gemini.geminigifts02.repl.co Open in urlscan Pro
35.186.245.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gemini.geminigifts02.repl.co/btc.html
Effective URL:
https://gemini.geminigifts02.repl.co/btc.html
Submission: On September 21 via manual (September 21st 2021, 2:48:48 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 35.186.245.55, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is gemini.geminigifts02.repl.co.
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.

This is the only time gemini.geminigifts02.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 3	35.186.245.55 35.186.245.55	15169 (GOOGLE) (GOOGLE)
1	69.16.175.10 69.16.175.10	33438 (HIGHWINDS2) (HIGHWINDS2)
5	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
6	104.18.4.127 104.18.4.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	145.239.131.60 145.239.131.60	16276 (OVH) (OVH)
1	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	104.18.28.120 104.18.28.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	9

3 35.186.245.55 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 55.245.186.35.bc.googleusercontent.com

gemini.geminigifts02.repl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.40 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

static.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.4.127 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.coingecko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.coingecko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.131.60 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

chart.apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.120 (None, )

ASN13335 (CLOUDFLARENET, US)

api.coingecko.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	coingecko.com widgets.coingecko.com api.coingecko.com assets.coingecko.com	98 KB
5	tumblr.com static.tumblr.com	412 KB
3	repl.co 1 redirects gemini.geminigifts02.repl.co	81 KB
1	imgur.com i.imgur.com	70 KB
1	google.com chart.apis.google.com	2 KB
1	ibb.co i.ibb.co	3 KB
1	jquery.com code.jquery.com	24 KB
0	twimg.com Failed pbs.twimg.com Failed
19	8

	Domain	Requested by
5	assets.coingecko.com	gemini.geminigifts02.repl.co
5	static.tumblr.com	gemini.geminigifts02.repl.co
3	gemini.geminigifts02.repl.co	1 redirects gemini.geminigifts02.repl.co
1	api.coingecko.com	widgets.coingecko.com
1	i.imgur.com	gemini.geminigifts02.repl.co
1	chart.apis.google.com	gemini.geminigifts02.repl.co
1	i.ibb.co	gemini.geminigifts02.repl.co
1	widgets.coingecko.com	gemini.geminigifts02.repl.co
1	code.jquery.com	gemini.geminigifts02.repl.co
0	pbs.twimg.com Failed	gemini.geminigifts02.repl.co
19	10

This site contains no links.

Subject Issuer	Validity	Valid
geminigifts02.repl.co R3	`2021-08-30` - `2021-11-28`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
tumblr.com DigiCert SHA2 Extended Validation Server CA	`2020-07-09` - `2022-04-14`	2 years	crt.sh
coingecko.com Cloudflare Inc ECC CA-3	`2021-08-20` - `2022-08-19`	a year	crt.sh
ibb.co R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
api.coingecko.com Cloudflare Inc ECC CA-3	`2021-08-03` - `2022-08-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://gemini.geminigifts02.repl.co/btc.html
Frame ID: 21BB77CBBFC3839B1D649B3CBA805468
Requests: 18 HTTP requests in this frame

Frame: https://gemini.geminigifts02.repl.co/comms.html
Frame ID: 8FB3F951A18CF7EB0DDDEC7BC573A824
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

3407 BTC left

Page URL History Show full URLs

http://gemini.geminigifts02.repl.co/btc.html HTTP 308
https://gemini.geminigifts02.repl.co/btc.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

690 kB
Transfer

880 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gemini.geminigifts02.repl.co/btc.html HTTP 308
https://gemini.geminigifts02.repl.co/btc.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request btc.html Show response
gemini.geminigifts02.repl.co/
Redirect Chain

http://gemini.geminigifts02.repl.co/btc.html
https://gemini.geminigifts02.repl.co/btc.html

77 KB
77 KB

323ms
158ms

Document
text/html

35.186.245.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.245.186.35.bc.googleusercontent.com

Software

Resource Hash

c258563caf78aca7a3684c6c175b3d660efb1eb4cce90fd5228983c60266f6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=5893758; includeSubDomains

Request headers

:method: GET
:authority: gemini.geminigifts02.repl.co
:scheme: https
:path: /btc.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-type: text/html; charset=utf-8
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5893758; includeSubDomains
content-length: 78450
date: Tue, 21 Sep 2021 14:48:17 GMT

