-amz-apigw-id: Wrsq_EnOoAMEJnA=
Content-Length: 0
Expires: Tue, 23 Apr 2024 14:11:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: events.api.secureserver.net
URL: https://events.api.secureserver.net/t/1/tl/event?dh=etgiftitems.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.2.5&vg=35431957-883a-4d5b-810a-41b786f5cdb8&vtg=35431957-883a-4d5b-810a-41b786f5cdb8&dp=%2Fmixdesign.club%2Fthemeforest%2Funio%2Fcss%2Foverlays%2F02.html&trace_id=d68b9512788041968ebd9565a2585526&cts=2024-04-23T14%3A11%3A04.289Z&hit_id=945a4cdc-4ccd-44ad-a438-787f5068d4d7&ht=pageview&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl504939%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229849236%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=776200023&z=1935760299

Domain: events.api.secureserver.net
URL: https://events.api.secureserver.net/t/1/tl/event?dh=etgiftitems.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.2.5&vg=35431957-883a-4d5b-810a-41b786f5cdb8&vtg=35431957-883a-4d5b-810a-41b786f5cdb8&dp=%2Fmixdesign.club%2Fthemeforest%2Funio%2Fcss%2Foverlays%2F02.html&trace_id=d68b9512788041968ebd9565a2585526&cts=2024-04-23T14%3A11%3A04.296Z&hit_id=ec40ee73-8cef-4b75-8023-567e165263b8&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl504939%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229849236%22%2C%22cp_cache%22%3A%22%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=776200023&z=182185135&tce=1713881463807&tcs=1713881463413&tdc=1713881464293&tdclee=1713881464293&tdcles=1713881464293&tdi=1713881464293&tdl=1713881463991&tdle=1713881463413&tdls=1713881463413&tfs=1713881463398&tns=1713881463397&trqs=1713881463807&tre=1713881463989&trps=1713881463988&tles=1713881464293&tlee=0&nt=navigate&LCP=630&nav_type=hard

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.etgiftitems.com/	1970-01-21 04:50:17	Name: _tccl_visitor Value: 35431957-883a-4d5b-810a-41b786f5cdb8
.etgiftitems.com/	1970-01-20 20:04:43	Name: _tccl_visit Value: 35431957-883a-4d5b-810a-41b786f5cdb8
.etgiftitems.com/	1970-01-20 20:04:42	Name: _scc_session Value: pc=1&C_TOUCH=2024-04-23T14:11:04.288Z

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp.secureserver.net
etgiftitems.com
events.api.secureserver.net
img1.wsimg.com
events.api.secureserver.net
107.180.116.192
23.38.98.78
23.56.202.168
a7719cb065bb46bb9db1b7f6a3dd424e7f4b50f171f32ce8294148be15804cef
e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664

etgiftitems.com Open in urlscan Pro 107.180.116.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

63 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

21 kBTransfer

105 kBSize

3 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

etgiftitems.com Open in urlscan Pro
107.180.116.192 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

63 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

21 kB
Transfer

105 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions