gem2xgiveaway.blogspot.com
Open in
urlscan Pro
172.217.23.97
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On October 25 via api from FI — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1C3 on October 4th 2021. Valid for: 3 months.
This is the only time gem2xgiveaway.blogspot.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 172.217.23.97 172.217.23.97 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.184.233 142.250.184.233 | 15169 (GOOGLE) (GOOGLE) | |
1 | 69.16.175.42 69.16.175.42 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
5 | 4 |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f1.1e100.net
gem2xgiveaway.blogspot.com |
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f9.1e100.net
www.blogger.com |
ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net
code.jquery.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
blogger.com
www.blogger.com |
184 KB |
2 |
blogspot.com
gem2xgiveaway.blogspot.com |
314 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
5 | 3 |
Domain | Requested by | |
---|---|---|
2 | www.blogger.com |
gem2xgiveaway.blogspot.com
|
2 | gem2xgiveaway.blogspot.com |
gem2xgiveaway.blogspot.com
|
1 | code.jquery.com |
gem2xgiveaway.blogspot.com
|
5 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
medium.com |
gem2xgiveaway-btc.blogspot.com |
gem2xgiveaway-eth.blogspot.com |
gem2xgiveaway-doge.blogspot.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
misc-sni.blogspot.com GTS CA 1C3 |
2021-10-04 - 2021-12-27 |
3 months | crt.sh |
*.blogger.com GTS CA 1C3 |
2021-10-04 - 2021-12-27 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://gem2xgiveaway.blogspot.com/
Frame ID: 9ACBF43D243CA7B2A814134D6EADA943
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
5,000 BTC, 100,000 ETH & 100,000,000 DOGE Tyler Winklevoss Airdrop – MediumDetected technologies
Blogger (Blogs) ExpandDetected patterns
- ^https?://[^/]+\.(?:blogspot|blogger)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Homepage
Search URL Search Domain Scan URL
Title: Become a member
Search URL Search Domain Scan URL
Title: Sign in
Search URL Search Domain Scan URL
Title: Get started
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Click this — official link to get free BTC
Search URL Search Domain Scan URL
Title: Click this — official link to get free ETH
Search URL Search Domain Scan URL
Title: Click this — official link to get free DOGE
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Digital Asset Investor
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
gem2xgiveaway.blogspot.com/ |
1 MB 312 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1394523530-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.min.js
code.jquery.com/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
80 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
806 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
46 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
949 B 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3210254948-widgets.js
www.blogger.com/static/v1/widgets/ |
154 KB 154 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookienotice.js
gem2xgiveaway.blogspot.com/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| cookieChoices string| BTC string| ETH string| DOGE object| adsbygoogle function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
gem2xgiveaway.blogspot.com
www.blogger.com
142.250.184.233
172.217.23.97
69.16.175.42
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
12d2f6befe2eec9592e541ec4cf75fad69639d0c5e04a6d91e3c91a8e442410b
198f7f8d32f771479af26f52469b8dd04dc50cd187aceb661dd3beeffaa2aebc
1ebc3d4936e98ab3af51978c1235bda7d006f9d9b4b47acf111f363df93b0c3e
52010b0ec35ea6320e158e0f49a763e72a1ef972b9f630a4e81b6a8407694b95
68e98a724ff3d96724d0afe227ebfdd35359899d7d8daf448e3d25815d586928
71d3b53f5fc2d9ff983184f539a0c8b9991c31af89b3448ab7475c1ef94e6124
7229773c07942fdd6ce49432c0b3997579f940295ea2a2dc49f592b3628cb90d
73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c
7efaa318ce74d2c2698a9bc285a6891b9d5aee3454f54b30bbb0c2dc1063b026
8160afe6ca82dd6c9970c6d308116cb424f49ecaf621e3091fd23bceff8c6c15
8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab
943fe2f45c8a3b1ae5a8c9ebc158629cb847ec97b2a12372db6117e443c09b66
bf82b5b7148bf7f3ae01c94d29508087c09fa250768f4e54f015e6b02816487f
c6613807caf70adf1e72648defdd84341915a716e0f16e29a63dc2b507877a48
dd7f09e58af506f05a2c0f6cc1bedf01e3e6346be95c04b23fc6b7cec95180e9
fa1e6fba6487f5f77ada54b6ca63ab381e40812adf92dcd4997c4956f4cf1831
fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69