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://gemini.geminigifts02.repl.co/btc.html
Replit-Cluster: global
Date: Tue, 21 Sep 2021 14:48:17 GMT
Content-Length: 81
Via: 1.1 google

GET
H2 200 jquery-3.4.1.slim.min.js Show response
code.jquery.com/ 69 KB
24 KB 31ms
12ms Script
application/javascript 69.16.175.10
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by: Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2019 21:14:27 GMT
server: nginx
etag: W/"5cca0c33-1157d"
vary: Accept-Encoding
x-hw: 1632235698.dop145.fr8.t,1632235698.cds248.fr8.hn,1632235698.cds260.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24328

GET
H2 200 http__get-mcafee.market_b_index_files_clipboard.js Show response
static.tumblr.com/do7iv2w/swtpwjat5/ 8 KB
8 KB 35ms
6ms Script
application/x-javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/do7iv2w/swtpwjat5/http__get-mcafee.market_b_index_files_clipboard.js

Requested by

Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

30c25c88089ccc0d6373e6f0f36814c97dfaa575543d90a7cb9060903a50ef84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 21 Sep 2021 14:48:18 GMT
last-modified: Tue, 20 Aug 2019 12:03:06 GMT
server: nginx
etag: "92a362208ec351a135d6f43ef3360b77"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 7728

GET
H2 200 http__get-mcafee.market_b_index_files_bootstrap.js Show response
static.tumblr.com/do7iv2w/Rddpwjavf/ 36 KB
36 KB 34ms
5ms Script
application/x-javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/do7iv2w/Rddpwjavf/http__get-mcafee.market_b_index_files_bootstrap.js

Requested by

Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://gemini.geminigifts02.repl.co/
Origin: https://gemini.geminigifts02.repl.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 21 Sep 2021 14:48:18 GMT
last-modified: Tue, 20 Aug 2019 12:04:28 GMT
server: nginx
etag: "5869c96cc8f19086aee625d670d741f9"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 37045

GET
H2 200 big.css
static.tumblr.com/do7iv2w/DDOpwjb9q/ 14 KB
14 KB 34ms
6ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/do7iv2w/DDOpwjb9q/big.css

Requested by

Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

98d13e441ad595feb615fd3f0c550073cc2df8f8a5be48acfc86055f77d09476

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 21 Sep 2021 14:48:18 GMT
last-modified: Tue, 20 Aug 2019 12:13:03 GMT
server: nginx
etag: "d29d53c8fbf085cafdeea3dbfabcade1"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 13962

GET
H2 200 comments.css
static.tumblr.com/n2nup4r/du2pswb6c/ 151 KB
151 KB 34ms
6ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/n2nup4r/du2pswb6c/comments.css

Requested by

Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

5ea0651d51cd133b1f3027b269e894400b0718b3940e40feb281e06b827285c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 21 Sep 2021 14:48:18 GMT
last-modified: Mon, 10 Jun 2019 18:25:25 GMT
server: nginx
etag: "d3785f8a44866e57ec6a6fbb23350cc0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 154791

GET
H2 200 u.css
static.tumblr.com/n2nup4r/R1Gpswbma/ 203 KB
203 KB 34ms
6ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://static.tumblr.com/n2nup4r/R1Gpswbma/u.css

Requested by

Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

2355971060bb834e6ec1a53f591ef953d2093b1c73641ef69aa42ed5246c7928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 21 Sep 2021 14:48:18 GMT
last-modified: Mon, 10 Jun 2019 18:35:00 GMT
server: nginx
etag: "eed4be13514fe61e69c1513bcf5bfec1"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000; preload
accept-ranges: bytes
content-length: 207545

GET
H2 200 coingecko-coin-price-marquee-widget.js Show response
widgets.coingecko.com/ 209 KB
63 KB 60ms
29ms Script
application/javascript 104.18.4.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.coingecko.com/coingecko-coin-price-marquee-widget.js
Requested by: Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa22940bf8ac23ef7b16ea2e1ca743cb189a1ef05ef722ff5f7fca7c5dae9540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
content-encoding: br
cf-cache-status: HIT
age: 414127
cf-polished: origSize=214324
last-modified: Sun, 04 Oct 2020 08:25:01 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 73YVVNDE808Q7C7W
x-amz-id-2: bHxXpXflYEtZQAtzTGmZE5DeIYZs9qqRGEXXyy+iqU6ROD+nQ0xl2yFRkzfRKfrKVHh9uDDdFSk=
cf-bgj: minify
server: cloudflare
etag: W/"b18f0482422d07d9a71b4922ad2b6125"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 692417f8c9105c68-FRA
expires: Wed, 22 Sep 2021 14:48:18 GMT

