gem2xgiveaway.blogspot.com Open in urlscan Pro
172.217.23.97  Malicious Activity! Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
14 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gem2xgiveaway.blogspot.com/	1 MB 312 KB	753ms 675ms	Document text/html	172.217.23.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gem2xgiveaway.blogspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f1.1e100.net Software GSE / Resource Hash 12d2f6befe2eec9592e541ec4cf75fad69639d0c5e04a6d91e3c91a8e442410b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority gem2xgiveaway.blogspot.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html; charset=UTF-8 expires Mon, 25 Oct 2021 20:10:54 GMT date Mon, 25 Oct 2021 20:10:54 GMT cache-control private, max-age=0 last-modified Sat, 23 Oct 2021 17:05:12 GMT etag W/"90c6c5ca8b81753989be1bcc3e9961ec4a474f3dfc64129ab72f960368036423" content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 318488 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	200	1394523530-widget_css_bundle.css www.blogger.com/static/v1/widgets/	30 KB 31 KB	97ms 21ms	Stylesheet text/css	142.250.184.233 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/1394523530-widget_css_bundle.css Requested by Host: gem2xgiveaway.blogspot.com URL: https://gem2xgiveaway.blogspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.233 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f9.1e100.net Software sffe / Resource Hash 71d3b53f5fc2d9ff983184f539a0c8b9991c31af89b3448ab7475c1ef94e6124 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://gem2xgiveaway.blogspot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 24 Oct 2021 11:16:23 GMT x-content-type-options nosniff age 118471 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 30801 x-xss-protection 0 last-modified Sun, 24 Oct 2021 04:52:59 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Mon, 24 Oct 2022 11:16:23 GMT
GET H2	200	jquery-3.4.1.min.js Show response code.jquery.com/	86 KB 30 KB	50ms 16ms	Script application/javascript	69.16.175.42 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.4.1.min.js Requested by Host: gem2xgiveaway.blogspot.com URL: https://gem2xgiveaway.blogspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS tlb.hwcdn.net Software nginx / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers Accept-Language de-DE,de;q=0.9 Referer https://gem2xgiveaway.blogspot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 25 Oct 2021 20:10:54 GMT content-encoding gzip last-modified Wed, 01 May 2019 21:14:27 GMT server nginx etag W/"5cca0c33-15851" vary Accept-Encoding x-hw 1635192654.dop219.am5.t,1635192654.cds233.am5.hn,1635192654.cds260.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30638
GET DATA	200 OK	truncated /	5 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ebc3d4936e98ab3af51978c1235bda7d006f9d9b4b47acf111f363df93b0c3e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	80 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 943fe2f45c8a3b1ae5a8c9ebc158629cb847ec97b2a12372db6117e443c09b66 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c6613807caf70adf1e72648defdd84341915a716e0f16e29a63dc2b507877a48 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	15 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 52010b0ec35ea6320e158e0f49a763e72a1ef972b9f630a4e81b6a8407694b95 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	806 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dd7f09e58af506f05a2c0f6cc1bedf01e3e6346be95c04b23fc6b7cec95180e9 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bf82b5b7148bf7f3ae01c94d29508087c09fa250768f4e54f015e6b02816487f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 68e98a724ff3d96724d0afe227ebfdd35359899d7d8daf448e3d25815d586928 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	46 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 198f7f8d32f771479af26f52469b8dd04dc50cd187aceb661dd3beeffaa2aebc Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	11 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fa1e6fba6487f5f77ada54b6ca63ab381e40812adf92dcd4997c4956f4cf1831 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	3 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	18 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7efaa318ce74d2c2698a9bc285a6891b9d5aee3454f54b30bbb0c2dc1063b026 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	7 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7229773c07942fdd6ce49432c0b3997579f940295ea2a2dc49f592b3628cb90d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	949 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8160afe6ca82dd6c9970c6d308116cb424f49ecaf621e3091fd23bceff8c6c15 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	3210254948-widgets.js Show response www.blogger.com/static/v1/widgets/	154 KB 154 KB	22ms 21ms	Script text/javascript	142.250.184.233 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.blogger.com/static/v1/widgets/3210254948-widgets.js Requested by Host: gem2xgiveaway.blogspot.com URL: https://gem2xgiveaway.blogspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.233 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f9.1e100.net Software sffe / Resource Hash 73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://gem2xgiveaway.blogspot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Fri, 22 Oct 2021 00:06:00 GMT x-content-type-options nosniff age 331494 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 157384 x-xss-protection 0 last-modified Fri, 15 Oct 2021 18:53:12 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Sat, 22 Oct 2022 00:06:00 GMT
GET H2	200	cookienotice.js Show response gem2xgiveaway.blogspot.com/js/	6 KB 2 KB	24ms 24ms	Script text/javascript	172.217.23.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gem2xgiveaway.blogspot.com/js/cookienotice.js Requested by Host: gem2xgiveaway.blogspot.com URL: https://gem2xgiveaway.blogspot.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f1.1e100.net Software sffe / Resource Hash 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :path /js/cookienotice.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority gem2xgiveaway.blogspot.com referer https://gem2xgiveaway.blogspot.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://gem2xgiveaway.blogspot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 25 Oct 2021 20:10:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 2026 x-xss-protection 0 last-modified Mon, 25 Oct 2021 18:54:09 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Mon, 01 Nov 2021 20:10:54 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| cookieChoices string| BTC string| ETH string| DOGE object| adsbygoogle function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
gem2xgiveaway.blogspot.com
www.blogger.com
142.250.184.233
172.217.23.97
69.16.175.42
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
12d2f6befe2eec9592e541ec4cf75fad69639d0c5e04a6d91e3c91a8e442410b
198f7f8d32f771479af26f52469b8dd04dc50cd187aceb661dd3beeffaa2aebc
1ebc3d4936e98ab3af51978c1235bda7d006f9d9b4b47acf111f363df93b0c3e
52010b0ec35ea6320e158e0f49a763e72a1ef972b9f630a4e81b6a8407694b95
68e98a724ff3d96724d0afe227ebfdd35359899d7d8daf448e3d25815d586928
71d3b53f5fc2d9ff983184f539a0c8b9991c31af89b3448ab7475c1ef94e6124
7229773c07942fdd6ce49432c0b3997579f940295ea2a2dc49f592b3628cb90d
73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c
7efaa318ce74d2c2698a9bc285a6891b9d5aee3454f54b30bbb0c2dc1063b026
8160afe6ca82dd6c9970c6d308116cb424f49ecaf621e3091fd23bceff8c6c15
8c3c5f2623afaaa4ad6af8048c6e37fa1a4ead58a7a00c5d0b680f09b6850eab
943fe2f45c8a3b1ae5a8c9ebc158629cb847ec97b2a12372db6117e443c09b66
bf82b5b7148bf7f3ae01c94d29508087c09fa250768f4e54f015e6b02816487f
c6613807caf70adf1e72648defdd84341915a716e0f16e29a63dc2b507877a48
dd7f09e58af506f05a2c0f6cc1bedf01e3e6346be95c04b23fc6b7cec95180e9
fa1e6fba6487f5f77ada54b6ca63ab381e40812adf92dcd4997c4956f4cf1831
fa98238b98383829699b89aa8d4b2835dd6856dc85e3d7525ac22b0b12d07e69