gem2xgivebtc.blogspot.com
Open in
urlscan Pro
2a00:1450:4001:82a::2001
Malicious Activity!
Public Scan
Effective URL: https://gem2xgivebtc.blogspot.com/
Submission Tags: https://phish.report @phish_report Search All
Submission: On December 10 via api from FI — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1C3 on November 8th 2021. Valid for: 3 months.
This is the only time gem2xgivebtc.blogspot.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 2a00:1450:400... 2a00:1450:4001:82a::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2009 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 51.210.222.134 51.210.222.134 | 16276 (OVH) (OVH) | |
7 | 6 |
ASN15169 (GOOGLE, US)
gem2xgivebtc.blogspot.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
blogspot.com
1 redirects
gem2xgivebtc.blogspot.com |
364 KB |
2 |
postimg.cc
1 redirects
i.postimg.cc |
6 KB |
2 |
blogger.com
www.blogger.com |
161 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
11 KB |
1 |
jquery.com
code.jquery.com |
24 KB |
7 | 5 |
Domain | Requested by | |
---|---|---|
3 | gem2xgivebtc.blogspot.com |
1 redirects
gem2xgivebtc.blogspot.com
|
2 | i.postimg.cc |
1 redirects
gem2xgivebtc.blogspot.com
|
2 | www.blogger.com |
gem2xgivebtc.blogspot.com
|
1 | maxcdn.bootstrapcdn.com |
gem2xgivebtc.blogspot.com
|
1 | code.jquery.com |
gem2xgivebtc.blogspot.com
|
7 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
misc-sni.blogspot.com GTS CA 1C3 |
2021-11-08 - 2022-01-31 |
3 months | crt.sh |
*.blogger.com GTS CA 1C3 |
2021-11-08 - 2022-01-31 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://gem2xgivebtc.blogspot.com/
Frame ID: C2595A54C3A5FB9A2F1A19704633539E
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
3403 BTC left3050 BTC leftPage URL History Show full URLs
-
http://gem2xgivebtc.blogspot.com/
HTTP 301
https://gem2xgivebtc.blogspot.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://gem2xgivebtc.blogspot.com/
HTTP 301
https://gem2xgivebtc.blogspot.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://i.postimg.cc/B6NsQPqQ/BTC.png162G2fPGNzWuDc88VqnyHF97xKEaDgmMbu&chld=H%7C0 HTTP 301
- https://i.postimg.cc/B6NsQPqQ/BTC.png
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
gem2xgivebtc.blogspot.com/ Redirect Chain
|
1 MB 361 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1394523530-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.4.1.slim.min.js
code.jquery.com/ |
69 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
69 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
628 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
60 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3210254948-widgets.js
www.blogger.com/static/v1/widgets/ |
154 KB 154 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookienotice.js
gem2xgivebtc.blogspot.com/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BTC.png
i.postimg.cc/B6NsQPqQ/ Redirect Chain
|
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)69 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery object| cookieChoices string| ADDRESS object| adsbygoogle function| wait function| random function| uuidv4 function| bet function| removeArr function| addLink function| sub function| newtr function| insertAfter function| updateTrans function| setProgress number| ctd object| times object| clipboard function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt object| tr string| INT string| OUT string| TXID string| TXID2 string| INCIN string| INOUT number| trans0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
gem2xgivebtc.blogspot.com
i.postimg.cc
maxcdn.bootstrapcdn.com
www.blogger.com
2001:4de0:ac18::1:a:3b
2606:4700::6812:bcf
2a00:1450:4001:828::2009
2a00:1450:4001:82a::2001
51.210.222.134
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06d8bdae7c0b0e34c221284dcbdab06b9b2105f7282e7668f3041e177102a6a7
08659dac6e7638f7aa23efd22f0b699334eda10d8c7f2b09b7c2160d08453032
0c3d01cc7e10b9cb7906234cdc87b48f3f37a10a7e36f967a82c2b077958c8ae
3cb29e14705a1d4c3ab1f677efd4b55a8bf67b82e0e7f5b1ad0ba64b70ed5b3f
3d4483912fb99a6d92afb8d8df59c14ac6e19d220fbc9622fd3f34839c3d1b2e
446927f01697a988be917a850f2c61bbeb36a60892fea136ab47cd7d56b6ad24
51eddb6deb8ef75df2c8dff112415172bee5b695c4d4b1445e635e6ebaef93c3
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
59cbfed897312dcac8fe0283144b5834516a0e871d7b510cc8379952ea7480e1
65067b3d83a0cd6f35ca74938d952d872dd8eaed4627376be25688342af1f505
67a048ac8df300ff6b9ae540b8a5a54c41494a479baa1acad7aeae19cde072ad
68eb70c47ed1dc6866355a51d680fe84a183cc3d9987fe8c2226d1e90b3d1fee
6b29d4c7af7e0fd87a5a973813816f500967398f8b8be28df73648bfdac1c495
71d3b53f5fc2d9ff983184f539a0c8b9991c31af89b3448ab7475c1ef94e6124
73d26343f95024b00a7533c7eaf7175167703ca690ed7b79cd7f93cf8c8f287c
7db68db912191ac641b159b07985bceaee609355154166b7b2d56018edb1fb9d
87d1c62c39a377410a43681ecafff04c739da1123b3d099a6f98c7cf85a92a2f
912e631fd72dd8f6017978f3e55e0e2cd12db5dc214d803fbc68f578c5651b68
a2148c63a1601b45b74230049f1061d6676a51f5408b00b9e64038d0f30f236b
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a77edb9938d9ccb9d57ba731e5287ea1b8a532eaf988e55ea064159c7839f3ce
a7c91da3dcef415ac08683e3b007df2805132ca414859844008ac4d1241a07a9
ac7af8622f30f5dc40787c4b2cb9fe459ff7ffd2aa4c1ffe2052e4b27b7ad82f
d1c230a4664c91cf5b78d2c5bd90a04cb2217e4fc32f640bb57b621b9134467d
ecd178924faf1e4c69615b963f72f4b42c046f4d7500818bf09344d97ba1cfc8
ed327768d226e416d7f026d2ee9d1654d20ba31d273a831e08708adbdf55dbb1
eda1ba05318021e871f80cd383a740ff3ad34d1302d03cd672c37ae700054305
f45efb72c76de85b422ea44223d2a3102192a998e102d6a5077d019b68e66a23
f6c90812a7b43094bf8147443d80ed66082bdc03905fc111beead2d6e67db9db