GET
H2 200 055.png
i.ibb.co/Z6YJvKQ/ 2 KB
3 KB 46ms
15ms Image
image/png 145.239.131.60
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/Z6YJvKQ/055.png
Requested by: Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.239.131.60 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 7db68db912191ac641b159b07985bceaee609355154166b7b2d56018edb1fb9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
last-modified: Mon, 30 Aug 2021 17:07:02 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2414
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chart
chart.apis.google.com/ 2 KB
2 KB 35ms
7ms Image
image/png 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=bc1qvlqa3mudqn9jpgpeg6se9jchl8xhnpvs4mfs56&chld=H|0

Requested by

Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

GoogleChartAPI/1.0 /

Resource Hash

457fa9c16044e42c986373e5aeb36fda940b44c59ed5d4f62fbe68b368a58e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 12:35:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2018 18:35:04 GMT
server: GoogleChartAPI/1.0
age: 7966
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1784
x-xss-protection: 1; mode=block
expires: Tue, 21 Sep 2021 00:36:06 GMT

GET
H2 200 351kRoj.gif
i.imgur.com/ 69 KB
70 KB 30ms
7ms Image
image/gif 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/351kRoj.gif

Requested by

Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

51eddb6deb8ef75df2c8dff112415172bee5b695c4d4b1445e635e6ebaef93c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
x-content-type-options: nosniff
age: 2266872
x-cache: HIT, HIT
content-length: 70979
x-served-by: cache-bwi5182-BWI, cache-fra19162-FRA
last-modified: Thu, 08 Aug 2019 00:29:14 GMT
server: cat factory 1.0
x-timer: S1632235698.114555,VS0,VE1
etag: "cd519e0239f4e797c107e736b71e6070"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 markets Show response
api.coingecko.com/api/v3/coins/ 4 KB
2 KB 482ms
447ms Fetch
application/json 104.18.28.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.coingecko.com/api/v3/coins/markets?vs_currency=usd&ids=bitcoin,ethereum,eos,ripple,litecoin&locale=en
Requested by: Host: widgets.coingecko.com
URL: https://widgets.coingecko.com/coingecko-coin-price-marquee-widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.28.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1af8dfce7376167ec14fea52c6854be660df9ec24661c39a1651bf7544eaacc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
access-control-request-method: *
vary: Accept-Encoding, Origin
cf-cache-status: EXPIRED
content-encoding: br
alternate-protocol: 443:npn-spdy/2
x-request-id: 99a3c1ab-8b99-4fa0-bb58-0a6c6189a34b
x-runtime: 0.006170
server: cloudflare
etag: W/"432860993e8dbf552d6370c860b0b37d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: link, per-page, total
cache-control: max-age=30, public, must-revalidate, s-maxage=30
cf-ray: 692417f9796f5b4a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET MM9DHPWC_400x400.jpg
pbs.twimg.com/profile_images/1383184766959120385/ 0
0

GET
H2 404 comms.html Show response
gemini.geminigifts02.repl.co/ Frame 8FB3 4 KB
4 KB 194ms
194ms Document
text/html 35.186.245.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gemini.geminigifts02.repl.co/comms.html

Requested by

Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.245.186.35.bc.googleusercontent.com

Software

Resource Hash

05a08327e34fcb3cb99cbd6ee41aae57fcd6c386001de5ab25d136f170dc486b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5893757; includeSubDomains

Request headers

:method: GET
:authority: gemini.geminigifts02.repl.co
:scheme: https
:path: /comms.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gemini.geminigifts02.repl.co/btc.html
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/btc.html

Response headers

expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
strict-transport-security: max-age=5893757; includeSubDomains
content-type: text/html; charset=utf-8
date: Tue, 21 Sep 2021 14:48:18 GMT

GET
H2 200 bitcoin.png
assets.coingecko.com/coins/images/1/large/ 6 KB
7 KB 52ms
35ms Image
image/webp 104.18.4.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.coingecko.com/coins/images/1/large/bitcoin.png?1547033579
Requested by: Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24851fb7592d7bbfc727b1f048bb661d8e7342fa5657c0a5f20b682137b9b433

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
cf-cache-status: HIT
age: 113095
cf-polished: origFmt=png, origSize=12242
last-modified: Tue, 07 Nov 2017 07:39:53 GMT
content-length: 6516
content-disposition: inline; filename="bitcoin.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 02JQSZZ8ZAJWBP4E
x-amz-id-2: /dMZorJuy1ETftmdCBtYPO60lZKhqJL4TElliiRtv9mAQczFYkW0Ct3eslEtUfXWH8ZjTlJWhDY=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "565e8c524f6da22928811f836d0b92a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
cf-ray: 692417fcbbd45c68-FRA
expires: Wed, 21 Sep 2022 14:48:18 GMT

GET
H2 200 ethereum.png
assets.coingecko.com/coins/images/279/large/ 7 KB
7 KB 48ms
31ms Image
image/webp 104.18.4.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.coingecko.com/coins/images/279/large/ethereum.png?1595348880
Requested by: Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 939a465a5d19c5777535edd1d47ac1a737ab49eebb21ef96ec35fe902aa8462a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
cf-cache-status: HIT
age: 488352
cf-polished: origFmt=png, origSize=13114
last-modified: Tue, 21 Jul 2020 16:28:02 GMT
content-length: 7014
content-disposition: inline; filename="ethereum.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: TS1YEB3MD1KBSNX6
x-amz-id-2: WdRRa+Sv2eS5kV5G7+wLeD5ryVM4lH2P63W9YeYNc23wVAabe5RXQ+nM/mgF4jgtDRxliOjRBbQ=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "af87366546180c799987073ac53f0733"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
cf-ray: 692417fcbbdd5c68-FRA
expires: Wed, 21 Sep 2022 14:48:18 GMT

GET
H2 200 eos-eos-logo.png
assets.coingecko.com/coins/images/738/large/ 9 KB
10 KB 48ms
31ms Image
image/webp 104.18.4.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.coingecko.com/coins/images/738/large/eos-eos-logo.png?1547034481
Requested by: Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b2715d0b61d55ac2cabe4f2b473ea1e04f9774af40e4cfdf516ff603c0a749b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
cf-cache-status: HIT
age: 490031
cf-polished: origFmt=png, origSize=12049
last-modified: Mon, 09 Apr 2018 03:57:09 GMT
content-length: 9464
content-disposition: inline; filename="eos-eos-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: GWSSB8T9JS87HQMY
x-amz-id-2: sVjQKMyEeddr5wmvVGHc3ivZXWKFrlWWR8MQQMItq8P2F3yi2pzUZImQ1AnNPMs+7/x0BRhQudU=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "97b8cf4915e4d0137df242de72add0c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
cf-ray: 692417fcbbe25c68-FRA
expires: Wed, 21 Sep 2022 14:48:18 GMT

GET
H2 200 xrp-symbol-white-128.png
assets.coingecko.com/coins/images/44/large/ 5 KB
6 KB 44ms
27ms Image
image/webp 104.18.4.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.coingecko.com/coins/images/44/large/xrp-symbol-white-128.png?1605778731
Requested by: Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eb63dce93da0efdd382d8a69111985b9d20ab2d6fc41d1cd7d4486657ca53b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
cf-cache-status: HIT
age: 734396
cf-polished: origFmt=png, origSize=12328
last-modified: Thu, 19 Nov 2020 09:38:53 GMT
content-length: 5450
content-disposition: inline; filename="xrp-symbol-white-128.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 09TBWJ41ZZRF2AK0
x-amz-id-2: GJtnRqAz+1bdg6kIPbMwkX7hWfNBjzw6wF/wSQ+P4Wf3850R1XC8TDJA+ogrsSGAZzwf7OL4I/Y=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "8c9a8c477f324c88cead49db9a5fc1a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
cf-ray: 692417fcbbe65c68-FRA
expires: Wed, 21 Sep 2022 14:48:18 GMT

GET
H2 200 litecoin.png
assets.coingecko.com/coins/images/2/large/ 4 KB
4 KB 48ms
32ms Image
image/webp 104.18.4.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.coingecko.com/coins/images/2/large/litecoin.png?1547033580
Requested by: Host: gemini.geminigifts02.repl.co
URL: https://gemini.geminigifts02.repl.co/btc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5baf49bbab196cf63b0bb296d0d7c0a03b1521b41f9d7b2295404ce7951e1d5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gemini.geminigifts02.repl.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 14:48:18 GMT
cf-cache-status: HIT
age: 734385
cf-polished: origFmt=png, origSize=7680
last-modified: Tue, 07 Nov 2017 07:38:17 GMT
content-length: 3996
content-disposition: inline; filename="litecoin.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: 3H5PFHSM1410D128
x-amz-id-2: N1pjk7+LLrwYYOaGIz6TCqNaWCKCVyaAnXZuQzlr9DuP0e5wLSLWZcyY6QqRUWm6GnhFN93aZoI=
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "2cb0c91b0d82542c140d900d549dddc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
cf-ray: 692417fcbbd75c68-FRA
expires: Wed, 21 Sep 2022 14:48:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pbs.twimg.com
URL: https://pbs.twimg.com/profile_images/1383184766959120385/MM9DHPWC_400x400.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://widgets.coingecko.com/coingecko-coin-price-marquee-widget.js(Line 4) Message: WebSocket connection to 'wss://cable.coingecko.com/cable' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://gemini.geminigifts02.repl.co/comms.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://widgets.coingecko.com/coingecko-coin-price-marquee-widget.js(Line 4) Message: WebSocket connection to 'wss://cable.coingecko.com/cable' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://widgets.coingecko.com/coingecko-coin-price-marquee-widget.js(Line 4) Message: WebSocket connection to 'wss://cable.coingecko.com/cable' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://widgets.coingecko.com/coingecko-coin-price-marquee-widget.js(Line 4) Message: WebSocket connection to 'wss://cable.coingecko.com/cable' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://widgets.coingecko.com/coingecko-coin-price-marquee-widget.js(Line 4) Message: WebSocket connection to 'wss://cable.coingecko.com/cable' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://widgets.coingecko.com/coingecko-coin-price-marquee-widget.js(Line 4) Message: WebSocket connection to 'wss://cable.coingecko.com/cable' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=5893758; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.coingecko.com
assets.coingecko.com
chart.apis.google.com
code.jquery.com
gemini.geminigifts02.repl.co
i.ibb.co
i.imgur.com
pbs.twimg.com
static.tumblr.com
widgets.coingecko.com
pbs.twimg.com
104.18.28.120
104.18.4.127
142.250.181.238
145.239.131.60
151.101.12.193
192.0.77.40
35.186.245.55
69.16.175.10
05a08327e34fcb3cb99cbd6ee41aae57fcd6c386001de5ab25d136f170dc486b
1eb63dce93da0efdd382d8a69111985b9d20ab2d6fc41d1cd7d4486657ca53b6
2355971060bb834e6ec1a53f591ef953d2093b1c73641ef69aa42ed5246c7928
24851fb7592d7bbfc727b1f048bb661d8e7342fa5657c0a5f20b682137b9b433
30c25c88089ccc0d6373e6f0f36814c97dfaa575543d90a7cb9060903a50ef84
457fa9c16044e42c986373e5aeb36fda940b44c59ed5d4f62fbe68b368a58e35
4b2715d0b61d55ac2cabe4f2b473ea1e04f9774af40e4cfdf516ff603c0a749b
51eddb6deb8ef75df2c8dff112415172bee5b695c4d4b1445e635e6ebaef93c3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5baf49bbab196cf63b0bb296d0d7c0a03b1521b41f9d7b2295404ce7951e1d5a
5ea0651d51cd133b1f3027b269e894400b0718b3940e40feb281e06b827285c5
7db68db912191ac641b159b07985bceaee609355154166b7b2d56018edb1fb9d
939a465a5d19c5777535edd1d47ac1a737ab49eebb21ef96ec35fe902aa8462a
98d13e441ad595feb615fd3f0c550073cc2df8f8a5be48acfc86055f77d09476
a1af8dfce7376167ec14fea52c6854be660df9ec24661c39a1651bf7544eaacc
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
c258563caf78aca7a3684c6c175b3d660efb1eb4cce90fd5228983c60266f6e8
fa22940bf8ac23ef7b16ea2e1ca743cb189a1ef05ef722ff5f7fca7c5dae9540

gemini.geminigifts02.repl.co Open in urlscan Pro 35.186.245.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

0 %IPv6

8 Domains

10 Subdomains

9 IPs

4 Countries

690 kBTransfer

880 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

0 Cookies

7 Console Messages

Security Headers

Indicators

gemini.geminigifts02.repl.co Open in urlscan Pro
35.186.245.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

9
IPs

4
Countries

690 kB
Transfer

880 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!